47153 matches found
iCube Lab (product_details.php?cat_id) Remote SQL injection Vulnerability
IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability iCube Lab productdetails.php?catid AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.icubelab.com/ Persian Gulf 4 Ever! Dork : "Powered by iCube Lab"...
[ MDVSA-2011:121 ] samba
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2011:121 http://www.mandriva.com/security/ Package : samba Date : July 27, 2011 Affected: 2009.0, 2010.1, Corporate 4.0, Enterprise Server 5.0 Problem Description: Multiple vulnerabilities has been discovered and...
WebKit / Apple Safari / Google Chrome multiple security vulnerabilities
WebKit and Apple libraries multiple security vulnerabilities...
Avon Groups (search_result.php?cid) Remote SQL injection Vulnerability
IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Avon Groups searchresult.php?cid AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.avongroups.in/it/ Persian Gulf 4 Ever! Dork : "Powered By: Avon Enterprises Pvt. Ltd. "...
Web Fusion Nepal (tour.php?category) XSS Vulnerability
IRANIAN THE BEST HACKERS IN THE WORLD XSS Vulnerability Web Fusion Nepal tour.php?category AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://webfusion.com.np/ Persian Gulf 4 Ever! Dork : "Powered by: Web Fusion Nepal" "inurl:tour.php?category="...
EMC Captiva eInput security vulnerabilities
Crossite scripting, unsafe ActiveX methods...
EMC Data Protection Advisor information leakage
Cleartext passwords are stored in user readable files...
Coherendz (products.php?cat_id) Remote SQL injection Vulnerability
IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Coherendz products.php?catid AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.coherendz.com/ Persian Gulf 4 Ever! Exploite: www.victim.com/products.php?catid=SQL SpeCial...
CobraScripts (selloffers.php?cid) Remote SQL injection Vulnerability
IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability CobraScripts selloffers.php?cid AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://cobrascripts.com/ Persian Gulf 4 Ever! Dork : "Powered by CobraScripts" "inurl:catsell.php?cid...
Chrome Web Solutions (details.php?cat_id) (listing_more.php?id) Remote SQL injection Vulnerability
IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Chrome Web Solutions details.php?catid listingmore.php?id AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.chromewebsolutions.com/ Persian Gulf 4 Ever! Dork : "Powered By ...
A1 Solutions (cat_sell.php?cid) Remote SQL injection Vulnerability
IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability A1 Solutions catsell.php?cid AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.a1sols.com/ Persian Gulf 4 Ever! Dork : "Powered by A1 Solutions" "inurl:catsell.php?cid="...
ZDI-11-243: WebKit ContentEditable Inline Style Remote Code Execution Vulnerability
ZDI-11-243: WebKit ContentEditable Inline Style Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-243 July 27, 2011 -- CVE ID: CVE-2011-0232 -- CVSS: 9, AV:N/AC:L/Au:N/C:C/I:P/A:P -- Affected Vendors: WebKit -- Affected Products: WebKit -- TippingPointTM IPS...
ZDI-11-239: Apple Safari Webkit FrameOwner Element Remote Code Execution Vulnerability
ZDI-11-239: Apple Safari Webkit FrameOwner Element Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-239 July 27, 2011 -- CVE ID: CVE-2011-0233 -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P -- Affected Vendors: Apple -- Affected Products: Apple WebKit --...
Wireshark 1.6.1 Malformed IKE Packet Denial of Service
Wireshark 1.6.1 Malformed IKE Packet Denial of Service ------------------------------------------------------------------ I. Summary A flaw has been identified in Wireshark 1.6.1 concerning IKEv1 protocol dissector and the function prototreeadditem ,when add more than 1000000 items to a...
[USN-1179-1] ClamAV vulnerability
========================================================================== Ubuntu Security Notice USN-1179-1 July 28, 2011 clamav vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubunt...
Multiple DoS, CSRF and XSS vulnerabilities in ADSL modem Callisto 821+
Hello 3APA3A! This is the last advisory in which I'll warn you about new multiple security vulnerabilities in ADSL modem Callisto 821+ SI2000 Callisto821+ Router. This time I will tell you about Security section of control panel, which is full of vulnerabilities. These are Denial of Service,...
ESA-2011-024: EMC Captiva eInput multiple vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2011-024: EMC Captiva eInput multiple vulnerabilities. EMC Identifier: ESA-2011-024 CVE Identifier: CVE-2011-1743, CVE-2011-1744 Affected products: EMC SW: EMC Captiva eInput 2.1.1 Vulnerability Summary: EMC Captiva eInput contains two...
Vegetav (news_item.php?id) Remote SQL injection Vulnerability
IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Vegetav newsitem.php?id AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.vegetav.co.uk/ Persian Gulf 4 Ever! Dork : "website design by Vegetav" "inurl:newsitem.php?id="...
Infocus Web Solutions (news_desc.php?id) Remote SQL injection Vulnerability
IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Infocus Web Solutions newsdesc.php?id AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.infocuswebdesigning.com/ Persian Gulf 4 Ever! Dork : "Powered by Infocus Web Solutio...
Sitecore CMS 6.4 Open URL Redirect Vulnerability
Product Name: Sitecore CMS 6.4 Vendor: http://www.sitecore.net Date: 28 July, 2011 Author: [email protected] [email protected] Original URL: http://www.tomneaves.com/SitecoreCMSOpenURLRedirect.txt Discovered: 30 June, 2011 Disclosed: 28 July, 2011 I. DESCRIPTION Sitecore is a CMS system used wide...
Solutiontech (product.php?cat_id) Remote SQL injection Vulnerability
IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Solutiontech product.php?catid AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.solutiontechindia.com/ Persian Gulf 4 Ever! Dork : "Powered by Solutiontech"...
[USN-1181-1] libsoup2.4 vulnerability
========================================================================== Ubuntu Security Notice USN-1181-1 July 28, 2011 libsoup2.4 vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...
libsoup library directory traversal
Directory traversal in Web request handling...
[security bulletin] HPSBMU02669 SSRT100346 rev.3 - HP Data Protector Media Management Daemon (mmd), Remote Denial of Service (DoS)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02940981 Version: 1 HPSBMU02669 SSRT100346 rev.3 - HP Data Protector Media Management Daemon mmd, Remote Denial of Service DoS NOTICE: The information in this Security Bulletin should be acted up...
ZDI-11-242: Apple Safari Rendering Object Body Detachment Remote Code Execution Vulnerability
ZDI-11-242: Apple Safari Rendering Object Body Detachment Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-242 July 27, 2011 -- CVE ID: CVE-2011-0255 -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P -- Affected Vendors: Apple -- Affected Products: Apple Safari --...
Multiple XSS in GBook PHP guestbook
Vulnerability ID: HTB23028 Reference: http://www.htbridge.ch/advisory/multiplexssingbookphpguestbook.html Product: GBook PHP guestbook Vendor: PHPJunkyar http://www.phpjunkyard.com Vulnerable Version: 1.7 and probably prior Tested on: 1.7 Vendor Notification: 06 July 2011 Vulnerability Type: XSS...
Agent Image (news_details.php?news_ID) Remote SQL injection Vulnerability
IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Agent Image newsdetails.php?newsID AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.agentimage.com/ Persian Gulf 4 Ever! Dork : "Design by Agent Image"...
Zones Web Solution (status.asp?print) (search_result.php?loc_id) Remote SQL injection Vulnerabilities
IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerabilities Zones Web Solution status.asp?print searchresult.php?locid AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.zones.in/ Persian Gulf 4 Ever! Dork : "Powered by Zones Web...
G2webCMS (products.php?cat_id) (member-profile.php?profile) Remote SQL injection Vulnerability
IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability G2webCMS products.php?catid member-profile.php?profile AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.g2web.com/ Persian Gulf 4 Ever! Dork : "Powered by G2webCMS"...
HP Data Protector Media Management Daemon DoS
No description provided...
Gopal Systems (products.php?cat_id) Remote SQL injection Vulnerability
IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Gopal Systems products.php?catid AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.gopalsystems.com/ Persian Gulf 4 Ever! Dork : "Powered by: Gopal Systems."...
FootBall Cms (view_table_lig.php?group) XSS Vulnerability
IRANIAN THE BEST HACKERS IN THE WORLD XSS Vulnerability FootBall Cms viewtablelig.php?group AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Persian Gulf 4 Ever! Dork : "inurl:viewtablelig.php?group=" Exploite: www.victim.com/viewtablelig.php?group=1&namelig=XSS...
[security bulletin] HPSBMU02692 SSRT100581 rev.2 - HP SiteScope, Remote Cross Site Scripting (XSS) and Session Fixation Attack
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02940969 Version: 2 HPSBMU02692 SSRT100581 rev.2 - HP SiteScope, Remote Cross Site Scripting XSS and Session Fixation Attack NOTICE: The information in this Security Bulletin should be acted upon...
[USN-1176-1] DBus vulnerability
========================================================================== Ubuntu Security Notice USN-1176-1 July 26, 2011 dbus vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu...
Wireshark sniffer DoS
Crash on IKE packet parsing...
Dow Group (dynamic.php?id) (sub.php?solutioncat_id) (news_desc.php?id) (product.php?id) Remote SQL injection Vulnerability
IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Dow Group dynamic.php?id sub.php?solutioncatid newsdesc.php?id product.php?id AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.dowgroup.com/ Persian Gulf 4 Ever! Dork :...
Canoy Softwares (search_result.php?loc_id) Remote SQL injection Vulnerability
IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Canoy Softwares searchresult.php?locid AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://canoysoft.in/ Persian Gulf 4 Ever! Dork : "Powered by Canoy Softwares"...
WOC Consulting (search_result.php?cid) Remote SQL injection Vulnerability
IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability WOC Consulting searchresult.php?cid AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.woc-consulting.com/ Persian Gulf 4 Ever! Dork : "Powered by WOC Consulting Canada"...
Zones Web Solution (StoneDetails.php?stone) XSS Vulnerability
IRANIAN THE BEST HACKERS IN THE WORLD XSS Vulnerability Zones Web Solution StoneDetails.php?stone AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.zones.in/ Persian Gulf 4 Ever! Dork : "Powered By : Zones Web Solution"...
HP OpenView Performance Agent DoS
It's possible to remove arbitrary files via TCP/383 HTTP request...
TeamSHATTER Security Advisory: Oracle Enterprise Manager vulnerable to XSS (sitemap page)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 TeamSHATTER Security Advisory Oracle Enterprise Manager vulnerable to Cross-site scripting sitemap page July 26, 2011 Risk Level: Medium Affected versions: Oracle Enterprise Manager Grid Control versions 10.1.0.6 Oracle Enterprise Manager control...
TeamSHATTER Security Advisory: Oracle Enterprise Manager vulnerable to XSS (notifRuleInfo$mode page)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 TeamSHATTER Security Advisory Oracle Enterprise Manager vulnerable to Cross-site scripting notifRuleInfo$mode page July 26, 2011 Risk Level: Medium Affected versions: Oracle Enterprise Manager Grid Control versions 10.1.0.6 Oracle Enterprise Manager...
TeamSHATTER Security Advisory: Oracle Enterprise Manager vulnerable to XSS (metricDetail$type page)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 TeamSHATTER Security Advisory Oracle Enterprise Manager vulnerable to Cross-site scripting metricDetail$type page July 26, 2011 Risk Level: Medium Affected versions: Oracle Enterprise Manager Grid Control versions 10.1.0.6, 10.2.0.5 Oracle Enterprise...
ZDI-11-240: Apple Safari Webkit SVG Marker Remote Code Execution Vulnerability
ZDI-11-240: Apple Safari Webkit SVG Marker Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-240 July 27, 2011 -- CVE ID: CVE-2011-1453 -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P -- Affected Vendors: Apple -- Affected Products: Apple WebKit -- TippingPointTM IPS...
cgcraft llc (info.php?id) (news_item.php?id) Remote SQL injection Vulnerability
IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability cgcraft llc info.php?id newsitem.php?id AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.cgcraft.com/ Persian Gulf 4 Ever! Dork : "website by cgCraft llc"...
Oracle / Sun / Peoplesoft applications multiple security vulnerabilities
Quarterly critical patch update closes 78 different vulnerabilities in all major applications...
[SECURITY] [DSA 2286-1] phpmyadmin security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2286-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst July 26, 2011 http://www.debian.org/security/faq -...
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
ioQuake3 game engine security vulnerabilities
Shell characters vulnerability, code execution...
Two security issues fixed in ioQuake3 engine
Hello, Quake 3 is a popular online first person shooter developed by IDsoftware 1 that has been released in 1999 and is still widely played. After the release of the source code under the GPL, the ioQuake3 project 2 was started that is dedicated to maintaining the existing codebase. Several game...