Paidversion suffers from a remote SQL injection vulnerability in tr.php.
6490b5897d8de0a0498d928bec5640bdd6214d55b1cc097cf23b5a9def36902aSmall write up discussing a recent vulnerability in Opera where certain Unicode characters were being treated as whitespace, enabling many cross site scripting attacks.
c73da3a6553cf1a4adf4fd7c8c5fcc4a5b94b03d0654e98b0e75016ec244c2bfKasseler CMS version 1.1.0 and 1.2.0 Lite suffer from remote SQL injection vulnerabilities.
90bbb19b951de37af6c9718d8435687abb26c8030c217d004aff055f30479809Linkarity suffers from a remote SQL injection vulnerability in link.php.
749458bfc8c2f4e76379307251d061d3470ac5028da19d19751c0f457abcb829FoT Video scripti version 1.1b suffers from a remote SQL injection vulnerability.
ddb3774464ed85693f27977f9fa2959870f518bc60fff818e6d9c27753af24cdMandriva Linux Security Advisory - A vulnerability was discovered in the mod_proxy module in Apache where it did not limit the number of forwarded interim responses, allowing remote HTTP servers to cause a denial of service (memory consumption) via a large number of interim responses. A cross-site scripting vulnerability was found in the mod_proxy_ftp module in Apache that allowed remote attackers to inject arbitrary web script or HTML via wildcards in a pathname in an FTP URI. The updated packages have been patched to prevent these issues.
eefcd7affcefc029018a74894afb697590a6b4c89f838d1f022b84f5df80b7afMandriva Linux Security Advisory - A cross-site scripting vulnerability was found in the mod_proxy_ftp module in Apache that allowed remote attackers to inject arbitrary web script or HTML via wildcards in a pathname in an FTP URI. The updated packages have been patched to prevent these issues.
dade434f9e5a0c7e7bcaf59b0a7ac1fbaac10219396b5fb73bd94b97642f1eedMandriva Linux Security Advisory - Gavin McCullagh of Griffith College Dublin reported an issue in Kolab v1 where user passwords were being recorded in the Apache log files due to Kolab using HTTP GET requests rather than HTTP POST requests. This would allow any users with access to the Apache log files to harvest user passwords and possibly other sensitive data. The patch to fix this problem also corrects and issue where non-alphanumeric characters in passwords, set via the Kolab web interface, did not work. The updated packages have been patched to prevent these issues.
a75bdefa3b8d2673fdde10342ab937cf94d78b59675f1935eb13af10b2d06c23Apparently you can commit a successful denial of service against the Nokia e90 (s60v3) using aireplay-ng.
d87f1e398c273ef3f7341f0292bdddc7793aaa5e91e0c257dfa8c3feeb428d8dThe Personal FTP Server version 6.0f RETR denial of service exploit.
276ccf181969240ca69b86ed1602aa57d2c226fa7dca9dd807540365d8d508a7A simple command-line converter written in C language (win32) that converts input as string or integer. ASCII to Binary/Decimal/Octal/Hexadecimal, Binary to Decimal/Octal/Hexadecimal, Decimal to Binary/Octal/Hexadecimal. ROT13 and URL Unicode UTF-8 encoding feature. Compiled .exe binary and .c source code included. Updated version of CoolCon v0.01.
392ec663c9c93e275fd1274efd86547bfdef1c6ec969eef361b2d3a1a199cfe9fphpSmartCom version 0.2 suffers from local file inclusion and SQL injection vulnerabilities.
993d9d3fef9574acc406e8a8d1fd19163cfa8404478bf2edeacf2d41f94c88e6Sport Clubs Web Panel version 0.0.1 remote game deletion exploit.
b72082fea6c59c477cc5fece99995f113a5129ac2066ea47ba816d5ed95b348dpLink version 2.07 remote blind SQL injection exploit.
5178ad095558d29a97c34c687b44f366fe40ab090ca8b340fcc93526f34f17edFree PHP VX Guestbook version 1.06 suffers from an insecure cooking handling vulnerability.
88cd0a6528c02757c6e7eca1ab5e69fac04510ebc227c2bfcc005279b3be7c72Free PHP VX Guestbook version 1.06 suffers from an arbitrary database backup vulnerability.
da44138ca67a43d9f17d691277fe74afc622cbb8ac4f78c2e808f3443bb5b1e7Talkback version 2.3.6 suffers from local file inclusion and phpinfo disclosure vulnerabilities.
944d3571a37b831f7a613ea890989bee34e429937ef7990a8f6bb2ebb112f425Windows Media Encoder Active-X control buffer overflow exploit that leverages wmex.dll and is referenced in MS08-053.
23102fd2c9d285d38ea8bb7ccd14daa3197771ecf702c6063740aadb5132db5aSecunia Security Advisory - Secunia Research has discovered a vulnerability in Trend Micro OfficeScan, which can be exploited by malicious people to compromise a vulnerable system.
106ec5ce88bf8cec8e4955728350ceacc973582fdf93474e5362bfbdbc9830e4Secunia Security Advisory - Hussin X has reported a vulnerability in ACG-ScriptShop, which can be exploited by malicious people to conduct SQL injection attacks.
c13639b3b596aa3c2deb4ec55322fc5d7a263dfd6234d22dae904c64c223adfbSecunia Security Advisory - Fedora has issued an update for httrack. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a vulnerable system.
0cddc383631155ba690f7a6922fbe57e834aca4f96a0c1ee6c5fde5bddd4c86dSecunia Security Advisory - Fedora has issued an update for fedora-ds-base. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service).
b26a2e1f02dfb941d8b9c17586a6bde97f2e5645ba9aeece34a41c9e1aa1ede2Secunia Security Advisory - Fedora has issued an update for wordpress. This fixes a vulnerability, which can be exploited by malicious people to guess automatically generated passwords.
ba9275f0edbb7e5d9b2d50dffcd41dd6d97e1291745ddcd08635deeaec89eeb2
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed