Secunia Research has discovered two vulnerabilities and a weakness in Panda ActiveScan version 5.53.00, which can be exploited by malicious people to disclose system information, cause a DoS (Denial of Service), and compromise a user's system.
70227b6f2cc310218fac2ae9e81c5d58bbd5500f893213d04e068eff7fce0cdc
Secunia Research has discovered some vulnerabilities in DeluxeBB version 1.06, which can be exploited by malicious people to conduct SQL injection attacks and compromise a vulnerable system.
dabd3850dcb181b78f640f41286930158f735aa2641bb4e983e057e7c47f4b6b
Secunia Research has discovered two vulnerabilities in CMS Mundo version 1.0 build 007, which can be exploited by malicious people to conduct SQL injection attacks and compromise a vulnerable system.
c01cb438a40a860be28eb49b660964a6dcff479b929e888513af815a54a05093
Secunia Research has discovered a vulnerability in MyBB, which can be exploited by malicious people to compromise a vulnerable system. Input passed to the username field when registering is not properly sanitized before being used in a "preg_replace" call with the "e" modifier in the "domecode()" function in inc/functions_post.php. This can be exploited to execute arbitrary PHP code by first registering with a specially crafted username and then previewing a post containing the "/slap" string. The vulnerability has been confirmed in version 1.1.2. Prior versions may also be affected.
c59306225b180770f26b6156627ae47fc1bec7b713c1aec00ae29f93c21adac2
Secunia Research has discovered some vulnerabilities in SelectaPix version 1.31, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.
93e653e7eea27cd305721490efe229af9bb3c11026f732cfdc7bd444fe7daa41
Secunia Research has discovered two security issues in ADOdb, which can be exploited by malicious people to disclose system information, execute arbitrary SQL code, and potentially compromise a vulnerable system. Details provided. ADOdb versions 4.66 and 4.68 for PHP are affected.
a212b5763393fa5ec35a8dfe35d726cc4f7c2a8000c581074fd8516fbf88411b
Secunia Research has discovered a vulnerability in Microsoft Internet Explorer 6.0, which can be exploited by malicious people to trick users into executing malicious files. The vulnerability is caused due to a design error in the processing of keyboard shortcuts for certain security dialogs.
8cbe12f30ecdf09218a3ea3684d7b349517dd89e19fcae3c26d49df76d3c246e
Secunia Research has discovered some vulnerabilities in ATutor, which can be exploited by malicious people to conduct cross-site scripting attacks, disclose sensitive information, and compromise a vulnerable system. The vulnerabilities have been confirmed in version 1.5.1-pl1. Other versions may also be affected.
ea4981890b687d4caff07c6b7157202c331ffe371d5cb42efe41a196ad0226d2
Secunia Research has discovered a vulnerability in Mantis, which can be exploited by malicious people to compromise a vulnerable system. Input passed to the t_core_path parameter in bug_sponsorship_list_view_inc.php is not properly verified before it used to include files. This can be exploited to include arbitrary files from external and local resources. Affected versions: Mantis 0.19.2 and 1.0.0rc2. Other versions may also be affected.
9bffa4eac73d1c9558283150c0455ab3a80cf530a7ad18fdfa75a7a20f03f5d7
Secunia Research has discovered two vulnerabilities in PHP-Fusion, which can be exploited by malicious people to conduct SQL injection attacks. Version below 6.00.110 are affected.
f9c204d96d4414417c87801e9766a44a5edd45b03eb95dd55b165f028e2cdc4f
Secunia Research Advisory - Secunia Research has discovered a vulnerability in Yahoo! Messenger, which can be exploited by malicious people to trick users into executing malicious files.
513774c469defad1cd93cfb1ccb109ae36b76b727993df1dca8cea05c194fcad
Secunia Research Advisory - Secunia Research has discovered multiple vulnerabilities in Microsoft Internet Explorer, which can be exploited by malicious people to disclose sensitive information, bypass certain security restrictions and compromise a user's system. The vulnerability is caused due to insufficient validation of drag and drop events from the Internet zone to local resources for valid images containing script code.
2eee21ac49aa560258b69dd6762e4286626ce13abb43d92f80b9357c13e36ac2
Secunia Research Advisory - Secunia Research has discovered a vulnerability in Internet Explorer, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an input validation error in the javascript function createControlRange(). This can be exploited by e.g. a malicious website to cause a heap memory corruption situation where the program flow is redirected to the heap. Successful exploitation allows execution of arbitrary code.
e83fb11602b47295a7788c8bcfa19e0e7589f43c11094461b867690119fb22f7
Secunia Security Advisory - Secunia Research has discovered a weakness in Sun Java Plugin, allowing malicious web sites to write arbitrary content to a file with a predictable name. The weakness has been confirmed in version 1.5.0 (build 1.5.0_01-b08). Other versions may also be affected.
8ac5907e09fa5b9dd46bb903505f7837bf71e510eb6eeaa7181394353c2b6742
Using the mozilla browser, while linking to a new page it is still possible to interact with the old page before the new page has been successfully loaded. Any javascript events fired will be invoked in the context of the new page, making cross site scripting possible if the pages belong to different domains.
8a39c48fd07d754c3d4be6f69961bdef39e4b016dba987bf15576e212c7df063
There lies a way to inject a javascript url in the history list of Microsoft Internet Explorer causing a cross site/zone scripting attack when the user presses the backbutton. An attacker may use this to read arbitrary cookies/local files and execute programs leading to total system compromise if IE is run as administrator.
e01b9463a639085838e90199fac938b440e307d2558b62b00d81aa347385b6ed