H-Sphere versions 2.4.3 Patch 8 and below suffer from a cross site scripting vulnerability.
01f1b7916b7aa517c3d61becc582f024b4788ff0c1e2cb131e4e4417227b4346FogBugz versions 4.029 and below suffer from a cross site scripting vulnerability.
69bcc10ae466ddfbc9181b97006a4351051b6e3e1b49b31a209a3bf0c849a5cbInterspire TrackPoint NX versions below 0.1 suffer from a cross site scripting vulnerability.
bc4986d450edf7480ea5ddb37c233abdcb96810d7403be4ed571727bcb7da91bProof of concept file inclusion exploit for PHP scripts that suffer from this sort of vulnerability.
22e75534ac29d070b879bb660bfd710f4b8a0cd93dfcde41c7c1172cf5eead53slsnif aka Serial Line Sniffer version 0.4.4 local root exploit.
7044dc09ab1c2fff2e8facb27b5f8da29335f2ec94b707262a3868eef911a178MyPhPim version 01.05 is susceptible to cross site scripting and SQL injection vulnerabilities. Exploitation details provided.
eeef0931b9afa48322ab03f07593527991dc7fd8d24cba2c2378ba282718c777eStara Softphone buffer overflow exploit that makes use of a vulnerability in the SIP stack processing. Versions 3.0.1.14 and 3.0.1.46 were verified vulnerable.
382b1c07faea1deb25c0e2911fccc9df59685b96488eb391a4d7676a072f4005Cisco IP Phone 7940 remote denial of service exploit that causes it to reboot.
bc6e8e57335f75baeb61ffe8ec15c3cbd077132ea32bdbb346f719d54de771dcxmame -lang local buffer overflow exploit.
b16ed6af2a8d6dd81c593c2f5319d1002843e52ea49f008c85f8cb0ea10f81f3IronWall version 7.41 is susceptible to a classic directory traversal attack.
a408882d450fc5822fcb602c01268d8b380f8df3722f4d70f98c5f469eae7bf3exploitlabs.com Advisory 047 - AspTopSites is susceptible to SQL injection attacks. Details on exploitation provided.
ae0500296b7791f6b8c62c297a23bd0ff3f72a1806282d10ee61c8b5a66629a4Two denial of service exploits that make of newly discovered flaws in Microsoft Windows WMF handling. These flaws are different than those covers in MS06-001.
8f586f24f7e76ab474f2e5cd2f771f6279b97cb16c545f51a459e76f48d8cfc1Magic News Plus versions 1.0.3 and below remote administrative password changing exploit.
e913c44b929b58ec02f35a6c2b53e8c0f02721f22335d21763d166a58054998eWeb Wiz Forums versions 6.34 and below are susceptible to a cross site scripting attacks.
0affa61efe7fc7d93ee4732db603919e640ba3c9e78084ad2b41ba50c9195532Secunia Research has discovered two security issues in ADOdb, which can be exploited by malicious people to disclose system information, execute arbitrary SQL code, and potentially compromise a vulnerable system. Details provided. ADOdb versions 4.66 and 4.68 for PHP are affected.
a212b5763393fa5ec35a8dfe35d726cc4f7c2a8000c581074fd8516fbf88411bVenom Board version 1.22 is susceptible to SQL injection attacks. Exploitation details provided.
3428fc1e0da0ce604b5ba5a1b8dafdd1a446a0953647add156d4d23ea007b2daBSD Securelevels can be circumvented at runtime. By mounting another filesystem, immutable files can be masked. Masking means placing an arbitrary file at the location of an immutable file, without changing the immutable file itself. Details on how this can be exploited are included.
5f212654aa72d63c5f2b0e62bbabc43d84e3b56af267179ad9b967469a4f15bavBulletin version 3.5.2 is susceptible to cross site scripting attacks.
a64a9933a806b595011660fd9c1b7bd3ab7a1df6ed2a9533de689cc75d49cf2aVarious America Online (AOL) Instant Messenger scripts are susceptible to cross site scripting attacks. Full details provided.
dedd64e2a408ea9097aad05922bad5eaa3287194a328da1f40e7a1224948cdaeVarious America Online (AOL) scripts are susceptible to cross site scripting attacks. Full details provided.
2ab707ded3fd5add6400840d28183f089d70c10ab488dab6fd4bb309a690db76427BB versions 2.2 and 2.2.1 are susceptible to cookie-based authentication bypass, SQL injection, and cross site scripting attacks. Exploitation details provided.
3d20ef52be148f59375f8a238325d33534ed06878ab38aaaef22a1292c357f23The PHP-Nuke Pool and News module is susceptible to cross site scripting via IMG tags.
e398fc531fa58993a48cc54807b58e297f686c56dd93bf4fefc1a04f3e668b62The Xoops Pool module is susceptible to cross site scripting via IMG tags.
e2596114159f2fdb970e93755a1c7814648bccc25d110be890da0b1db67ab3baOrjinweb E-Commerce is susceptible to a remote file inclusion vulnerability. Example provided.
dc96168adf14f0888a3cb5e02f6187d95dcf4dd5d7be89a4ce96d5c24b0a8be2PHPNuke EV 7.7 is susceptible to SQL injection attacks via the query variable in the search module.
dddeb2bb1f206c19946cb86a6a3b7a1be6827d38c277d90223382560458ded36
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed