Oscommerce Max version 2.0.25 suffers from a backup creation and download vulnerability.
5e74018474eda8cf0fa93c922c9191eee7ec4049bdf870c9ee7ceaadb6330a05XAOS CMS suffers from a remote SQL injection vulnerability.
e5cfd804a58020e6e3ea34bdfeb752cd128c65e425ab5be93d4ff719c3f0b7bdBallettin Forum suffers from multiple remote SQL injection vulnerabilities.
f03d45799067236e31f36dd25387a83d8965b28786b1e5b55b2a18aab9b3912bFreeway CMS version 1.4.3.210 suffers from a remote SQL injection vulnerability.
4e5f2a0cfddbc3d5700204c48260d7bee3e8451f021e2523e722d97d3fe49383CMS Ignition suffers from a remote SQL injection vulnerability.
03c0470ef1e1dba6af2c26304f9863eb2654a230b43b92c7139ef6a9dd46055b3dl.am Script Mtxkl Raidrush suffers from cross site scripting and remote SQL injection vulnerabilities.
1b2e68fbd7fac5c86d96bb86dcaa4852d45ad71c3d1085124e4009127447f9beThe Joomla Youtube component version 1.5 suffers from a remote SQL injection vulnerability.
3d3aff5e4a9c61938a2125377aa7583720a7da8f90dfc14f045bf0a43a05d64asNews suffers from a remote SQL injection vulnerability.
254ea89845f7694dae2b2659cadb767ceb55eb06e8ae2970e1f99fe1c94e7cc7WhiteBoard version 0.1.30 suffers from remote blind SQL injection vulnerabilities.
08940cc3306709a98b325d021b6aaa33acdc5351462748d950fbbd0d70ca9524MC Content Manager suffers from cross site scripting and remote SQL injection vulnerabilities.
265d3681b6a219ca2ac1a882ec056dc41c776f5a0d34b9c0b0aebeb14467c0913dl.am script Mtxkl Raidrush suffers from a directory traversal vulnerability.
ef641ec6615369fa4ad61a8289948915fb64db161474a396bbe03bdce503403eThe Joomla Joomdle component versions 0.24 and below suffer from a remote SQL injection vulnerability.
18a11204fa4c7562f0e132f72db346d6c0c2ffd7e0b5fecb25a342472d28929aThe Joomla ITArmory component versions 0.1.4 and below suffer from a remote SQL injection vulnerability.
25eaa7e9ae09769f184b27863ed884dc9580e39d93ea900ac1f38515884cb529Joomla Ozio Gallery suffers from a remote SQL injection vulnerability.
16e938780e8a05708d0545e656f2a7cb8f3aa64d4f345e9ed3ba31cecfd73c26AKY Blog suffers from a remote SQL injection vulnerability.
c3a762b0e66ad9d02464352076649c078bb846a6e7935d488f9cc7243ebbb179Open Realty versions 2.x and 3.x suffer from a cross site scripting vulnerability.
4edffd92873f6d0432b445dc3aee21e798f34b7ee06ac97855d237da9d1a53acsNews version 1.7 suffers from a remote SQL injection vulnerability.
8329c73e296f2263dee0d22900f0090b71d972823e0815a6ee378817958895c5DM Filemanager version 3.9.11 suffers from a remote shell upload vulnerability.
904489762eb37640de806a4fd5670e130094b0a27d057968fbc176b572dcc444vBulletin version 3.8.6 suffers from an information disclosure vulnerability in faq.php.
108c236ac3fab0c324e45083ac23839cfa7fc8d0ead4c2c1bd6c28cd0e132ebbValidForm Builder Script suffers from a remote command execution vulnerability.
75f6e57e5d860b0e0dccba8af1959d7e6c2335c705a1ab05b97365e2d1b06193Media Player Classic - Home Cinema suffers from a heap overflow that allows for denial of service.
30e227492e64f775662af66505e9dcafe5e3d54f6030b593accb7af46202fe3dIt has been discovered that certain e-mail message cause Outlook to create Windows shortcut-like attachments or messages within Outlook. Through specially crafted TNEF streams with certain MAPI attachment properties, it is possible to set a path name to files to be executed. When a user double clicks on such an attachment or message, Outlook will proceed to execute the file that is set by the path name value. These files can be local files, but also file stored remotely for example on a file share. Exploitation is limited by the fact that its is not possible for attackers to supply command line options.
ab93992908b391872063eb727124195509f9b1f508ffa2326a5648dea3d63372It has been discovered that certain e-mail message cause Outlook to create Windows shortcut-like attachments or messages within Outlook. Through specially crafted TNEF streams with certain MAPI attachment properties, it is possible to set a path name to files to be executed. When a user double clicks on such an attachment or message, Outlook will proceed to execute the file that is set by the path name value. These files can be local files, but also file stored remotely for example on a file share. Exploitation is limited by the fact that its is not possible for attackers to supply command line options.
374645d7192e9108d3159d89b407cc6d190d245e40fe2cd224e4b6852b6629ecThis Metasploit module exploits a stack buffer overflow in the RPC interface of the Microsoft DNS service. The vulnerability is triggered when a long zone name parameter is supplied that contains escaped octal strings. This Metasploit module is capable of bypassing NX/DEP protection on Windows 2003 SP1/SP2. This Metasploit module exploits the RPC service using the \\\\DNSSERVER pipe available via SMB. This pipe requires a valid user account to access, so the SMBUSER and SMBPASS options must be specified.
e9b0527ebdd2cf04d5a8b77d31a915ef02a016adafac8d7e3310e2c2e5502c34This Metasploit module exploits a stack buffer overflow in the RPC interface of the Microsoft DNS service. The vulnerability is triggered when a long zone name parameter is supplied that contains escaped octal strings. This Metasploit module is capable of bypassing NX/DEP protection on Windows 2003 SP1/SP2.
9b7e6f209365505dfcd113a948db7bfb7bbb370bb024a1d2ca6fb2feabc1c1cf
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed