exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 16 of 16 RSS Feed

Files from Andreas Sandblad

Email addressas at secunia.com
First Active2004-02-03
Last Active2006-11-18
secunia-panda.txt
Posted Nov 18, 2006
Authored by Andreas Sandblad | Site secunia.com

Secunia Research has discovered two vulnerabilities and a weakness in Panda ActiveScan version 5.53.00, which can be exploited by malicious people to disclose system information, cause a DoS (Denial of Service), and compromise a user's system.

tags | advisory, denial of service, vulnerability
SHA-256 | 70227b6f2cc310218fac2ae9e81c5d58bbd5500f893213d04e068eff7fce0cdc
secunia-deluxebb.txt
Posted Jun 21, 2006
Authored by Andreas Sandblad | Site secunia.com

Secunia Research has discovered some vulnerabilities in DeluxeBB version 1.06, which can be exploited by malicious people to conduct SQL injection attacks and compromise a vulnerable system.

tags | exploit, vulnerability, sql injection
advisories | CVE-2006-2914, CVE-2006-2915
SHA-256 | dabd3850dcb181b78f640f41286930158f735aa2641bb4e983e057e7c47f4b6b
secunia-cmsMundo.txt
Posted Jun 21, 2006
Authored by Andreas Sandblad | Site secunia.com

Secunia Research has discovered two vulnerabilities in CMS Mundo version 1.0 build 007, which can be exploited by malicious people to conduct SQL injection attacks and compromise a vulnerable system.

tags | advisory, vulnerability, sql injection
advisories | CVE-2006-2911, CVE-2006-2931
SHA-256 | c01cb438a40a860be28eb49b660964a6dcff479b929e888513af815a54a05093
secunia-mybb.txt
Posted Jun 15, 2006
Authored by Andreas Sandblad | Site secunia.com

Secunia Research has discovered a vulnerability in MyBB, which can be exploited by malicious people to compromise a vulnerable system. Input passed to the username field when registering is not properly sanitized before being used in a "preg_replace" call with the "e" modifier in the "domecode()" function in inc/functions_post.php. This can be exploited to execute arbitrary PHP code by first registering with a specially crafted username and then previewing a post containing the "/slap" string. The vulnerability has been confirmed in version 1.1.2. Prior versions may also be affected.

tags | advisory, arbitrary, php
advisories | CVE-2006-2908
SHA-256 | c59306225b180770f26b6156627ae47fc1bec7b713c1aec00ae29f93c21adac2
secunia-SelectaPix.txt
Posted Jun 12, 2006
Authored by Andreas Sandblad | Site secunia.com

Secunia Research has discovered some vulnerabilities in SelectaPix version 1.31, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.

tags | exploit, vulnerability, xss, sql injection
SHA-256 | 93e653e7eea27cd305721490efe229af9bb3c11026f732cfdc7bd444fe7daa41
secunia-ADOdb.txt
Posted Jan 10, 2006
Authored by Andreas Sandblad | Site secunia.com

Secunia Research has discovered two security issues in ADOdb, which can be exploited by malicious people to disclose system information, execute arbitrary SQL code, and potentially compromise a vulnerable system. Details provided. ADOdb versions 4.66 and 4.68 for PHP are affected.

tags | exploit, arbitrary, php
SHA-256 | a212b5763393fa5ec35a8dfe35d726cc4f7c2a8000c581074fd8516fbf88411b
secunia-IE.txt
Posted Dec 14, 2005
Authored by Andreas Sandblad | Site secunia.com

Secunia Research has discovered a vulnerability in Microsoft Internet Explorer 6.0, which can be exploited by malicious people to trick users into executing malicious files. The vulnerability is caused due to a design error in the processing of keyboard shortcuts for certain security dialogs.

tags | advisory
advisories | CVE-2005-2829
SHA-256 | 8cbe12f30ecdf09218a3ea3684d7b349517dd89e19fcae3c26d49df76d3c246e
secunia-ATutor.txt
Posted Oct 30, 2005
Authored by Andreas Sandblad | Site secunia.com

Secunia Research has discovered some vulnerabilities in ATutor, which can be exploited by malicious people to conduct cross-site scripting attacks, disclose sensitive information, and compromise a vulnerable system. The vulnerabilities have been confirmed in version 1.5.1-pl1. Other versions may also be affected.

tags | exploit, vulnerability, xss
SHA-256 | ea4981890b687d4caff07c6b7157202c331ffe371d5cb42efe41a196ad0226d2
secunia-Mantis.txt
Posted Oct 27, 2005
Authored by Andreas Sandblad | Site secunia.com

Secunia Research has discovered a vulnerability in Mantis, which can be exploited by malicious people to compromise a vulnerable system. Input passed to the t_core_path parameter in bug_sponsorship_list_view_inc.php is not properly verified before it used to include files. This can be exploited to include arbitrary files from external and local resources. Affected versions: Mantis 0.19.2 and 1.0.0rc2. Other versions may also be affected.

tags | exploit, arbitrary, local, php
SHA-256 | 9bffa4eac73d1c9558283150c0455ab3a80cf530a7ad18fdfa75a7a20f03f5d7
secunia-phpfusion.txt
Posted Oct 7, 2005
Authored by Andreas Sandblad | Site secunia.com

Secunia Research has discovered two vulnerabilities in PHP-Fusion, which can be exploited by malicious people to conduct SQL injection attacks. Version below 6.00.110 are affected.

tags | advisory, php, vulnerability, sql injection
SHA-256 | f9c204d96d4414417c87801e9766a44a5edd45b03eb95dd55b165f028e2cdc4f
secres18022005-1.txt
Posted Feb 25, 2005
Authored by Andreas Sandblad | Site secunia.com

Secunia Research Advisory - Secunia Research has discovered a vulnerability in Yahoo! Messenger, which can be exploited by malicious people to trick users into executing malicious files.

tags | advisory
advisories | CVE-2005-0243
SHA-256 | 513774c469defad1cd93cfb1ccb109ae36b76b727993df1dca8cea05c194fcad
secres09022005-2.txt
Posted Feb 23, 2005
Authored by Andreas Sandblad | Site secunia.com

Secunia Research Advisory - Secunia Research has discovered multiple vulnerabilities in Microsoft Internet Explorer, which can be exploited by malicious people to disclose sensitive information, bypass certain security restrictions and compromise a user's system. The vulnerability is caused due to insufficient validation of drag and drop events from the Internet zone to local resources for valid images containing script code.

tags | advisory, local, vulnerability
advisories | CVE-2005-0053
SHA-256 | 2eee21ac49aa560258b69dd6762e4286626ce13abb43d92f80b9357c13e36ac2
secres09022005-1.txt
Posted Feb 23, 2005
Authored by Andreas Sandblad | Site secunia.com

Secunia Research Advisory - Secunia Research has discovered a vulnerability in Internet Explorer, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an input validation error in the javascript function createControlRange(). This can be exploited by e.g. a malicious website to cause a heap memory corruption situation where the program flow is redirected to the heap. Successful exploitation allows execution of arbitrary code.

tags | advisory, arbitrary, javascript
advisories | CVE-2005-0055
SHA-256 | e83fb11602b47295a7788c8bcfa19e0e7589f43c11094461b867690119fb22f7
Secunia Security Advisory 11070
Posted Feb 23, 2005
Authored by Secunia, Andreas Sandblad | Site secunia.com

Secunia Security Advisory - Secunia Research has discovered a weakness in Sun Java Plugin, allowing malicious web sites to write arbitrary content to a file with a predictable name. The weakness has been confirmed in version 1.5.0 (build 1.5.0_01-b08). Other versions may also be affected.

tags | advisory, java, web, arbitrary
SHA-256 | 8ac5907e09fa5b9dd46bb903505f7837bf71e510eb6eeaa7181394353c2b6742
sandblad13.txt
Posted Feb 25, 2004
Authored by Andreas Sandblad

Using the mozilla browser, while linking to a new page it is still possible to interact with the old page before the new page has been successfully loaded. Any javascript events fired will be invoked in the context of the new page, making cross site scripting possible if the pages belong to different domains.

tags | advisory, javascript, xss
SHA-256 | 8a39c48fd07d754c3d4be6f69961bdef39e4b016dba987bf15576e212c7df063
JSinject.txt
Posted Feb 3, 2004
Authored by Andreas Sandblad

There lies a way to inject a javascript url in the history list of Microsoft Internet Explorer causing a cross site/zone scripting attack when the user presses the backbutton. An attacker may use this to read arbitrary cookies/local files and execute programs leading to total system compromise if IE is run as administrator.

tags | exploit, arbitrary, local, javascript
SHA-256 | e01b9463a639085838e90199fac938b440e307d2558b62b00d81aa347385b6ed
Page 1 of 1
Back1Next

File Archive:

August 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    20 Files
  • 2
    Aug 2nd
    4 Files
  • 3
    Aug 3rd
    6 Files
  • 4
    Aug 4th
    55 Files
  • 5
    Aug 5th
    16 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    13 Files
  • 9
    Aug 9th
    13 Files
  • 10
    Aug 10th
    34 Files
  • 11
    Aug 11th
    16 Files
  • 12
    Aug 12th
    5 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    25 Files
  • 16
    Aug 16th
    3 Files
  • 17
    Aug 17th
    6 Files
  • 18
    Aug 18th
    4 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close