the original cloud security
Showing 1 - 11 of 11 RSS Feed

Files from Dr. Marian Ventuneac

Email addressmarian.ventuneac at ul.ie
First Active2008-12-16
Last Active2011-11-30
ExpressionEngine 2.2.2 / CodeIgniter 2.0.3 Cross Site Scripting
Posted Nov 30, 2011
Authored by Dr. Marian Ventuneac

ExpressionEngine version 2.2.2 and CodeIgniter version 2.0.3 suffer from filter bypass and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2011-4025
MD5 | 9efc5b60e039e81fa3c75461993a0340
Apache Struts 2 / XWork / WebWork Path Disclosure
Posted May 20, 2011
Authored by Dr. Marian Ventuneac

Apache Struts 2, XWork, and WebWork suffer from a java class path information disclosure vulnerability.

tags | advisory, java, info disclosure
advisories | CVE-2011-2088
MD5 | 7606f80c180a5321df31ec163f7a3d80
Apache Struts 2 Cross Site Scripting
Posted May 11, 2011
Authored by Dr. Marian Ventuneac

Apache Struts 2 framework before version 2.2.3 is vulnerable to reflected cross site scripting attacks when default XWork generated error messages are displayed.

tags | exploit, xss
advisories | CVE-2011-1772
MD5 | 93eded5516cc19b7d840340afd01379a
Google Message Security SaaS Cross Site Scripting
Posted Sep 16, 2010
Authored by Dr. Marian Ventuneac

Multiple persistent and reflected Cross-Site Scripting (XSS) vulnerabilities were identified in Security Console (Admin Console), Message Center Classic and Message Center II services of Google Message Security (powered by Postini).

tags | exploit, vulnerability, xss
MD5 | d787d35d1432d68b726179b34705a9f1
Google Message Security SaaS SQL Injection
Posted Sep 16, 2010
Authored by Dr. Marian Ventuneac

Google Message Center II service (build 6_24) was found vulnerable to SQL Injection attacks. When exploited by an attacker, the identified vulnerability could lead to Information Disclosure (map database structure, extract data from available tables), Denial of Service (consume server resources by injecting SQL heavy queries), etc.

tags | advisory, denial of service, sql injection, info disclosure
MD5 | 0405ab30aaf1c0df0d16152d0ec6e696
Proventia Network Mail Security System CRLF Injection
Posted Sep 14, 2010
Authored by Dr. Marian Ventuneac

Web-based Local Management Interface (LMI) of IBM Proventia Network Mail Security System appliance (firmware 1.6) is vulnerable to a CRLF Injection vulnerability. When exploited by an authenticated attacker, such vulnerability could lead to compromising the security of the appliance, allowing injection of custom HTTP cookies, forcing external redirects, potential HTTP Response Splitting attacks, etc.

tags | exploit, web, local
advisories | CVE-2010-0155
MD5 | b33fa31884cc24654eed0944f1b1330c
Proventia Network Mail Security System Insecure Direct Object Reference
Posted Sep 14, 2010
Authored by Dr. Marian Ventuneac

Web-based Local Management Interface (LMI) of IBM Proventia Network Mail Security System appliance (firmware 1.6) is vulnerable to an Insecure Direct Object Reference vulnerability. When exploited by an authenticated attacker, such vulnerability could lead to compromising the security of the appliance, allowing OS command execution, local file inclusion resulting in exposure of appliance configuration files, source code, etc.

tags | exploit, web, local, file inclusion
advisories | CVE-2010-0154
MD5 | 3fc270ecdc1794cc8d007e37a8664b2d
Proventia Network Mail Security System Cross Site Scripting
Posted Sep 14, 2010
Authored by Dr. Marian Ventuneac

Web-based Local Management Interface (LMI) of IBM Proventia Network Mail Security System appliance (firmware 1.6 and 2.5) is vulnerable to multiple persistent and reflected XSS attacks. When exploited by an external/internal attacker, such identified vulnerabilities could lead to Session Hijack, Information Disclosure, force installation of malicious file or Trojan on users' PCs, etc.

tags | exploit, web, local, trojan, vulnerability, info disclosure
advisories | CVE-2010-0152
MD5 | d000347eefac0631f9db2c32676ba011
Proventia Network Mail Security System Cross Site Request Forgery
Posted Sep 14, 2010
Authored by Dr. Marian Ventuneac

Web-based Local Management Interface (LMI) of IBM Proventia Network Mail Security System appliance (firmware 1.6 and 2.5) is vulnerable to XSRF attacks. When exploited by an attacker, the identified vulnerabilities could lead to compromising the security of the appliance, including unauthorized alteration of appliance's settings, DoS attacks, etc.

tags | advisory, web, local, vulnerability
advisories | CVE-2010-0153
MD5 | a7c33ddbc980e9108cfed7c62030ef57
Barracuda Message Archiver
Posted Dec 16, 2008
Authored by Dr. Marian Ventuneac

The Barracuda Networks Message Archiver product is vulnerable to persistent and reflect cross site scripting attacks.

tags | exploit, xss
advisories | CVE-2008-0971
MD5 | 6973347777a16623bf5f6a82a2a5af4d
Barracuda Spam Firewall SQL Injection
Posted Dec 16, 2008
Authored by Dr. Marian Ventuneac

The Barracuda Networks Spam Firewall is vulnerable to various remote SQL injection attacks.

tags | exploit, remote, sql injection
advisories | CVE-2008-1094
MD5 | c37b32f840d330fe8820cbc93abdc714
Page 1 of 1
Back1Next

File Archive:

October 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    15 Files
  • 2
    Oct 2nd
    16 Files
  • 3
    Oct 3rd
    15 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    11 Files
  • 6
    Oct 6th
    6 Files
  • 7
    Oct 7th
    2 Files
  • 8
    Oct 8th
    1 Files
  • 9
    Oct 9th
    13 Files
  • 10
    Oct 10th
    16 Files
  • 11
    Oct 11th
    15 Files
  • 12
    Oct 12th
    23 Files
  • 13
    Oct 13th
    13 Files
  • 14
    Oct 14th
    12 Files
  • 15
    Oct 15th
    2 Files
  • 16
    Oct 16th
    16 Files
  • 17
    Oct 17th
    16 Files
  • 18
    Oct 18th
    15 Files
  • 19
    Oct 19th
    10 Files
  • 20
    Oct 20th
    7 Files
  • 21
    Oct 21st
    4 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close