The Journal module in PHP-Nuke 7.9 and prior suffers from SQL injection in search.php. POC exploit included that grabs the password hash of the first admin.
40ad3ad70a9f57b3cc49988097b061fa80de6c8711bc229ffddc02499ec38ffbMDCrack is a free, feature filled password cracker designed to bruteforce several commonly used hash algorithms at a very aggressive speed rate. It can retrieve any password made of up to 8 characters (16 for PIX algorithms) and 55 characters when salted. In order to achieve the highest possible speed rate, this program uses several cores for each algorithm it supports. Each one of these cores provides a different level of optimization designed to best fit with a specific set of command line options. Whatever command line configuration is used, MDCrack will always arrange to use the best available core. To date, this program supports bruteforce attacks on MD2, MD4, MD5, NTLMv1 and PIX (enable and users) hashes, the list of algorithms is growing up. Multithreading allows for parallel cracking and load sharing between several CPUs and multiplies overall speed by the number of available processor(s).
9593af74b8a11d0e64180ad1fb001d350707f3825c6d32f9b31644937f17766cGotfault Security - Advisory #05 - 27/10/06: Mozilla Firefox versions 1.5.0.7 and below and 2.0 are vulnerable to a DoS condition within its javascript Range object. In a special condition, a NULL Pointer Deference occurs and Firefox crashes.
a61a61829061ed72e42ab783fce63df6af4daca196bb1f319626d1aa50817666[ECHO_ADV_53$2006] QnECMS 2.5.6 and prior suffers from a remote file inclusion vulnerability. POC included.
733ebb8377a50199e69b9da0cbb6f3654743bc36eaff2716480b508480449189PHPEasyData Pro 2.2.1 suffers from a SQL injection vulnerability in index.php.
93957c683fe4d2f5ebd9d040aeaf2dd43dd14767ca78db7d857e54026040c2dfPHPEasyData Pro 1.4.1 suffers from a SQL injection vulnerability in index.php.
7380b97e1b8b001231a50ed112fa550ac5c19bd85582448e13982906fdb18d4cSimple Website Software v0.99 suffers from a remote file inclusion vulnerability in common.php.
1ac885848dfa405c74f37210d6b6fd713968106daf5c996bda618fa5a8c068eb[MajorSecurity Advisory #29]: foresite CMS - Cross Site Scripting Issue.
8591278f8bbfc8be498a8207e57066ecce64c04c52e794b04cb177d5929572a8easy notes manager (eNM) version 0.0.1 is affected by multiple SQL injection issues. POC included that demonstrates how to bypass authentication.
8bf434113a79d20b0e13eca016af6e6321a692aac41cb63c7a6ec3adf04d23fdfreenews suffers from a remote file inclusion vulnerability in aff_news.php.
43180f66f3412167a1dc5c115a4e1389f16dc7f0e26ab1184101fa6574bcb5d8A SQL injection vulnerability has been found in the search.asp script of WebWizForum.
cead45ff35294fdd3b96eea233a7ef20ecfb57a70f0706f879b2c00a0b636710Remote exploit for Exporia versions 0.3.0 and prior remote file inclusion vulnerability.
183b507d646cee848ada27494f71e8282579022ef9d72ed92d35c5a851a4805bCentiPaid 1.4.3 suffers from a remote file inclusion vulnerability in centipaid_class.php.
74d04a6ebac9eedda8901b1302fce530bf665d9a96f321d0f8f2c4de403ae812Ban v0.1 suffers from a remote file inclusion vulnerability in bannieres.php.
f4dbe3054fbd4c53680517920f642827a7a85b4bd4ac6cf747cacca5e3c388d7Thepeak File Upload v1.3 suffers from a vulnerability that allows anyone to download arbitrary files.
db1a83ee51bf4f34d0bc53cc287cb75b3dfe587fccc7457d086eb90ebb8b179cApplications which fail to provide their own filtering on top of the inbuilt .NET request filtering may be vulnerable to XSS attacks. Provided that a web application solely relies on .NET request filtering before echoing input back to the web browser, it is possible to inject scripting code and successfully launch XSS attacks by submitting a specially crafted request.
dd910ad2db757329a92d803219be35c477e9961683836178d55fca2a887cde87Hosting Controller 6.1 Hotfix less than or equal to 3.2 suffers from multiple vulnerabilities which can allow an unauthenticated user to delete sites and perform SQL injection attacks.
ffc11d2df863ea35c6e64a9f5a38fb2415ce40baf728e21b7e1e6c9cd529599bphpAdsNew 2.0.8 suffers from a file inclusion vulnerability in adlayer.php.
6dc84f0a6700e071f98a2299db48574c707a98487ad7357dce230185c4842dc9Secunia Security Advisory - Some vulnerabilities have been reported in Free File Hosting, which can be exploited by malicious people to compromise a vulnerable system.
c417f3b1403e655517cc03eadec6d6e8090e0a08c15c4b60a1fb71422e6e9226Secunia Security Advisory - ajann has reported a vulnerability in Techno Dreams Announcement, which can be exploited by malicious people to conduct SQL injection attacks.
7bc222043155d0bf4dd3e218da068579891041797baaa27eaffdf573b6d52a38Secunia Security Advisory - ajann has reported a vulnerability in Techno Dreams Guestbook, which can be exploited by malicious people to conduct SQL injection attacks.
113e49308775559397c4fb2c8dff44469c9df684ebdca1ccf88d9ecb2a9409deSecunia Security Advisory - Greg Linares has discovered some vulnerabilities in Easy File Sharing Web Server, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to disclose sensitive information.
c6e2c16cfa4a83180b50f49bc2a4d9cb918c90863de86047c096a0f9871232f7Secunia Security Advisory - Mandriva has issued an update for ImageMagick. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
0b5942cd94bfebea643930aa51b9cacbfb1c932ac7b938c12e97b0872a2f5456Secunia Security Advisory - Mandriva has issued an update for postgresql. This fixes some vulnerabilities, which can be exploited by malicious users to cause a DoS (Denial of Service).
9179cfbbcd8baad686d3eb81777e2aad92e506232be6e0a5ef93dc036327525eSecunia Security Advisory - Some vulnerabilities have been reported in various Informix Products, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
4474f9ffc116a320d92cc32a4f2f6260e9810704359684cdce62c387cef3b01e
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed