Jasmine CMS version 1.0 SQL injection and remote code execution exploit.
07fd84c504ba9ef31b7ee61355b21a2ed90c49e111f3f274c0add331555c58d8
MiniBill version 1.2.5 suffers from a remote file inclusion vulnerability in run_billing.php.
474f3766765762c9a7a9ccfd2748616e12d51e852b804cbaa5d792606070e5ee
Solar Empire versions 2.9.1.1 and below blind SQL injection and hash retrieval exploit.
5fc0ba250cada89b50bbdf2917ebb50b75cf1a9415a6be0b84099e72d552970a
MiniBB version 2.0.5 local file inclusion exploit.
84a3770e4b1a2c8e8e1ecb284cb3d4115f3ff02a14739544654bc4cc883701a4
YourFreeScreamer version 1.0 suffers from a remote file inclusion vulnerability.
7229cd86b3f1c419c56a46bcf0a792a0335eb626bd17d5c6452273fa308e7f21
phpMyInventory version 2.8 suffers from a remote file inclusion vulnerability in global.inc.php.
3a13280f3a30004485abd8c7cb75aeb8385bd5eaaa3c9efa15e7da27c4f76d14
Simple Machines Forum (aka SMF) version 1.1.2 suffers from PHP injection and a weak CAPTCHA system. Exploit included to break the CAPTCHA.
804c1a0a8f9eac81a336292bc52e53b359f021e708e75f6bfbf33aa684e05734
Debian Security Advisory 1311-1 - It was discovered that the PostgreSQL database performs insufficient validation of variables passed to privileged SQL statement called "security definers", which could lead to SQL privilege escalation.
f08303e0be1766a41d362b7f6b57ab00c0283603b5318df656b3e21da5e27cd5
Utopia News Pro version 1.4.0 suffers from a cross site scripting vulnerability.
d44ae4310ef855d2f6a2512c581ae5743c5bae5757e51c7dc6de8af2e89f8899
WSportal version 1.0 suffers from a SQL injection vulnerability.
63b3914006fdc477bafedb2046b91a6c12a734ab99f02367d62371c9fa3e41ec
p0f performs passive OS detection by watching SYN packets with tcpdump. Additionally, it is able to determine distance to the remote host, and can be used to determine the structure of a foreign or local network. When running on the gateway of a network it is able to gather huge amounts of data and provide useful statistics. On a user-end computer it could be used to track which operating systems are making each connection. p0f supports full tcpdump-style filtering expressions, and has an easily modified fingerprinting database. Note that this version is the win32 compiled version. Original code by Michal Zalewski, compiling by David Coomber.
e5665aaef9dea1dbdd6c08e7f76453874a605f513f2c431e34a940104a886c8e
Debian Security Advisory 1310-1 - A vulnerability has been discovered in libexif, a library to parse EXIF files, which allows denial of service and possible execution of arbitrary code via malformed EXIF data.
967623ddb81a7982e09c9a0c4fed2f8f1ce6412d50236b450aacc4657b41fd37
Mandriva Linux Security Advisory - A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox program, version 2.0.0.4.
e1a9acb96925546add3e1ce254a50bbc614252f074056a0ef5979608da50141f
Debian Security Advisory 1309-1 - It was discovered that the PostgreSQL database performs insufficient validation of variables passed to privileged SQL statements, so called "security definers", which could lead to SQL privilege escalation.
50aa9626cfa4730da2fe0ed5a11678a3a2a16dad9a652c32e07e8f4b9cd94973
Whitepaper discussing security implications with PostgreSQL when improperly configured.
394fde0a55e01e4ceacd902f672a2e8f17f90c73974cfcf7a60f272b62d35440
Safari version 3.0.1 for Windows appears to suffer from a denial of service condition in corefoundation.dll.
3eb10776e8d0480314e59dc2a8e510c996109a6b09fea84edeceb51250f9432f
Debian Security Advisory 1304-1 - Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code.
32a9a2f20377739a47fa7d5c7bff44f5ffa3ce0d0a0a58fdfd7b4b880621dba8
Mandriva Linux Security Advisory - A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox program, version 2.0.0.4.
05c53ade90b873cf4bb988e7c07cf6d6684d8a3da90559b82317f62755e0aff3
phpListPro version 2.0.1 suffers from a cross site scripting flaw.
4ac08140ae3c4f00c6daf5b11559df1a45663acd0a1fd3b36d12bd4c45de1e95
Papoo Light CMS version 3.6 suffers from cross site scripting flaws.
e579f75a655d419fa11dd11b26f62c32799f3cbefdaed0aa31631736bd823045
Gentoo Linux Security Advisory GLSA 200706-05 - ClamAV contains several vulnerabilities leading to a Denial of Service. Versions less than 0.90.3 are affected.
b4e345fa075f4c567e32596985e2cd9f416f9aef985602312552f6b5d244db90
Call For Papers for Breakpoint Security's first event being held in downtown Monterrey, Nuevo Leon, Mexico from November 17th through the 18th.
d7786dfa721cc722d1926c589272515ddd37a16c7bc86d0320b8b0b9f9736257