Star Articles version 6.0 suffers from a remote blind SQL injection vulnerability.
a0adcb9d91aa8c1237af063e0d60406dd2257ceccd03441e0444e716c3165538Post Affiliate Pro version 3 suffers from a blind SQL injection vulnerability in index.php.
a86bd739cc6e10a746c4580dbe002c93dc27a866189c8b4ecc5077aab0a3cf23Chipmunk Guestbook suffers from cross site scripting and SQL injection vulnerabilities.
a276e86bf46656839b38c01774b863884e01fa79f105f97284225e2d2a3c59ccChipmunk Directory suffers from cross site scripting and SQL injection vulnerabilities.
75a8f70f132fb0b95a804223ed32dec307df92eb528f18bc73fd8170f7db57daChipmunk Topsites suffers from cross site scripting and SQL injection vulnerabilities.
4ae68170a1dc25712986b26ce42e22e7c3e0dd1019ceece872cedc96687893f6Chipmunk Blog suffers from cross site scripting vulnerabilities.
105b23e18efaf2df53fd7bb4f4a89387498bc829d855859f1537ae43859e95ffChipmunk Board suffers from cross site scripting and SQL injection vulnerabilities.
91c82421642617ac2cac2f589d2fa1c18fd06f5a96ed9ff28c977d2aeeca4d8aParsBlogger suffers from a remote SQL injection vulnerability in blog.asp.
4eff18247b9abc6505b2a9c0cf0cf1106ef664478f9feeee3205354b205c8e98CMS Ortus versions 1.13 and below suffer from a remote SQL injection vulnerability.
a396a159b55b1ddf15c23bb9aa6c94693551b633f0143eca70759aba618ecaa5Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.
1aec7fecff375958d067aceeb9782d3ff0be7c13bed0eecf6240fb089f8d268cNuFW is a set of daemons that filters packets on a per-user basis. The gateway authorizes a packet depending on which remote user has sent it. On the client side, users have to run a client that sends authentication packets to the gateway. On the server side, the gateway associates user ids to packets, thus enabling the possibility to filter packets on a user basis. Furthermore, the server architecture is done to use external authentication source such as an LDAP server.
df87a29a9da4aa20b8fc277fbdf009f20d20d8332d10a64317067a8834645835WebStudio CMS suffers from a remote blind SQL injection vulnerability.
e5b53fe802aedd5b49a8546f15bda2cdaab643815c5284e58252c93152db55c5Jamit Job Board version 3.4.10 suffers from a remote blind SQL injection vulnerability.
203ca0b1651f107fe21515fd9cd38362c9fc5ca9657c3784b4028c10b6d25f12Video Girls BiZ suffers from a blind SQL injection vulnerability in view_snaps.php.
7149016f0b143236e4926706ba50f79e0b746267e53dc7ee7d80b688e89af2c0Ubuntu Security Notice USN-678-1 - Martin von Gagern discovered that GnuTLS did not properly verify certificate chains when the last certificate in the chain was self-signed. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to view sensitive information.
539f7c707d1cb23af98c59af3f2135292874d0c88bb0f3a94232993f1d0dc46bUbuntu Security Notice USN-668-1 - Georgi Guninski, Michal Zalewsk and Chris Evans discovered that the same-origin check in Thunderbird could be bypassed. If a user were tricked into opening a malicious website, an attacker could obtain private information from data stored in the images, or discover information about software on the user's computer. Jesse Ruderman discovered that Thunderbird did not properly guard locks on non-native objects. If a user had JavaScript enabled and were tricked into opening malicious web content, an attacker could cause a browser crash and possibly execute arbitrary code with user privileges. Several problems were discovered in the browser, layout and JavaScript engines. If a user had JavaScript enabled, these problems could allow an attacker to crash Thunderbird and possibly execute arbitrary code with user privileges. A flaw was discovered in Thunderbird's DOM constructing code. If a user were tricked into opening a malicious website while having JavaScript enabled, an attacker could cause the browser to crash and potentially execute arbitrary code with user privileges. It was discovered that the same-origin check in Thunderbird could be bypassed. If a user had JavaScript enabled and were tricked into opening malicious web content, an attacker could execute JavaScript in the context of a different website. Chris Evans discovered that Thunderbird did not properly parse E4X documents, leading to quote characters in the namespace not being properly escaped. Boris Zbarsky discovered that Thunderbird did not properly process comments in forwarded in-line messages. If a user had JavaScript enabled and opened a malicious email, an attacker may be able to obtain information about the recipient.
93c13caf984544b75658e4212d7aaa699eb879c7bc04c2105c1fd518f47587d5LoveCMS version 1.6.2 Final with Download Manager version 1.0 suffers from an arbitrary file upload vulnerability.
1928d25e01c9f26f138934a23ca7901ffbd80001e00209b3d5df3e23770b8096WebStudio eCatalogue suffers from a blind SQL injection vulnerability.
0f5c25af1d59ef058082f3abb59ece840f8ddd7faf76efafc71e7e43b2dfb083WebStudio eHotel suffers from a blind SQL injection vulnerability.
60beafaad5702904f039dee6e995ba0df9ebc3fd84b380ce3ca504d65e3a3803Secunia Security Advisory - cOndemned has discovered a vulnerability in the Download Manager module for LoveCMS, which can be exploited by malicious people to compromise a vulnerable system.
54136402fd8a3e34a9704445ca92f79c65ee1e3803bcd796a0adc8bd4bc6c036Secunia Security Advisory - Alfons Luja has discovered a vulnerability in Fuzzylime CMS, which can be exploited by malicious people to disclose sensitive information.
146ca3c25988f98760a06357af3ac20f44a384ce27869f295559adc364c4df75Secunia Security Advisory - Hussin X has reported a vulnerability in WebStudio eHotel, which can be exploited by malicious people to conduct SQL injection attacks.
eed4b25e7547f37f05cdafcd17fe216a308515d29a569348d813fed654926557Secunia Security Advisory - Hussin X has reported a vulnerability in WebStudio eCatalogue, which can be exploited by malicious people to conduct SQL injection attacks.
1462964eccd219ca43ada8e587aaced4e01362b46681b0d8d01ed0584a853d53Secunia Security Advisory - Cyber-Zone has reported a vulnerability in Video Girls BiZ, which can be exploited by malicious people to conduct SQL injection attacks.
e71027f9a0963f9d8067a0e1ac4082ed76d79efd1d43c6e241d100b4144f13daSecunia Security Advisory - HP has acknowledged a vulnerability in Secure Web Server for Tru64 UNIX and Internet Express for Tru64 UNIX, which can be exploited by malicious people to cause a DoS (Denial of Service) or to potentially compromise a vulnerable system.
67c6d0bc01e5a260f4af79b32a9440b40c0ace24219308666fd3e351d77eedfa
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed