This Metasploit module exploits a stack overflow in the IntelliTamper. By sending an overly long string to the "defer" script, an attacker may be able to execute arbitrary code.
5a7d05045fcaafffeec567421bc387b0c5e71f7d8dcecd67bd46ed81f239decdSilverstripe versions 2.0.0 and below suffer from cross site request forgery and open redirection vulnerabilities.
eb0f2e3417170c205f93095759adca2dd6bec78f33179a5505e6f2b346f42bbfCback V3 Forum suffers from a cross site scripting vulnerability.
8cc083131d201157b999c2123ba97103dca60c4b269941fa38df5ca8e3269b1bPunBB version 1.3 suffers from a cross site scripting vulnerability.
9ba08958ade77133f99743cf593373818c13defc57dd8beb369e89142a8cf477Firefox version 3.6 XML parser memory corruption proof of concept denial of service exploit.
eb0a7ad498503a3611939f35f80c5578f533305e6f896349baf891be5945e96bDJ Legend local heap overflow proof of concept exploit that creates a malicious .m3u file.
e26821bbccd4031d72365b675884c1e9bf6b6b649d2be6b8f64119538d8fe412Mandriva Linux Security Advisory 2010-024 - The distcheck rule in dist-check.mk in GNU coreutils 5.2.1 through 8.1 allows local users to gain privileges via a symlink attack on a file in a directory tree under /tmp. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct this issue.
9a2edee2c3d8ab5cb21c2519e777260cebfb60a7a2d22e8e65420ebbd74e2d82The Joomla Mochigames component suffers from a remote SQL injection vulnerability.
69b9c17f24e1758b77ecb48088f8135cf4de2f96be0deee4a1589253f051176eInvision Power Board remote file disclosure exploit.
7d3e714ea9e17ebc9115221297cc2bd1e7dcf29f3a21b9e16349b82952a96e34The Joomla Casino component suffers from a remote SQL injection vulnerability.
a9bf198ac073f5dba837f6141226192531d7c4613f9d95a2fb966eac1f920211The Joomla JBPublishdownfp component suffers from a remote SQL injection vulnerability.
bccb13b594f19ef102f140635f9bbcb1424847ef6369b7999702bb0490e982bcComtrend ADSL router version CT-507IT suffers from a cross site scripting vulnerability.
bcbb5b0b0aeae386e658de40089ecb9de21b532e2e719d27b84fd7452dd4a1d6MP3 Tagger version 1.29 local denial of service proof of concept exploit that creates a malicious .m3u file.
2d612bc0b21ef813c12d5fe9c1418f22ad6a5eb5982da142c3910add56623ef4Whitepaper called OS Command Injection Vulnerabilities. Written in Turkish.
5c8583c0d3a4c09541e3e93d6f91f435d9b4999efa6d60804e83923577e94383vBulletin remote file disclosure exploit. Written in Python.
688263dae3a9c2dc03d5bd00336672388581d256857ff8777f9706483dcf48b3The Joomla JBDiary suffers from a remote blind SQL injection vulnerability.
f7e3d8cfe1ac0d40ee2cd3c51a4b7d2d9a28857e7cd00441ccdaebf541865a07OCSinventory-ng version 1.x suffers from cross site scripting and remote SQL injection vulnerabilities.
df43edcf1e89cefe033d2a8fb1206d01614d73151d22babbd61a0efafd3912b4Magic Portal version 2.1 suffers from a remote SQL injection vulnerability.
f08548221e1a05205db72f54e4967c8f359f76583214d4610b4ad826c3b77bd0Sonique2 version 2.0 Beta build 103 local denial of service proof of concept exploit.
be0fb56fc576a97498d6ea640645e7b55024dd70b2c035c2c7baf79e729f5532MCnews version 1.3 suffers from a remote SQL injection vulnerability.
b6336b348848309430f157ede26f091a2e963f47d78200ca8490430d12eb7e16The Joomla ContentBlogList component suffers from a remote SQL injection vulnerability.
ca684aa161b0de6be01d0eef6438a120538e6db6e5509b98afafb72da5ae23c6OpenDb version 1.5.0.4 suffers from multiple local file inclusion vulnerabilities.
186bda482af53913ac64d05678b986721cf7d333daedacfe06e14f8c7a77548cUbuntu Security Notice 1047-1 - It was discovered that AWStats did not correctly filter the LoadPlugin configuration option. A local attacker on a shared system could use this to inject arbitrary code into AWStats.
b9951f473de622dbf38e911df981e0bcf5401099fb393900dcbd09ae4fccdecdDebian Linux Security Advisory 2150-1 - It was discovered that Request Tracker, an issue tracking system, stored passwords in its database by using an insufficiently strong hashing method. If an attacker would have access to the password database, he could decode the passwords stored in it.
397d1573fd312e4a091cd4ebc8abe61f5c20f758aa13662ab1f6320cddf44920
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed