The Viennabux Beta Forum suffers from a remote SQL injection vulnerability.
e540fdcd5be2ea45f606c8cc7d936b1647d5f5a9d19b973ba09089559e39fed5Zero Day Initiative Advisory 10-068 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required in that a target must open a malicious media file or visit a malicious page. The specific flaw exists within the parsing of H.263 media files. The code within QuickTime trusts various values from MDAT structures and uses them during operations on heap memory. By crafting specific values the corruption can be leveraged to execute remote code under the context of the user running the application.
ff87f0b26a673d319e600b186a8ab9c778917315979b78c1fb05587dbfae27d6The Joomla PCChess component versions prior to 0.9 suffer from a local file inclusion vulnerability.
c7ce7f2ea18d5e75b3ef1bbc86a7714c352f0caf4f67737b9291f5a04df82aeaGNU SIP Witch is a pure SIP-based office telephone call server that supports generic phone system features like call forwarding, hunt groups and call distribution, call coverage and ring groups, holding, and call transfer, as well as offering SIP rver, or an IP-PBX, and does not try to emulate Asterisk, FreeSWITCH, or Yate.
f59d87763e9db45caceb9a81acdbaa71e476db669b7f82bf9f01b1b7b151205eJAVA Web Start suffers from an arbitrary command-line injection vulnerability.
f56c7424142422fcf7bb61a39fbdea3fc49a395ed67cfe06093c8317279d4aa9The Joomla PowerMail Pro component version 1.5.3 suffers from a local file inclusion vulnerability.
edbd253f344e30da8f38d2170e1114abb0b59cf712f3c6103052837372e9e2eeSecunia Research has discovered a vulnerability in Pulse CMS, which can be exploited by malicious people to conduct cross-site scripting attacks. The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to e.g. upload or delete image files and create blocks if a logged-in user visits a malicious web site. Pulse CMS basic versions 1.2.2 and 1.2.3 are affected.
6125e265cda0af2a8650aa059c2134fa2d781fb01d61df0b1eb67fb15ee25a7fSecunia Research has discovered a vulnerability in Pulse CMS, which can be exploited by malicious users to compromise a vulnerable system. An error in the validation of uploaded image files can be exploited to upload files with an arbitrary extension to a folder within the web root. This can be exploited to upload and execute arbitrary PHP code. Successful exploitation requires authentication. Pulse CMS basic versions 1.2.2 and 1.2.3 are affected.
7d348c77d45817a884d675117e36f8fbe660f2d54052eb709596734c4376654djEdit suffers from a local file inclusion vulnerability.
668e842d6db8d6eb090a39b64fcd5e903de7d457415c4a10baf7c5f3d2a55b3eUbuntu Security Notice 624-2 - USN-624-1 fixed a vulnerability in PCRE. This update provides the corresponding update for Erlang. Original advisory details: Tavis Ormandy discovered that the PCRE library did not correctly handle certain in-pattern options. An attacker could cause applications linked against pcre3 to crash, leading to a denial of service.
32e5186625d26202f52e2952207fd8481b1948c4cb6d686bf772c7fe10544a69Secunia Security Advisory - A vulnerability has been reported in TYPO3, which can be exploited by malicious people to compromise a vulnerable system.
f0ab677611845cc6b3a2f8d0fd11fc1d27a09e220c7f791cd6b2de2b835047f7Secunia Security Advisory - Secunia Research has discovered some vulnerabilities in Pulse CMS, which can be exploited by malicious users to compromise a vulnerable system and by malicious people to conduct cross-site request forgery attacks.
2f503849f4aeb811b8687b0124003c452e8596127fc4cf5baad3b8232ee10929The Joomla Articles component suffers from a remote SQL injection vulnerability.
f5c7da3fdd1c8caa2a8e26196c1f7c2401aa3a5cf77197ad472aa81d1ea88fb7Ubuntu Security Notice 926-1 - It was discovered that ClamAV did not properly verify its input when processing CAB files. A remote attacker could send a specially crafted CAB file to evade malware detection and also cause a denial of service via application crash.
bdedf8634cb8edf0df0ba61650028490bf0cd0b7468ef9ce93cc68908675ca6bThe Joomla Foobla Suggestions component version 1.5.1.2 suffers from a local file inclusion vulnerability.
a8f389fc35a827331ebb7a125159d4863f3ea66ffdc4fd76fb7daa6dda46e3e7The Joomla JA Voice component suffers from a local file inclusion vulnerability.
fe60e77ced3250cdf0001979a57cce738aef992fe20b7ac4e2fabd0c36663ab5Whitepaper called Writing Custom Generic Encoders With No NULL Bytes.
961ab2dd35c50380d8685b24bc5062970f9488e153e789114754038f4330b3fbMiniature Java Web Server versions 1.71 and below suffer from path traversal and open redirect vulnerabilities.
e916687a880ef98db1b2fca0523dc68a4688d48c80e18564b119a7ecd5fd3ffeThe MKPortal Recommend module suffers from a cross site scripting vulnerability.
6b8b55cc933e2bc98e23b1bfc3e69ca44178e9c50677505d7682673de92bc942Kubeit CMS suffers from a remote SQL injection vulnerability.
53a1ed2e43f18ff544b4f41065893d2772773a65d7b8254f6f6d1926445325d8CompleteFTP version 3.3.0 remote memory consumption denial of service exploit.
92748ce1bda4e19d5c8f2238a5acb7305da6442aa3e1bf533bb393794067af50MITMProxy is an interactive, SSL-aware HTTP proxy that allows viewing, modification and replaying of requests.
3c27bce82ee0b9e7856fd7eb86e02050cc1d43711f1f662f02ce1eeb8abda9f6Ubuntu Security Notice 925-1 - It was discovered that MoinMoin did not properly sanitize its input when processing Despam actions, resulting in cross-site scripting (XSS) vulnerabilities. If a privileged wiki user were tricked into performing the Despam action on a page with a crafted title, a remote attacker could exploit this to execute JavaScript code. It was discovered that the TextCha protection in MoinMoin could be bypassed by submitting a crafted form request. This issue only affected Ubuntu 8.10.
82c35b721a3b693f76ae72c67ffad7a459b00ebe8aba7b8dda1b0607d89daf8fCMS SiteLogic suffers from a remote SQL injection vulnerability.
529fbaf588f35185575730785e5fb6df4d3f3cfbff9ff5dad71d83bbd15489bdThe Joomla Webee component version 2.0 suffers from a local file inclusion vulnerability.
d4e8759f29b507bedc1707f00bc1dfb06765419d66f1a0cc99e0f2f9634555f2
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed