Ruubik CMS version 1.0.3 suffers from a cross site scripting vulnerability.
f82278e6284eff50960b4f1409360b91c94cee406b915d5a427c686339107d6a
GetSimple CMS version 2.01 suffers from a cross site scripting vulnerability.
d9c731db83edbf304c2df40653c0adf7bd6973d87f5f54af5cd916b844e14423
Razor CMS version 1.0 stable suffers from a cross site scripting vulnerability.
d00191add5e6aa3226a945fc2f4e61d704367c5235544a64c0668480cf382e80
360 Web Manager version 3.0 suffers from a cross site scripting vulnerability.
a9665a1c7c2b5279d7bb3229fc822c058358363bf52fb99f04db4263dd9ea0b6
This Metasploit module will execute an arbitrary payload on a Microsoft IIS installation that is vulnerable to the CGI double-decode vulnerability of 2001. NOTE: This Metasploit module will leave a metasploit payload in the IIS scripts directory.
641ff99aa7811add9ad4dcc768fb2145b5eaa76f8f0c9f211e656f570bea2703
Secunia Security Advisory - Ubuntu has issued an update for glibc and eglibc. This fixes some weaknesses and vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and potentially gain escalated privileges and by malicious people to potentially compromise a vulnerable system.
e6d2c857318f5381c4a650765a9806f63517571e33404493427bef61e80f2c57
Secunia Security Advisory - Fedora has issued an update for openssl. This fixes some vulnerabilities, where one has unknown impacts and the others can be exploited by malicious people to manipulate certain data or cause a DoS (Denial of Service).
c7e329acb67fffd4a0e166c0a11c3dbec8964bd58e59a80cb6097c0891164842
Secunia Security Advisory - Fedora has issued an update for cacti. This fixes some vulnerabilities, which can be exploited by malicious users to conduct SQL injection attacks and compromise a vulnerable system and by malicious people to conduct cross-site scripting attacks.
8b00fc8efbea4526b50dda19c6037803cf75bcd16315f3c2ffb59504e010c154
Secunia Security Advisory - Fedora has issued an update for html2ps. This fixes a security issue, which potentially can be exploited by malicious people to disclose sensitive information.
cae33aae581de1e8cd2d8a20cb715972a1fdc5b711c180cdf105a3ec22e5c943
Secunia Security Advisory - HP has acknowledged multiple vulnerabilities in HP Business Availability Center, which can be exploited by malicious users to cause a DoS (Denial of Service) and by malicious people to conduct cross-site scripting and cross-site request forgery attacks, and potentially cause a DoS (Denial of Service).
538a765f61842a4f4c47b7017130989daf1079b43cb7786f83d5d866a937b165
Secunia Security Advisory - Some vulnerabilities have been reported in Python, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
87d63086d4bf8081e97fd15906f22e47d92163532cfb75a90be8358624699a79
Secunia Security Advisory - A vulnerability has been reported in IBM Communications Server for AIX, which can be exploited by malicious people to cause a DoS (Denial of Service).
982c112b33f2f74a6384659be1997254e5037e7d14d017c47452b90dd3574b45
Secunia Security Advisory - High-Tech Bridge SA has discovered a vulnerability in razorCMS, which can be exploited by malicious users to conduct script insertion attacks.
80ac8eec129a202e294d1f7c7aef02f635f9b6a2ff2b4be0f529873c6ea61a31
Secunia Security Advisory - SUSE has issued an update for multiple packages. This fixes two weaknesses and multiple vulnerabilities, which can be exploited by malicious, local users to disclose potentially sensitive information, cause a DoS (Denial of Service), and potentially gain escalated privileges and by malicious people to conduct spoofing attacks, manipulate certain data, cause a DoS (Denial of Service), bypass certain security restrictions, and potentially compromise a user's system.
9da9d333ce39b31e3dc60ba47ed0a21d6c22ba7df54fdc8e4028a80ab2dcdea4
Secunia Security Advisory - A vulnerability has been reported in HP TestDirector for Quality Center, which can be exploited by malicious people to bypass certain security restrictions.
a00ab8e905af586f38af9361602f3c714ee73dd8460af925795305200b31eef1
Secunia Security Advisory - epixoip has reported some vulnerabilities in Specialized Data Systems Parent Connect, which can be exploited by malicious people to conduct SQL injection attacks.
203bcdb7687a481046f81cfa313bf10c583b80944b6a926a18325e44a17c6f48
Secunia Security Advisory - Giamo Casanunda has discovered a vulnerability in CuteSITE CMS, which can be exploited by malicious people to conduct cross-site request forgery attacks.
9a2a721c28ac6a5f2c6d374d26d27105d5179359d1b9701e15420baaf4bbf7e5
106 bytes small Linux/x86 disable randomize stack address shellcode.
35d8630bd9123b26df4c95ebc2cc73d88c99017d32b061a3890cd84779c2f483
Ubuntu Security Notice 944-1 - Maksymilian Arciemowicz discovered that the GNU C library did not correctly handle integer overflows in the strfmon function. If a user or automated system were tricked into processing a specially crafted format string, a remote attacker could crash applications, leading to a denial of service. (Ubuntu 10.04 was not affected.) Jeff Layton and Dan Rosenberg discovered that the GNU C library did not correctly handle newlines in the mntent family of functions. If a local attacker were able to inject newlines into a mount entry through other vulnerable mount helpers, they could disrupt the system or possibly gain root privileges. Dan Rosenberg discovered that the GNU C library did not correctly validate certain ELF program headers. If a user or automated system were tricked into verifying a specially crafted ELF program, a remote attacker could execute arbitrary code with user privileges.
3912a2ecbd425f205230279f33dba703af4f372c3f17130c8ea1d9cf79a904f4
Mandriva Linux Security Advisory 2010-107 - The server failed to check the table name argument of a COM_FIELD_LIST command packet for validity and compliance to acceptable table name standards. This could be exploited to bypass almost all forms of checks for privileges and table-level grants by providing a specially crafted table name argument to COM_FIELD_LIST. The server could be tricked into reading packets indefinitely if it received a packet larger than the maximum size of one packet. The server was susceptible to a buffer-overflow attack due to a failure to perform bounds checking on the table name argument of a COM_FIELD_LIST command packet. By sending long data for the table name, a buffer is overflown, which could be exploited by an authenticated user to inject malicious code. Packages for 2008.0 and 2009.0 are provided as of the Extended Maintenance Program. The updated packages have been patched to correct these issues.
c4e7a351b4df255c2bcd254f120217884009c882c3d662a9f87f93f5cefee126
Design by Web5000 suffer from a remote SQL injection vulnerability.
87444cbc402a3bfc34a4f917e23d240e33168d03ea09bd1fdac2e9e423797ae1
Flock Web Browser version 2.5.6 remote memory corruption denial of service crash exploit.
7ef197701ddf5fce834d394de1ef5458520ee5509fb092bec9ad82205c220504
Open and Compact FTP Server version 1.2 universal pre-auth denial of service exploit.
684440a1375687cbbed6a34317a123196df83653b157c3498e09d81c91f2b0de
Webit CMS suffers from a remote SQL injection vulnerability.
81cdf9b8a8262be39c1200d2a74f6b3636c9d212bb5d1e62126345f3735f0187
Webby Webserver version 1.01 suffers from a buffer overflow vulnerability.
c1efddb1b13c33f48bca2724a4a2cd55dd316b60fd3c13ef1e71beab2ce48b4e