FAA US Academy suffers from a remote SQL injection vulnerability that allows for authentication bypass.
11a998cc55d43daa622f8c41368937c24f57cb2e70420eaa76da111430aa8e57eBank IT Online Banking suffers from a cross site scripting vulnerability.
1e8a7a724d53d4c2f53dfb9b5a9593f9967ae92ffc51eb1189ec4e785b6f5dd6The Joomla Visa component suffers from local file inclusion and remote SQL injection vulnerabilities.
d3118c6105e10b46918d16c4b6ee2c505680214a1ab0fc601485892d758a2cadDGC suffers from a remote SQL injection vulnerability.
db7ffb03ff9ab63dcbcc4373bf434d417892efaf1a84b13e2d55267701ad9094The Joomla Cmotour component suffers from a remote SQL injection vulnerability.
5f709e000675ce62f1a3c28acb68dd88990285bc0318584e8a1725a6322f5b0eNeda Rayaneh CMS suffers from a remote SQL injection vulnerability.
05cdd7a7f20e9b454f4600fff764faa007608f077258f49555391293049b6083TND Media CMS suffers from a remote SQL injection vulnerability.
84bdf61dec2ee7bdfe6581398a8a79f8491a299258b440d7dc81b0635d63a275This is an automatic SQL Injection tool called FatCat. It has features that help you to extract the database information, table information, and column information from a web application.
d6543e663214a8df0076f59ba3d72d5f35619b7a0177b40574cb7a4a1d03b007Silverstripe CMS suffers from a cross site scripting vulnerability in the page title module.
43021383dbfd91566ee035780291d677a45f4eada682c03ff73aaf7cde58d84cLifesystems suffers from a cross site scripting vulnerability.
6c39aa775a7a4f40ebab6a87c03cb6dbe7db98d09fb87fa7c695f7ac46f37036Motigo Forums/Calendar/Guestbook suffers from a cross site scripting vulnerability.
e074f30cd50bf25af3c1cf5be79c3b508a7b7422b79fe218e263c28eafd599afGitorious versions prior to 2.1.1 suffer from a remote command execution vulnerability.
6eaad22fe33effe3e4d1a3e355ffa9f4cb239465e6efdd17446f0304e8263e07This Metasploit module exploits a stack buffer overflow in HP Diagnostics Server magentservice.exe service. By sending a specially crafted packet, an attacker may be able to execute arbitrary code. Originally found and posted by AbdulAziz Harir via ZDI.
c6a14560edab2b9d9defb11e36b12526fd6aaa6d5fa8fa8faa2534b45739ade1This Metasploit module exploits a heap overflow vulnerability in the Windows Multimedia Library (winmm.dll). The vulnerability occurs when parsing specially crafted MIDI files. Remote code execution can be achieved by using Windows Media Player's ActiveX control. Exploitation is done by supplying a specially crafted MIDI file with specific events, causing the offset calculation being higher than how much is available on the heap (0x400 allocated by WINMM!winmmAlloc), and then allowing us to either "inc al" or "dec al" a byte. This can be used to corrupt an array (CImplAry) we setup, and force the browser to confuse types from tagVARIANT objects, which leverages remote code execution under the context of the user. At this time, for IE 8 target, JRE (Java Runtime Environment) is required to bypass DEP (Data Execution Prevention). Note: Based on our testing, the vulnerability does not seem to trigger when the victim machine is operated via rdesktop.
2fdc9c5c7f7d444b003b94e6d9ac9413e9711bc63c367b5bb555b0a3a0fecd1cAdaCore Security Advisory - All AWS releases and wavefronts prior to 2012-01-21 suffer from hash collision vulnerabilities.
7e3a1369a020e57b96e59b8b0b9529fdb0e3680525f1bd1d5292095b172b5eb3Studio Manolibera's listarivisteuk.php suffers from a remote SQL injection vulnerability.
28d2f1e146dd773e526708587175db0f5bfe66b4465bf4ec6d2d00fd23383036Dark D0rk3r is a python script that performs dork searching and searches for local file inclusion and SQL injection errors.
e01594c855c297a66c7de4fb7f73f8b55125cb6a8f3033145120cc7efa3dfe97IBBY's nouvelles.php suffers from a remote SQL injection vulnerability.
c04b78989522c139651f6aa6c65f3d7460fff4e8d0dddf5d0eb5ed2ba7b110ea
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed