what you don't know can hurt you
Showing 1 - 25 of 30 RSS Feed

Files Date: 2012-04-18

Newscoop 3.5.3 XSS / RFI / SQL Injection
Posted Apr 18, 2012
Authored by High-Tech Bridge SA | Site htbridge.com

Newscoop version 3.5.3 suffers from cross site scripting, remote file inclusion, and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, code execution, xss, sql injection, file inclusion
advisories | CVE-2012-1933, CVE-2012-1934, CVE-2012-1935
SHA-256 | 179c3d850b4f0b8c40cd0b860cffbc9bc791577cafe65803bd5036477ee78092
XOOPS 2.5.4 Cross Site Scripting
Posted Apr 18, 2012
Authored by High-Tech Bridge SA | Site htbridge.com

XOOPS version 2.5.4 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2012-0984
SHA-256 | 128a2b4cd442c8b56300be601df8eac3e9f0f287fdd2cc683bdc79110222e0bf
HP Security Bulletin HPSBMU02766 SSRT100624
Posted Apr 18, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU02766 SSRT100624 - A potential security vulnerability has been identified with HP Onboard Administrator (OA). The vulnerability could be exploited remotely resulting in a Denial of Service (DoS). Revision 1 of this advisory.

tags | advisory, denial of service
advisories | CVE-2011-3192
SHA-256 | 2e9ccfbbee1de3ca1818aa7517b75f495f859618c8c98560ebcdeea64acb9a42
ownCloud 3.0.0 Cross Site Scripting
Posted Apr 18, 2012
Authored by Tobias Glemser

ownCloud version 3.0.0 suffers from cross site scripting and open redirection vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2012-2269, CVE-2012-2270
SHA-256 | dcb41a8d27105adce78fe22f673e0fa7b51d9f521221de638e38bba3db43a2cf
Fortune3 Cross Site Scripting
Posted Apr 18, 2012
Authored by Sony

Sites Powered By Fortune3 suffer from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 13b1a08a268820de58b2725ef1215111f696ca00f5a8d60215057eb2ee139327
Drupal Gigya - Social Optimization 6.x Cross Site Scripting
Posted Apr 18, 2012
Authored by Marek Lyczba | Site drupal.org

Drupal Gigya - Social Optimization module version 6.x suffers from a cross site scripting vulnerability.

tags | advisory, xss
SHA-256 | 5a648a49dcc4b4ce0da4b05ec58974c85fa9e0ade6360de5d89dc1e0ef413307
Drupal Commerce Reorder 7.x Cross Site Request Forgery
Posted Apr 18, 2012
Authored by Ivo Van Geertruyen | Site drupal.org

Drupal Commerce Reorder module version 7.x suffers from a cross site request forgery vulnerability.

tags | advisory, csrf
SHA-256 | e864c23fc70ff39f1ecdb1cc5443132330a3c198903dbbc639d16efcfe4c0520
LibreOffice 3.5.2.2 Memory Corruption
Posted Apr 18, 2012
Authored by shinnai | Site shinnai.altervista.org

LibreOffice version 3.5.2.2 suffers from a soffice.exe\soffice.bin memory corruption vulnerability when handling a malformed RTF file. This is a proof of concept exploit.

tags | exploit, proof of concept
SHA-256 | 9108e491be1d7df3025c505170e97f3e07e7d1652a9bd9606c234343e61301b5
Microsoft Internet Explorer VML Remote Code Execution
Posted Apr 18, 2012
Authored by Nicolas Joly, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Internet Explorer. The vulnerability is caused by a use-after-free error within the "vgx.dll" component when processing certain VML behaviors, which could be exploited by attackers to compromise a vulnerable system by tricking a user into visiting a specially crafted web page.

tags | advisory, web
advisories | CVE-2012-0172
SHA-256 | b26b14f8e0513c5015cfa528b828f45892990e4d864673868941be4f05ba2bf9
ClubHACK Magazine Issue 27
Posted Apr 18, 2012
Authored by clubhack | Site chmag.in

ClubHACK Magazine Issue 27 - Topics covered include Sysinternals Suite, The Burning issue in Web Application, and more.

tags | web, magazine
SHA-256 | b1c13729bc8393992e2f2cfcc38228182f6593cc5ba472cb1b4dbcaa90fa8ff2
DocuWiki 2012/01/25 Cross Site Request Forgery / Cross Site Scripting
Posted Apr 18, 2012
Authored by IRCRASH, Khashayar Fereidani | Site ircrash.com

DocuWiki version 2012/01/25 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
SHA-256 | 65f9c5fa6df169096268a3322d42c2a804c57e0e191fa90806551a8ae0aba88b
HP Security Bulletin HPSBOV02765 SSRT100828
Posted Apr 18, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSBOV02765 SSRT100828 - A potential security vulnerability has been identified with HP OpenVMS. The vulnerability could be locally exploited to cause a Denial of Service (DoS). Revision 1 of this advisory.

tags | advisory, denial of service
advisories | CVE-2012-0134
SHA-256 | 4d2a8d178068bf200f957f02c86e295bc0bbbaec2cb18e79402e8faeb9e3671b
CyberLink Power2Go Stack Buffer Overflow
Posted Apr 18, 2012
Authored by mr_me, modpr0be | Site metasploit.com

This Metasploit module exploits a stack buffer overflow in CyberLink Power2Go version 8.x. The vulnerability is triggered when opening a malformed p2g file containing an overly long string in the 'name' attribute of the file element. This results in overwriting a structured exception handler record.

tags | exploit, overflow
advisories | OSVDB-70600
SHA-256 | 130e60095a57a3b069f09bfa02ddc5fe4743b86427ffcaf33f1f4cc77609b845
GSM SIM Editor 5.15 Buffer Overflow
Posted Apr 18, 2012
Authored by Ruben Alejandro | Site metasploit.com

This Metasploit module exploits a stack-based buffer overflow in GSM SIM Editor 5.15. When opening a specially crafted .sms file in GSM SIM Editor a stack-based buffer overflow occurs which allows an attacker to execute arbitrary code.

tags | exploit, overflow, arbitrary
SHA-256 | 451d9fa4a2e617e48ce85c48c985cb871ef37c17216ab0ee454a7063cff0d329
MS11-046 Proof Of Concept
Posted Apr 18, 2012
Authored by FB1H2S

This is a proof of concept exploit for the vulnerability documented in MS11-046 for the Microsoft Windows Ancillary Function Driver (AFD).

tags | exploit, proof of concept
systems | windows
SHA-256 | db03166f4056e42fe514f3a64ffbe8b1395886a9e9f58f55dbe8e7302af75e70
Secunia Security Advisory 43942
Posted Apr 18, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Sow Ching Shiong has reported multiple vulnerabilities in Oracle iPlanet Web Server, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, web, vulnerability, xss
SHA-256 | fd3226bb75fbdca70ed8caa37778a575b3a9f45fb3b010f3b19a9c412f129c5b
Secunia Security Advisory 48840
Posted Apr 18, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ivano Binetti has reported a vulnerability in Sitecom WLM-2501 Wireless Modem Router 300N, which can be exploited by malicious people to conduct cross-site request forgery attacks.

tags | advisory, csrf
SHA-256 | c281578e7a42bdfd5e4a45774b36c15ba47c1372079325e32d799823eced520f
Secunia Security Advisory 48842
Posted Apr 18, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for the kernel. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

tags | advisory, denial of service, kernel, local, vulnerability
systems | linux, redhat
SHA-256 | 6ca99f21fab513bcad9a1011f1390303bb4ae8272922f64890cea80449924394
Office 2008 SP0 RTF Pfragments MAC Exploit
Posted Apr 18, 2012
Authored by Abhishek Lyall

Microsoft Office 2008 SP0 RTF Pfragments exploit for the Mac.

tags | exploit
SHA-256 | b2f082bdc375ecd1d41a0063c2b3fb30dccf7a409ac8e7cacdabe327df682042
Gentoo Linux Security Advisory 201204-05
Posted Apr 18, 2012
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201204-5 - A heap-based buffer overflow in SWFTools could result in the execution of arbitrary code. Versions less than or equal to 0.9.1 are affected.

tags | advisory, overflow, arbitrary
systems | linux, gentoo
advisories | CVE-2010-1516
SHA-256 | c1d30fecff6a729c3d5e2176bdf9ce5f6844f54afe79d521a276355db5d14539
Gentoo Linux Security Advisory 201204-04
Posted Apr 18, 2012
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201204-4 - Multiple vulnerabilities have been found in FreeType, allowing remote attackers to possibly execute arbitrary code or cause Denial of Service. Versions less than 2.4.9 are affected.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2012-1126, CVE-2012-1127, CVE-2012-1128, CVE-2012-1129, CVE-2012-1130, CVE-2012-1131, CVE-2012-1132, CVE-2012-1133, CVE-2012-1134, CVE-2012-1135, CVE-2012-1136, CVE-2012-1137, CVE-2012-1138, CVE-2012-1139, CVE-2012-1140, CVE-2012-1141, CVE-2012-1142, CVE-2012-1143, CVE-2012-1144
SHA-256 | 02aa37b738a847bf31623fa9c69b35fba479601c27b4e8ed06de8136ba502917
Gentoo Linux Security Advisory 201204-08
Posted Apr 18, 2012
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201204-8 - Two format string vulnerabilities have been found in the Perl DBD-Pg module, allowing a remote PostgreSQL servers to execute arbitrary code. Versions less than 2.19.0 are affected.

tags | advisory, remote, arbitrary, perl, vulnerability
systems | linux, gentoo
advisories | CVE-2012-1151
SHA-256 | bce5c31bb6b3eebc314508e6cb57e1a6a149a177ea49029bb3e039ea69959c01
Gentoo Linux Security Advisory 201204-07
Posted Apr 18, 2012
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201204-7 - Multiple vulnerabilities in Adobe Flash Player, the worst of which might allow remote attackers to execute arbitrary code. Versions less than 11.2.202.228 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2011-2445, CVE-2011-2450, CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, CVE-2011-2456, CVE-2011-2457, CVE-2011-2458, CVE-2011-2459, CVE-2011-2460, CVE-2012-0752, CVE-2012-0753, CVE-2012-0754, CVE-2012-0755, CVE-2012-0756, CVE-2012-0767, CVE-2012-0768, CVE-2012-0769, CVE-2012-0773
SHA-256 | bcf33f097735edaa2dba3ae55379f08e72c0e989bf92ca775ea579c3a0dded65
Gentoo Linux Security Advisory 201204-06
Posted Apr 18, 2012
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201204-6 - Multiple vulnerabilities have been found in PolicyKit, the worst of which may allow a local attacker to gain root privileges. Versions less than 0.104-r1 are affected.

tags | advisory, local, root, vulnerability
systems | linux, gentoo
advisories | CVE-2010-0750, CVE-2011-1485, CVE-2011-4945
SHA-256 | 93ec59cdcfdba7ed45654ae2b831916e2ac8a536165e68aeba2de09b35d935c7
Secunia Security Advisory 48831
Posted Apr 18, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Oracle FLEXCUBE Universal Banking, which can be exploited by malicious users and malicious people to disclose sensitive information, manipulate certain data, and cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
SHA-256 | 5bd40aa64b2bf551db915094391ad8930f6f1c1f3b81fac6274fde437e87f3d0
Page 1 of 2
Back12Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    6 Files
  • 24
    May 24th
    19 Files
  • 25
    May 25th
    5 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close