Exploit the possiblities
Showing 1 - 25 of 52 RSS Feed

Files Date: 2012-04-27

MySQLDumper 1.24.4 LFI / XSS / CSRF / Code Execution / Traversal
Posted Apr 27, 2012
Authored by Akastep

MySQLDumper version 1.24.4 suffers from code execution, cross site request forgery, cross site scripting, local file inclusion, and directory traversal vulnerabilities.

tags | exploit, local, vulnerability, code execution, xss, file inclusion, csrf
MD5 | 568b012ba56a46dd489f0b6d555183ff
IPA-IAC.org Cross Site Scripting
Posted Apr 27, 2012
Authored by Atmon3r

IPA-IAC.org suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 399258e614d8d9680fc04cd21c88d067
ClamSAP Libraries 0.9.7.4
Posted Apr 27, 2012
Authored by Markus Strehle | Site clamsap.sourceforge.net

ClamSAP consists of two C shared libraries that link between ClamAV and the Virus Scan Interface (VSI) of SAP (official name: NW-VSI). A SAP application can use the ClamAV engine to scan for malicious uploads in HTTP uploads, for example.

Changes: This release includes an adaption for ClamAV 0.97.4 and support for remote clamd scans.
tags | web, virus
systems | unix
MD5 | 5ce2549f0df4657a60f5a38d17254cab
Mandriva Linux Security Advisory 2012-066
Posted Apr 27, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-066 - Security issues were identified and fixed in Mozilla Firefox and Thunderbird. Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Using the Address Sanitizer tool, security researcher Aki Helin from OUSPG found that IDBKeyRange of indexedDB remains in the XPConnect hashtable instead of being unlinked before being destroyed. Using the Address Sanitizer tool, security researcher Atte Kettunen from OUSPG found a heap corruption in gfxImageSurface which allows for invalid frees and possible remote code execution. Anne van Kesteren of Opera Software found a multi-octet encoding issue where certain octets will destroy the following octets in the processing of some multibyte character sets. Various other issues were also addressed.

tags | advisory, remote, code execution
systems | linux, mandriva
advisories | CVE-2012-0468, CVE-2012-0467, CVE-2012-0469, CVE-2012-0470, CVE-2012-0471, CVE-2012-0472, CVE-2012-0473, CVE-2012-0474, CVE-2012-0477, CVE-2012-0478, CVE-2011-3062, CVE-2012-0479
MD5 | 2ded3927a0b08285a7c5a07703752ec9
VMware Security Advisory 2012-0008
Posted Apr 27, 2012
Authored by VMware | Site vmware.com

VMware Security Advisory 2012-0008 - VMware ESX updates have been created for the ESX Service Console. The ESX Service Console Operating System (COS) kernel is updated which addresses several security issues in the COS kernel. The ESX Console Operating System (COS) libxml2 rpms are updated to the following versions libxml2-2.6.26-2.1.12.el5_7.2 and libxml2-python-2.6.26-2.1.12.el5_7.2 which addresses several security issues. Various other issues have also been addressed.

tags | advisory, kernel, python
advisories | CVE-2010-4008, CVE-2011-0216, CVE-2011-1944, CVE-2011-2834, CVE-2011-3191, CVE-2011-3905, CVE-2011-3919, CVE-2011-4348, CVE-2012-0028
MD5 | 2c100e23d23700d3afbb62cee7820b04
HP Security Bulletin HPSBPV02754 SSRT100803 2
Posted Apr 27, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSBPV02754 SSRT100803 2 - A potential security vulnerability has been identified with certain HP ProCurve 5400 zl switches using a compact flash card which may contain malware content that is a PC trojan executable. The ProCurve switch operating system is not infected with the malware and the content on the compact flash card has no impact on the operation of the switch. Reuse of the compact flash card in a personal computer and manual execution of the malware content could result in a compromise of that system's integrity. Revision 2 of this advisory.

tags | advisory, trojan
advisories | CVE-2012-0133
MD5 | 4d95f4cfc66c0fa4f9c45feaf62536b8
eRealty Shop SQL Injection
Posted Apr 27, 2012
Authored by BHG Security Center

eRealty Shop suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 124cbc28812b9cfb5f098236f63908fe
Mandriva Linux Security Advisory 2012-065
Posted Apr 27, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-065 - The PDORow implementation in PHP before 5.3.9 does not properly interact with the session feature, which allows remote attackers to cause a denial of service via a crafted application that uses a PDO driver for a fetch and then calls the session_start function, as demonstrated by a crash of the Apache HTTP Server. The php_register_variable_ex function in php_variables.c in PHP 5.3.9 allows remote attackers to execute arbitrary code via a request containing a large number of variables, related to improper handling of array variables. PHP before 5.3.10 does not properly perform a temporary change to the magic_quotes_gpc directive during the importing of environment variables, which makes it easier for remote attackers to conduct SQL injection attacks via a crafted request, related to main/php_variables.c, sapi/cgi/cgi_main.c, and sapi/fpm/fpm/fpm_main.c. Insufficient validating of upload name leading to corrupted $_FILES indices. Various other issues have also been addressed.

tags | advisory, remote, web, denial of service, arbitrary, cgi, php, sql injection
systems | linux, mandriva
advisories | CVE-2012-0788, CVE-2012-0807, CVE-2012-0830, CVE-2012-0831, CVE-2012-1172
MD5 | d970a7f09cf0264c29f9c880d7bb0874
Maxxweb CMS Cross Site Scripting
Posted Apr 27, 2012
Authored by Farbod Mahini

Maxxweb CMS suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 761dccbf9cfa507935b359e89aababee
Uiga Personal Portal SQL Injection
Posted Apr 27, 2012
Authored by Farbod Mahini

Uiga Personal Portal suffers from a remote SQL injection vulnerability in index2.php.

tags | exploit, remote, php, sql injection
MD5 | e59c9c4630ed5fbfefbc54cc2684ef83
Uiga FanClub SQL Injection
Posted Apr 27, 2012
Authored by Farbod Mahini

Uiga FanClub suffers from a remote SQL injection vulnerability in index2.php.

tags | exploit, remote, php, sql injection
MD5 | e00972e95769968a93571b80baefac5a
theEZsite CMS SQL Injection
Posted Apr 27, 2012
Authored by Farbod Mahini

theEZsite CMS suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 0cbe812f77b0274f93b0e1e102ded8fd
Source CMS SQL Injection
Posted Apr 27, 2012
Authored by Farbod Mahini

Source CMS suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 828a7539bf9862345888c7a9781ba325
SirmaNET Web Design Cross Site Scripting / Local File Inclusion
Posted Apr 27, 2012
Authored by Farbod Mahini

SirmaNET Web Design suffers from cross site scripting and local file inclusion vulnerabilities.

tags | exploit, web, local, vulnerability, xss, file inclusion
MD5 | 2d24d0c4bef96360268603839416cdd5
Yemen Ecommerce Technology SQL Injection
Posted Apr 27, 2012
Authored by Farbod Mahini

Yemen Ecommerce Technology suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 7493fc5d4cb52585e54849d03375bf08
WTE CMS SQL Injection
Posted Apr 27, 2012
Authored by Farbod Mahini

WTE CMS suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | b50f529e57f515020666a0d329925ad1
WebData CMS SQL Injection
Posted Apr 27, 2012
Authored by Farbod Mahini

WebData CMS suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 4eee8c5da02808f1fedc834e56ebc99f
SKYUC! 3.2.1 Cross Site Scripting
Posted Apr 27, 2012
Authored by Farbod Mahini

SKYUC! version 3.2.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | a732ce27ebe8947bcc2c9962716cbf55
Pinnacle Pixel CMS SQL Injection
Posted Apr 27, 2012
Authored by Farbod Mahini

Pinnacle Pixel CMS suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 0761ae767e11130f18b66728eb923b4f
Joth CMS SQL Injection
Posted Apr 27, 2012
Authored by Farbod Mahini

Joth CMS suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 9d9329eb020c6f2c90218f0faa00d160
Ubuntu Security Notice USN-1430-1
Posted Apr 27, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1430-1 - Bob Clary, Christian Holler, Brian Hackett, Bobby Holley, Gary Kwong, Hilary Hall, Honza Bambas, Jesse Ruderman, Julian Seward, and Olli Pettay discovered memory safety issues affecting Firefox. If the user were tricked into opening a specially crafted page, an attacker could exploit these to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Firefox. Aki Helin discovered a use-after-free vulnerability in XPConnect. An attacker could potentially exploit this to execute arbitrary code with the privileges of the user invoking Firefox. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2012-0468, CVE-2012-0469, CVE-2012-0470, CVE-2012-0471, CVE-2012-0473, CVE-2012-0474, CVE-2012-0475, CVE-2012-0477, CVE-2012-0478, CVE-2011-3062, CVE-2011-1187, CVE-2012-0479, CVE-2011-1187, CVE-2011-3062, CVE-2012-0467, CVE-2012-0468, CVE-2012-0469, CVE-2012-0470, CVE-2012-0471, CVE-2012-0473, CVE-2012-0474, CVE-2012-0475, CVE-2012-0477, CVE-2012-0478, CVE-2012-0479
MD5 | 2a7fe7717fc5dd39f817e9f1e0686515
Ubuntu Security Notice USN-1430-2
Posted Apr 27, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1430-2 - USN-1430-1 fixed vulnerabilities in Firefox. This update provides an updated ubufox package for use with the latest Firefox. Bob Clary, Christian Holler, Brian Hackett, Bobby Holley, Gary Kwong, Hilary Hall, Honza Bambas, Jesse Ruderman, Julian Seward, and Olli Pettay discovered memory safety issues affecting Firefox. Aki Helin discovered a use-after-free vulnerability in XPConnect. Various other issues were also addressed.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2012-0468, CVE-2012-0469, CVE-2012-0470, CVE-2012-0471, CVE-2012-0473, CVE-2012-0474, CVE-2012-0475, CVE-2012-0477, CVE-2012-0478, CVE-2011-3062, CVE-2011-1187, CVE-2012-0479
MD5 | 092b59f748426ab4a4493e9c170da542
IrIran Shopping Script Blind SQL Injection
Posted Apr 27, 2012
Authored by Farbod Mahini

IrIran Shopping Script suffers from a remote blind SQL injection vulnerability in product.php.

tags | exploit, remote, php, sql injection
MD5 | 2a516164a47273d9d1bed4c821e4142c
Gold Coast Web Design SQL Injection
Posted Apr 27, 2012
Authored by Farbod Mahini

Gold Coast Web Design suffers from a remote SQL injection vulnerability.

tags | exploit, remote, web, sql injection
MD5 | fb8d09c37a12de344b149f15a62c57d0
GO Infoteam Solution CMS SQL Injection
Posted Apr 27, 2012
Authored by Farbod Mahini

GO Infoteam Solution CMS suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | f6f8008e124cbab36d24df41dc2f3ed0
Page 1 of 3
Back123Next

File Archive:

December 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    15 Files
  • 2
    Dec 2nd
    2 Files
  • 3
    Dec 3rd
    1 Files
  • 4
    Dec 4th
    15 Files
  • 5
    Dec 5th
    15 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    17 Files
  • 8
    Dec 8th
    15 Files
  • 9
    Dec 9th
    13 Files
  • 10
    Dec 10th
    4 Files
  • 11
    Dec 11th
    41 Files
  • 12
    Dec 12th
    44 Files
  • 13
    Dec 13th
    25 Files
  • 14
    Dec 14th
    15 Files
  • 15
    Dec 15th
    28 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close