WebVulScan is a web application vulnerability scanner. It is a web application itself written in PHP and can be used to test remote, or local, web applications for security vulnerabilities. As a scan is running, details of the scan are dynamically updated to the user. These details include the status of the scan, the number of URLs found on the web application, the number of vulnerabilities found and details of the vulnerabilities found. After a scan is complete, a detailed PDF report is emailed to the user. The report includes descriptions of the vulnerabilities found, recommendations and details of where and how each vulnerability was exploited.
344eece8b692a4f6c7159ef0b264d1ceDivision 6 IT suffers from cross site scripting and remote SQL injection vulnerabilities.
e6aa49527836b842d72680951787521dHP Security Bulletin HPSBUX02777 SSRT100854 - Potential security vulnerabilities have been identified in Java Runtime Environment (JRE) and Java Developer Kit (JDK) running on HP-UX. These vulnerabilities may allow remote Denial of Service (DoS), unauthorized modification and disclosure of information. Revision 1 of this advisory.
c77f357038a39f2f2d6d68ed6ea6496eMandriva Linux Security Advisory 2012-077 - Untrusted search path vulnerability in configure.c in ImageMagick before 6.6.5-5, when MAGICKCORE_INSTALLED_SUPPORT is defined, allows local users to gain privileges via a Trojan horse configuration file in the current working directory. A flaw was found in the way ImageMagick processed images with malformed Exchangeable image file format metadata. An attacker could create a specially-crafted image file that, when opened by a victim, would cause ImageMagick to crash or, potentially, execute arbitrary code. A denial of service flaw was found in the way ImageMagick processed images with malformed Exif metadata. An attacker could create a specially-crafted image file that, when opened by a victim, could cause ImageMagick to enter an infinite loop. Various other issues have also been addressed.
fa1ac8dbf0bf748076337278c27ec507Ubuntu Security Notice 1443-1 - It was discovered that Update Manager created system state archive files with incorrect permissions when upgrading releases. A local user could possibly use this to read repository credentials. Felix Geyer discovered that the Update Manager Apport hook incorrectly uploaded certain system state archive files to Launchpad when reporting bugs. This could possibly result in repository credentials being included in public bug reports. Various other issues were also addressed.
6a8efc42df765d42436eae37136a4b4bDebian Linux Security Advisory 2474-1 - Benencia discovered that ikiwiki, a wiki compiler, does not properly escape the author (and its URL) of certain metadata, such as comments. This might be used to conduct cross-site scripting attacks.
5fad70b2d9815c03d3370ed9ff770604Secunia Security Advisory - A vulnerability has been reported in FishEye and Crucible, which can be exploited by malicious people to cause a DoS (Denial of Service) or disclose potentially sensitive information.
07ce8bf4ff716c0bcc1ade4a1d4f3f8bSecunia Security Advisory - A vulnerability has been reported in JIRA, which can be exploited by malicious users to cause a DoS (Denial of Service).
c8cb6ccb598a9918f706ba36d3bf960cSecunia Security Advisory - A vulnerability has been discovered in the Track That Stat plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.
e64046c1d42665713b63548f0b00fa68Secunia Security Advisory - Multiple vulnerabilities have been reported in Google Chrome, where some have unknown impacts and others can be exploited by malicious people to bypass certain security restrictions, and compromise a user's system.
174c115e6c9ec8bd5137e44eb7fc3ce8Secunia Security Advisory - A vulnerability has been reported in Cisco Adaptive Security Appliance (ASA), which can be exploited by malicious people to disclose potentially sensitive information.
317cf30faf1ee1027ad6b1236fc3ed11Secunia Security Advisory - Multiple vulnerabilities have been reported in QuickTime, which can be exploited by malicious people to compromise a user's system.
4558b72df0ae49fea007e92d2e031412Secunia Security Advisory - Luigi Auriemma has discovered a vulnerability in Invensys Wonderware InTouch, which can be exploited by malicious people to cause a DoS (Denial of Service).
7303f6b13cccca353732582e6bf61e91Secunia Security Advisory - Gentoo has issued an update for connman. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system.
52b311475cd6587eb1ff36f3ff2f7fd2Secunia Security Advisory - Some vulnerabilities have been reported in RealPlayer, which can be exploited by malicious people to compromise a user's system.
31b1edf958cb1fdd3ecb267581b17155Secunia Security Advisory - A vulnerability has been reported in IBM Cognos Express, which can be exploited by malicious people to potentially compromise a vulnerable system.
067c7bcc1e1c0a098ad5c12d2e076c8bSecunia Security Advisory - Chokri B.A. has reported a vulnerability in GENU, which can be exploited by malicious people to conduct cross-site request forgery attacks.
b977fecf0d091f2864b010b186861eb7Secunia Security Advisory - Ubuntu has issued an update for quagga. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service).
3856b724224186b93afd8ae018a1f0f1Secunia Security Advisory - Debian has issued an update for gridengine. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges.
78bae4da48e007079862b235e2200554Secunia Security Advisory - Walied Assar has discovered a vulnerability in Resource Tuner, which can be exploited by malicious people to compromise a user's system.
b05ad9cfb8737f3c64285703958b5296Artiphp CMS version 5.5.0 suffers from a database backup disclosure vulnerability.
05194633dbe64cd33c6d2bc9a46c63acArtiphp CMS version 5.5.0 suffers from multiple POST cross site scripting vulnerabilities.
8418d0559d7c2fda632eee004ed490d7A review of the code in filter/source/msfilter msdffimp.cxx in OpenOffice.org versions 3.3 and 3.4 Beta revealed some unchecked memory allocations, which could be exploited via malformed Powerpoint graphics records ("escher") to cause bad_alloc exceptions. From this vulnerability a denial of service attack is possible.
f6d947efd4efd1f77c34bbe6c9eb9d3aDrupal Zen third party module version 6.x suffers from a cross site scripting vulnerability.
0e862634ab82d9ac29bc33de3d75665cSiliSoftware backupDB() version 1.2.7a suffers from a cross site scripting vulnerability.
fdd4f35a4a968373195090e4afe4af34
© 2016 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed