Proof of concept crash exploit for Safari on iOS that leverage a denial of service vulnerability.
b7aed7d45d2d8c141f4d038fb1e6bb148bd5d8c687b4740e140f2b04997e86d9Apache CXF does not verify that elements were signed or encrypted by a particular Supporting Token. This affects all released versions as of 06/08/2012.
c9c7fa7be43cf530477727dcae683b3b6071776b83dccb3e1ab0dc315ec3a472Apache CXF does not pick up some child policies of WS-SecurityPolicy 1.1 SupportingToken policy assertions on the client side. Apache CXF versions 2.4.5 through 2.4.7, 2.5.1 through 2.5.3, and 2.6.0 are affected.
9192946a363a63b454cdbfe47e3d089546ef6e6058eec8ac012d7080b7e47be8WordPress Front File Manager plugin version 0.1 suffers from a remote shell upload vulnerability.
25ed8e8b43835ced0555faedf7e4cdf42064f48711671212c46a0e026accc68fRIPS Scanner version 0.10 suffers from a remote file disclosure vulnerability.
a31a288429214fe9ebd246db2b1d9ce10fb74e38b5f385c987fc71f4da55ddedWordPress WP Easy Gallery plugin version 1.8 suffers from a remote shell upload vulnerability.
8708a0229d8e3a219d0453c71acd6c833c8bd82aad0dd4b8bc7581d531a0648cComSndFTP server version 1.3.7 Beta suffers from a format string denial of service vulnerability.
3dd29f6ba19c152cfdc941d25317dd129231fd8200a350bc6ba8338881502fa1Webspell FIRSTBORN Movie-Addon suffers from a remote blind SQL injection vulnerability.
d9e82b58d312f2415f6308b598bd904aa390f1d6d9e109699cf706f82bcfdb16vBulletin version 4.1.12 suffers from a MySQL information disclosure vulnerability.
7179a11916ac4740505cb246fc17137a5f1743347b7f111d00161bdb3083a05evBulletin version 4.1.12 suffers from a path disclosure vulnerability.
4342f777da9340e5145b9d82eb7888da7bbdec098172cfefa894b1410c414f9cWordPress wpStoreCart plugin versions 2.5.27 through 2.5.29 suffer from a remote shell upload vulnerability.
2879124f9e34b74a175df0aba3fe9bd4adeece2c2ded06294e0f3929f28853deWordPress Tinymce Thumbnail Gallery version 1.0.7 suffers from a remote file disclosure vulnerability.
f5e86fd51323af8040fcc35b62397d06624f004674602c26375f6cf0c584342bWordPress Thinkun Remind plugin version 1.1.3 suffers from a remote file disclosure vulnerability.
dc78d73b9fec5e126b95d77c6366f3aff416631c95901502bc5bcfece07cb249WordPress Simple Download Button Shortcode plugin version 1.0 suffers from a remote file disclosure vulnerability.
e4ea7bd25d10fdaf89c8e656cdfa5028c177aa91fd04a159e38b67fb23e04e98WordPress RBX Gallery plugin version 2.1 suffers from a remote shell upload vulnerability.
287b15a719958c8176a8962f821dd7400e22e7113b68033f37ddea0d68915157WordPress Newsletter plugin version 1.5 suffers from a remote file disclosure vulnerability.
09d7fab221f00944084c7fb1e89aef576fcffdfc40e8d842eea78f20e97f72cdCMS Wizard suffers from a remote SQL injection vulnerability.
52ed2fed6ce6b85786204c6fe3cef0f6ccfc46db20c8d2c40ab56d6bab8fba04WordPress Omni Secure Files plugin version 0.1.13 suffers from a remote shell upload vulnerability.
870655a0d4a76934c83f0c91fb1e0aab40e835fa9412dedeee75bc71821431e6WordPress Front End Upload plugin version 0.5.3 suffers from a remote shell upload vulnerability.
1aff8c8039a09929c3c1d5e827f3e25c269a49a9bb63ea872167497884ad7da3CiativaWeb suffers from a remote SQL injection vulnerability.
005aadf34edb6627e81b00cdf4a7dda90f10f10ef60a89ec43201b1e1fe83fcfSecunia Research has discovered two vulnerabilities in Network Instruments Observer, which can be exploited by malicious people to compromise a vulnerable system. A boundary error in the "CSnmp::DecodePacket()" method (NISNMP.DLL) when processing the community string can be exploited to cause a heap-based buffer overflow via a specially crafted SNMP datagram. An error in the "CSnmp::DecodePacket()" method (NISNMP.DLL) when processing an Object Identifier (OID) can be exploited to cause a heap-based buffer overflow via a specially crafted Trap PDU (0xA4) SNMP datagram sent to UDP port 162. Successful exploitation of the vulnerabilities allows execution of arbitrary code, but may require the attacker to enumerate or guess the SNMP port. Observer version 15.1 Build 0007.0000 is affected.
47406405f7fbbaf3904168e2444043931477814738fb138699f2f1cd927dab1dPHPNet versions 1.8 and below suffer from a remote SQL injection vulnerability in ler.php.
3b8d289681cbe40445b5a1f14631ea0e13b6be7bcf6259ab5074c75b58a6d152Secunia Research has discovered a vulnerability in Network Instruments Observer, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error in the "CSnmp::ASN1_ReadObjIDValue()" method (NISNMP.DLL) when processing an Object Identifier (OID) within a variable binding list. This can be exploited to cause a limited stack-based buffer overflow and cause a crash only via e.g. a specially crafted SetRequest SNMP datagram. Observer version 15.1 Build 0007.0000 is affected.
4b19996f632b90588e6f9fdda2fe95919af4b0bd7fa7dcf8b09165f3ad0b36c0WordPress Picturesurf Gallery plugin version 1.2 suffers from a remote shell upload vulnerability.
6e05d0d9a6fcd4eacb2522707f216641b70eeae29ca25fed8fe0d6d5f067f839WordPress PICA Photo Gallery plugin version 1.0 suffers from a remote file disclosure vulnerability.
ca9dd440e85c6f330d7e19bb85155495d7d6cb8e64317a02d87ba7ae8c134190
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Subscribe to an RSS Feed