Ad Manager Pro version 4 suffers from a local file inclusion vulnerability.
e3132a129e14dfce6cc2c611ec903aa79fc4e37033ab283a599a78581d7a08deLetoDMS version 3.3.6 suffers from cross site request forgery and cross site scripting vulnerabilities.
cc686fb290023aab67729a888697ad6f9f571447f91ee8c435efc2afc092c18cSnagit version 11.0.1 build 93 suffers from a DLL hijacking vulnerability.
16b09cd499bd9fd97ead91bc50d2c3d9bf3d58a8fa4b5def003e90ab02cdfc7eAdobe Pixel Bender Toolkit2 version 11.0.422584 suffers from a DLL hijacking vulnerability.
12daacd8112519e870d3653d89f3be93620660d3bc4db6904ec7e996c5a5d6aeFoxit Reader version 5.3.1.0606 suffers from a DLL hijacking vulnerability.
c85b0765d2b2902e1401814916c29896723fc5742cd70eacb7c4bf0d88c582e0Secunia Security Advisory - Gjoko Krstic has discovered a vulnerability in Monstra CMS, which can be exploited by malicious users to conduct script insertion attacks.
8c99ca9cb5e2f646d98df968102fe0021af71b072c8b0106eb080d5dacb3dce3Secunia Security Advisory - Gjoko Krstic has discovered a vulnerability in SiNG CMS, which can be exploited by malicious people to conduct cross-site scripting attacks.
f9913dc1090ac164558aea9b01931d3af66d72e73673709bd255af0eb8e302ccSecunia Security Advisory - Debian has issued an update for libapache2-mod-rpaf. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) in an application using the module.
377baa3eb315086675a963b7f17769d21153011fc6150dba2415ff7722016f34Secunia Security Advisory - Some vulnerabilities have been reported in Ipswitch WhatsUp Gold, which can be exploited by malicious people to conduct SQL injection attacks.
03e350efe31e3ba5362f5b9f538d24925893ded5aea50f3a755eac5017e6143aSecunia Security Advisory - A vulnerability has been reported in VamCart, which can be exploited by malicious people to conduct cross-site request forgery attacks.
0d08790563db0d40bc8473c4aea9beccf9e86ba2dd89ceebbae906bcf3c21967Secunia Security Advisory - A vulnerability has been reported in Mesa, which can be exploited by malicious people to compromise an application using the library.
7c914038782e8c2dde99d8b16d0c81e2701875f0d3dc227fd57db67c5ffe56a5Secunia Security Advisory - A vulnerability has been reported in HP LoadRunner, which can be exploited by malicious people to compromise a vulnerable system.
e8236cca198030dba56b53cdb0ba1ec6fc0eeb9990dea761f2fc6db5a97ee256Secunia Security Advisory - SUSE has issued an update for SUSE Manager. This fixes multiple vulnerabilities, which can be exploited by malicious users to manipulate certain data, conduct SQL injection attacks, cause a DoS (Denial of Service), and compromise a vulnerable system and by malicious people to conduct HTTP response splitting attacks and compromise a vulnerable system.
83820c98867e932b06029cacc62ed9fe88505fe4beede6424f3d4fab74ac1d14Secunia Security Advisory - Ubuntu has issued an update for imagemagick. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
ed36af2c9df62936b48b18942f2d3475271542d96290144465c30f130a71683fSecunia Security Advisory - A vulnerability has been reported in HP StorageWorks P4000 Virtual SAN Appliance Software, which can be exploited by malicious people to compromise a vulnerable system.
0f3495f54cf3bac0dff3472b1c86daf10dc107bd9af40f5f446bc0b5b23b60d5Secunia Security Advisory - coolkaveh has discovered a vulnerability in Foxit Reader, which can be exploited by malicious people to compromise a user's system.
0cea057569f3290ec4b28dad1064d6c58311465956eed7d9a41dfb363a554c37Secunia Security Advisory - A vulnerability has been discovered in OpenDocMan, which can be exploited by malicious people to conduct cross-site request forgery attacks.
95845483a9d46c2f6b3db7da052bc814fa34ded47607ad33d825435b1da0e9f0Secunia Security Advisory - Two vulnerabilities have been reported in HP Intelligent Management Center, which can be exploited by malicious people to compromise a vulnerable system.
fcc10f7d81da423cded34341268f36e47ae9bc2b5f4b9ad8def098974f1b2807Zero Day Initiative Advisory 12-166 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP LeftHand Virtual SAN Appliance. Authentication is not required to exploit this vulnerability. The flaw exists within the hydra component which listens by default on 13841/tcp. The hydra daemon is responsible for management remote operations such as user creation, snapshots, etc. Insufficient authentication is performed prior to performing administrative level tasks. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the process.
ebd8aaa775cd9bb7488f743b842891dd03d78160d2b826c879bee4ac1a80836aThis Metasploit module exploits a command injection vulnerability found in E-Mail Security Virtual Appliance. This Metasploit module abuses the learn-msg.cgi file to execute arbitrary OS commands without authentication. This Metasploit module has been successfully tested on the ESVA_2057 appliance.
35a10b92773107d05af690f3a81504b9b0560cbd38a7ba0f7b3acd17dac63729This Metasploit module exploits a file upload vulnerability found in XODA 0.4.5. Attackers can abuse the "upload" command in order to upload a malicious PHP file without any authentication, which results in arbitrary code execution. The module has been tested successfully on XODA 0.4.5 and Ubuntu 10.04.
4946a84183062b1d9abffb6b439d5931f024409a5402b78aa7244159e2a59c5bZero Day Initiative Advisory 12-165 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Operations Agent for NonStop Server. User interaction is required to exploit this vulnerability in that the target must check the status of an existing node on the network. The specific flaw exists within ELinkService process which listens on TCP ports 7771 and 8976 by default. The process performs insufficient bounds checking on user-supplied data within in a HEALTH packet prior to copying it into a fixed-length buffer on the stack. Remote, unauthenticated attackers can exploit this vulnerability by sending malformed message packets to the target, which could ultimately lead to arbitrary code execution under the context of the SYSTEM user.
82992fd6b39a99d2005a2de029763ce391ec0ae965ed26d99e51f2baae93dbaaZero Day Initiative Advisory 12-164 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Intelligent Management Center. Authentication is not required to exploit this vulnerability. The specific flaw exists within the img.exe component, which listens by default on TCP port 8800. When handling message packets, the process performs arithmetic on an unvalidated user-supplied values used to determine the size of a new heap buffer, allowing a potential integer wrap to cause a heap buffer overflow. By sending a specially crafted packet, an attacker can leverage this vulnerability to execute code under the context of the user.
976d02d40ee3ff9f4206db1e3fb0504e426cfd3f216867ea30fd9f0d006e7bf9xt:Commerce VEYTON version 4.0.15 suffers from stored cross site scripting vulnerability.
08c8e8a11902fb9b872d82a1af2e69daab378a1dfcdd896ad76c304ecf53238eMonstra version 1.2.1 suffers from cross site scripting and html injection vulnerabilities.
a66092fdb607aa67e0feb81a2603defafc3a93caf5e02090e529ccb0f8f6b1ad
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed