Red Hat Security Advisory 2012-1301-01 - JBoss Enterprise Data Services Platform extends JBoss Enterprise SOA Platform to provide services for data virtualization, federation, and integration. This roll up patch serves as a cumulative upgrade for JBoss Enterprise Data Services Platform 5.3.0. It includes various bug fixes. The following security issue is also fixed with this release: It was found that the Teiid JDBC socket did not encrypt client log in messages by default. A man-in-the-middle attacker could use this flaw to obtain log in credentials and other JDBC traffic.
5dd870baa184f115de899028fb6ec2a0Ubuntu Security Notice 1576-1 - Sebastian Krahmer discovered that DBus incorrectly handled environment variables when running with elevated privileges. A local attacker could possibly exploit this flaw with a setuid binary and gain root privileges.
cb86b09af16c3fba0f63cfb9e4776837Apache CXF is vulnerable to SOAP Action spoofing attacks on Document Literal web services.
8b4f9d357259473c95e4ce65ade826f4AShop version 5.3.4 suffers from a cross site scripting vulnerability.
5fb9a9edfb35052380bd77b8d6215539Sites designed by Tariq Rauf suffer from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
6a2d04e1dd4863c501e1e8cff174500dSites designed by NW7Design suffer from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
191299ad4d6d57569f13533211e00207Sites designed by Jessica Rhaye Design suffer from a cross site scripting vulnerability. Note that this finding houses site-specific data.
97051a474b8d074c84ddb99767779cf1Sites created by Rocket Web Consulting suffer from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
aba33201a3465cd1e23608fe98b235f0Manhali version 1.8 suffers from a local file inclusion vulnerability.
bda26c1892ad3e41ee3fe469d347da23Sites created by Olojin appear to suffer from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
52b1c9bc9a44cef10688478078d3cbc0Secunia Security Advisory - A vulnerability has been reported in Apache CXF, which can be exploited by malicious people to bypass certain security restrictions.
252ec31709211b8eff78087087855304Secunia Security Advisory - A vulnerability has been reported in the PRH Search module for Drupal, which can be exploited by malicious people to conduct script insertion attacks.
cc7a202f7f9071282190ecc386454778Sites designed by cgCraft LLC suffers from multiple remote SQL injection vulnerabilities. Note that this finding houses site-specific data.
1fdee860d763548634899ff147d98175Cisco Security Advisory - The Cisco AnyConnect Secure Mobility Client is affected by multiple vulnerabilities including code execution. Cisco has released free software updates that address these vulnerabilities. Workarounds that mitigate these vulnerabilities are available. Revision 2.0 of this advisory corrects an inadvertent omission in the original advisory, which failed to list that the fixes also address a vulnerability in Cisco Secure Desktop, described by CVE-2012-4655.
9e328cb53e5717f483862a1e9750b8ffThe administrative directory of Microcart version 1.0 suffers from a cross site scripting vulnerability.
50ea13302ced90d4959e0bf7d54843b0Drupal FileField Sources third party module versions 6.x and 7.x suffer from a cross site scripting vulnerability.
5dfd616ce6f309203bedc1288f92fff6This exploit leverages authentication bypass vulnerabilities in the Thomson wireless VoIP cable modem. It affects the TWG850-4 model.
f9e5802065dba5e524aacc6f3ab12c10Drupal Simplenews Scheduler third party module version 6.x suffers from an arbitrary PHP code execution vulnerability.
c575d7d0e28b42f2ab59a423481edc40ClubHACK Magazine Issue 32 - Topics covered include The Compliance Storm on the Horizon, Digital Signature in Mom's Guide, Cracking WPA/WPA2, and more.
4cd56c88c870ec02935d766b51628e04WordPress Wp-TopBar plugin version 4.02 suffers from cross site request forgery and cross site scripting vulnerabilities.
8711d5fee1ad2a15d09e443d1c9ccf98Drupal Imagemenu third party module version 6.x suffers from a cross site scripting vulnerability.
0daa4a926ea3f514b4536ba15840e06aMicrocart version 1.0 Checkout suffers from multiple cross site scripting vulnerabilities.
148e5a7af66b955b6628ca08a2f63db4WordPress MF Gig Calendar plugin version 0.9.2 suffers from a cross site scripting vulnerability.
c5758507555dea12ca344ff7c343c14dThis was submitted anonymously as a Palestine wordlist for cracking purposes. It has proper names of middle eastern figures, cities, and more.
4009c342a642d5ce77e4721152b66e08Joomla version 2.5.6 suffers from multiple cross site scripting vulnerabilities.
6777c9048e3a3f3d4f17cfc9ef2e8606
© 2018 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed