Red Hat Security Advisory 2012-1301-01 - JBoss Enterprise Data Services Platform extends JBoss Enterprise SOA Platform to provide services for data virtualization, federation, and integration. This roll up patch serves as a cumulative upgrade for JBoss Enterprise Data Services Platform 5.3.0. It includes various bug fixes. The following security issue is also fixed with this release: It was found that the Teiid JDBC socket did not encrypt client log in messages by default. A man-in-the-middle attacker could use this flaw to obtain log in credentials and other JDBC traffic.
5dd870baa184f115de899028fb6ec2a0
Ubuntu Security Notice 1576-1 - Sebastian Krahmer discovered that DBus incorrectly handled environment variables when running with elevated privileges. A local attacker could possibly exploit this flaw with a setuid binary and gain root privileges.
cb86b09af16c3fba0f63cfb9e4776837
Apache CXF is vulnerable to SOAP Action spoofing attacks on Document Literal web services.
8b4f9d357259473c95e4ce65ade826f4
AShop version 5.3.4 suffers from a cross site scripting vulnerability.
5fb9a9edfb35052380bd77b8d6215539
Sites designed by Tariq Rauf suffer from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
6a2d04e1dd4863c501e1e8cff174500d
Sites designed by NW7Design suffer from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
191299ad4d6d57569f13533211e00207
Sites designed by Jessica Rhaye Design suffer from a cross site scripting vulnerability. Note that this finding houses site-specific data.
97051a474b8d074c84ddb99767779cf1
Sites created by Rocket Web Consulting suffer from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
aba33201a3465cd1e23608fe98b235f0
Manhali version 1.8 suffers from a local file inclusion vulnerability.
bda26c1892ad3e41ee3fe469d347da23
Sites created by Olojin appear to suffer from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
52b1c9bc9a44cef10688478078d3cbc0
Secunia Security Advisory - A vulnerability has been reported in Apache CXF, which can be exploited by malicious people to bypass certain security restrictions.
252ec31709211b8eff78087087855304
Secunia Security Advisory - A vulnerability has been reported in the PRH Search module for Drupal, which can be exploited by malicious people to conduct script insertion attacks.
cc7a202f7f9071282190ecc386454778
Sites designed by cgCraft LLC suffers from multiple remote SQL injection vulnerabilities. Note that this finding houses site-specific data.
1fdee860d763548634899ff147d98175
Cisco Security Advisory - The Cisco AnyConnect Secure Mobility Client is affected by multiple vulnerabilities including code execution. Cisco has released free software updates that address these vulnerabilities. Workarounds that mitigate these vulnerabilities are available. Revision 2.0 of this advisory corrects an inadvertent omission in the original advisory, which failed to list that the fixes also address a vulnerability in Cisco Secure Desktop, described by CVE-2012-4655.
9e328cb53e5717f483862a1e9750b8ff
The administrative directory of Microcart version 1.0 suffers from a cross site scripting vulnerability.
50ea13302ced90d4959e0bf7d54843b0
Drupal FileField Sources third party module versions 6.x and 7.x suffer from a cross site scripting vulnerability.
5dfd616ce6f309203bedc1288f92fff6
This exploit leverages authentication bypass vulnerabilities in the Thomson wireless VoIP cable modem. It affects the TWG850-4 model.
f9e5802065dba5e524aacc6f3ab12c10
Drupal Simplenews Scheduler third party module version 6.x suffers from an arbitrary PHP code execution vulnerability.
c575d7d0e28b42f2ab59a423481edc40
ClubHACK Magazine Issue 32 - Topics covered include The Compliance Storm on the Horizon, Digital Signature in Mom's Guide, Cracking WPA/WPA2, and more.
4cd56c88c870ec02935d766b51628e04
WordPress Wp-TopBar plugin version 4.02 suffers from cross site request forgery and cross site scripting vulnerabilities.
8711d5fee1ad2a15d09e443d1c9ccf98
Drupal Imagemenu third party module version 6.x suffers from a cross site scripting vulnerability.
0daa4a926ea3f514b4536ba15840e06a
Microcart version 1.0 Checkout suffers from multiple cross site scripting vulnerabilities.
148e5a7af66b955b6628ca08a2f63db4
WordPress MF Gig Calendar plugin version 0.9.2 suffers from a cross site scripting vulnerability.
c5758507555dea12ca344ff7c343c14d
This was submitted anonymously as a Palestine wordlist for cracking purposes. It has proper names of middle eastern figures, cities, and more.
4009c342a642d5ce77e4721152b66e08
Joomla version 2.5.6 suffers from multiple cross site scripting vulnerabilities.
6777c9048e3a3f3d4f17cfc9ef2e8606