what you don't know can hurt you
Showing 1 - 25 of 26 RSS Feed

Files Date: 2012-10-03

XnView JLS File Decompression Heap Overflow
Posted Oct 3, 2012
Authored by Joseph Sheridan | Site reactionpenetrationtesting.co.uk

XnView versions 1.99 and 1.99.1 suffers from a heap-based buffer overflow vulnerability. Proof of concept JLS file included.

tags | exploit, overflow, proof of concept
systems | linux
advisories | CVE-2012-4988
MD5 | 5ccedbd692c6872fca8cb9bf45cb5f43
Template CMS 2.1.1 Cross Site Request Forgery / Cross Site Scripting
Posted Oct 3, 2012
Authored by High-Tech Bridge SA | Site htbridge.com

Template CMS version 2.1.1 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
advisories | CVE-2012-4901, CVE-2012-4902
MD5 | 3d27a0d0531f7467b60eb96ae349f45c
phpMyBitTorrent 2.04 SQL Injection / Local File Inclusion
Posted Oct 3, 2012
Authored by Janek Vind aka waraxe | Site waraxe.us

phpMyBitTorrent version 2.04 suffers from insecure cache handling, remote file disclosure, local file inclusion, and remote SQL injection vulnerabilities.

tags | exploit, remote, local, vulnerability, sql injection, file inclusion
MD5 | e645edbaa7854fb3332c60b8de127efa
Drupal Commerce Extra Panes 7.x Cross Site Request Forgery
Posted Oct 3, 2012
Authored by Ivo Van Geertruyen | Site drupal.org

Drupal Commerce Extra Panes third party module version 7.x suffers from a cross site request forgery vulnerability.

tags | advisory, csrf
MD5 | d0df0f4c153ede3094a967c061ba1f44
Drupal Twitter Pull 6.x / 7.x Cross Site Scripting
Posted Oct 3, 2012
Authored by Alex Pott, Sylvain Delbosc, Tom Phethean | Site drupal.org

Drupal Twitter Pull third party module versions 6.x and 7.x suffer from a cross site scripting vulnerability.

tags | advisory, xss
MD5 | c9758619b425ab514fefa9560ba69b8f
Mandriva Linux Security Advisory 2012-157
Posted Oct 3, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-157 - A heap-based buffer overflow was found in the way OpenJPEG, an open-source JPEG 2000 codec written in C language, performed parsing of JPEG2000 image files. A remote attacker could provide a specially crafted JPEG 2000 file, which when opened in an application linked against openjpeg would lead to that application crash, or, potentially arbitrary code execution with the privileges of the user running the application. The updated packages have been patched to correct this issue.

tags | advisory, remote, overflow, arbitrary, code execution
systems | linux, mandriva
advisories | CVE-2012-3535
MD5 | 26f43df20606616169bb5ac30ae14129
PHPTax 0.8 Remote Code Execution
Posted Oct 3, 2012
Authored by infodox, Jean Pascal Pereira

PHPTax versions 0.8 and below remote code execution exploit. Written in Python.

tags | exploit, remote, code execution, python
MD5 | ef993f95bb32cd7e28bf82f2c9213596
Novell Sentinel Log Manager 1.2.0.2 Bypass
Posted Oct 3, 2012
Authored by Piotr Chmylkowski

Novell Sentinel Log Manager versions 1.2.0.2 and below allow unauthenticated users the ability to configure data retention policies.

tags | exploit, bypass
MD5 | 94d9915c61b6fb5e00ded37b1e6361ca
NCMedia Sound Editor Pro 7.5.1 Buffer Overflow
Posted Oct 3, 2012
Authored by b33f

NCMedia Sound Editor Pro version 7.5.1 buffer overflow exploit with SEH and DEP.

tags | exploit, overflow
MD5 | 559148d69b97bf44b89fbd9bb9717a57
Omnistar Mailer 7.2 SQL Injection / Cross Site Scripting
Posted Oct 3, 2012
Authored by Ibrahim El-Sayed | Site vulnerability-lab.com

Omnistar Mailer version 7.2 suffers from remote SQL injection and cross site scripting vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | 8204139b449aac5527cfa3a50d3e393d
WordPress Spider 1.0.1 SQL Injection / XSS
Posted Oct 3, 2012
Authored by Daniel Barragan

WordPress Spider plugin version 1.0.1 suffers from cross site scripting, HTTP parameter pollution, and remote SQL injection vulnerabilities.

tags | exploit, remote, web, vulnerability, xss, sql injection
MD5 | 5c9a70cab08eea2316d87bbc500ca78c
23rdweb Studio SQL Injection
Posted Oct 3, 2012
Authored by Net.W0lf, Hack Center Security Team

23rdweb Studio suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.

tags | exploit, remote, sql injection
MD5 | 88b1dae1a3861c2422fd6dedc3b3b2c3
Secunia Security Advisory 50839
Posted Oct 3, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - catatonicprime has discovered a vulnerability in PowerTCP WebServer for ActiveX, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, activex
MD5 | fc54dffe6b30c3b84d8b5366f2536af1
Secunia Security Advisory 50864
Posted Oct 3, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in libxslt, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library.

tags | advisory, denial of service, vulnerability
MD5 | b20e506923340361e950d41969a23388
Secunia Security Advisory 50843
Posted Oct 3, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Wireshark, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.

tags | advisory, denial of service, vulnerability
MD5 | 2c43bc015dbbefaa8927567ff60e11a8
Secunia Security Advisory 50850
Posted Oct 3, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for python. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to disclose potentially sensitive information and by malicious people to conduct cross-site scripting attacks, disclose potentially sensitive information, and cause a DoS (Denial of Service).

tags | advisory, denial of service, local, vulnerability, xss, python
systems | linux, ubuntu
MD5 | 067f647a3d0cd7770096c9302b5c1bd0
Secunia Security Advisory 50845
Posted Oct 3, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Oracle has acknowledged a vulnerability in Perl included in Solaris, which can be exploited by malicious people to conduct HTTP response splitting attacks in an application using the library.

tags | advisory, web, perl
systems | solaris
MD5 | 65a044155307b1d81a914a5b1b8fda91
Secunia Security Advisory 50854
Posted Oct 3, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for xdiagnose. This fixes a security issue, which can be exploited by malicious, local users to perform certain actions with escalated privileges.

tags | advisory, local
systems | linux, ubuntu
MD5 | 5bdbd41b9bbba19a9f9f06a4a8ffbacf
Secunia Security Advisory 50851
Posted Oct 3, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for devscripts. This fixes some weaknesses, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system.

tags | advisory, denial of service, local
systems | linux, ubuntu
MD5 | 901a48163abedb2d63c4f439ea5ab251
Secunia Security Advisory 50860
Posted Oct 3, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for qemu. This fixes a vulnerability, which can be exploited by malicious, local users in a guest virtual machine to potentially gain escalated privileges.

tags | advisory, local
systems | linux, ubuntu
MD5 | 34392a5c92e0a5a44230487836f096b9
Secunia Security Advisory 50813
Posted Oct 3, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for freeradius2. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
systems | linux, redhat
MD5 | 8250d08b0980a7a904b37d493fec8d49
Secunia Security Advisory 50826
Posted Oct 3, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in ProjectPier, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
MD5 | b962d0e25dd6a89c953e38a338be4c15
Secunia Security Advisory 50595
Posted Oct 3, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Zhao Liang has discovered a vulnerability in TurboFTP Server, which can be exploited by malicious users to compromise a vulnerable system.

tags | advisory
MD5 | cfe6afddb6a6a964d4527bc2517c0e9f
Secunia Security Advisory 50811
Posted Oct 3, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for the kernel. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service), disclose potentially sensitive information, or to potentially gain escalated privileges.

tags | advisory, denial of service, kernel, local, vulnerability
systems | linux, redhat
MD5 | 6ea461bdb596fa3fb61858f74cb77b0c
Secunia Security Advisory 48430
Posted Oct 3, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Francis Provencher has discovered a vulnerability in CYME, which can be exploited by malicious people to compromise a user's system.

tags | advisory
MD5 | aa5417b7e7543ad040c31408977223ba
Page 1 of 2
Back12Next

File Archive:

September 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    1 Files
  • 2
    Sep 2nd
    38 Files
  • 3
    Sep 3rd
    30 Files
  • 4
    Sep 4th
    15 Files
  • 5
    Sep 5th
    12 Files
  • 6
    Sep 6th
    17 Files
  • 7
    Sep 7th
    3 Files
  • 8
    Sep 8th
    1 Files
  • 9
    Sep 9th
    24 Files
  • 10
    Sep 10th
    22 Files
  • 11
    Sep 11th
    22 Files
  • 12
    Sep 12th
    15 Files
  • 13
    Sep 13th
    5 Files
  • 14
    Sep 14th
    0 Files
  • 15
    Sep 15th
    0 Files
  • 16
    Sep 16th
    0 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close