what you don't know can hurt you

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 4 of 4

Files Date: 2013-07-20

Apache OFBiz Arbitrary UEL Function Execution

Posted Jul 20, 2013

Authored by Gregory Draperi | Site ofbiz.apache.org

Apache OFBiz versions 10.04.01 through 10.04.05, 11.04.01 thorough 11.04.02, and 12.04.01 suffer from a nest expression evaluation that allows remote users the ability to execute arbitrary UEL functions.

tags | advisory, remote, arbitrary

advisories | CVE-2013-2250

SHA-256 | a87988f73312e5bcabc2f319c28c75d1bd10eb46024a263f67c4d2162580e354

Download | Favorite | View

Apache OFBiz Cross Site Scripting

Posted Jul 20, 2013

Authored by Gregory Draperi | Site ofbiz.apache.org

Apache OFBiz versions 10.04.01 through 10.04.05, 11.04.01 thorough 11.04.02, and 12.04.01 suffer from a cross site scripting vulnerability.

tags | advisory, xss

advisories | CVE-2013-2137

SHA-256 | 26c1bb776a54ce85382e16dc08ca13d97a5a5b5d6f10425b3168cacf5d112692

Download | Favorite | View

Barracuda CudaTel 2.6.02.040 SQL Injection

Posted Jul 20, 2013

Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

Barracuda CudaTel version 2.6.02.040 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection

SHA-256 | f4960083a6184c632bdada74fff018ee80fc1a0d0750bea2a416036bd6567949

Download | Favorite | View

DAVOSET 1.1.1

Posted Jul 20, 2013

Authored by MustLive

DAVOSET is a tool for committing distributed denial of service attacks using execution on other sites.

Changes: Various updates.

tags | denial of service

SHA-256 | 87730ed90b89d93ac706e6dca7ffb508b64659fbefaf41acab470380cc9e5987

Download | Favorite | View