WordPress WooCommerce plugin version 2.0.17 suffers from a cross site scripting vulnerability.
ef69a02041ba8bc7a3d11e1ab65a78feVMware Security Advisory 2013-0012 - VMware has updated vCenter Server, vCenter Server Appliance (vCSA), vSphere Update Manager (VUM), ESXi and ESX to address multiple security vulnerabilities.
51c0ba1233c2abd35c5235d9c032e743Web-Spa is a Java web knocking tool for sending a single HTTP/S request to your web server in order to authorize the execution of a premeditated operating system (O/S) command on it.
a2bf3ee08a955e3c578e218f5a1f5034Debian Linux Security Advisory 2780-1 - This DSA updates the MySQL database to 5.1.72. This fixes multiple unspecified security problems in the Optimizer component.
02daed3807333eabe033f3d33038b231Mandriva Linux Security Advisory 2013-256 - Apache mod_fcgid before version 2.3.9 fails to perform adequate boundary checks on user-supplied input. This may allow a remote attacker to cause a heap-based buffer overflow, resulting in a denial of service or potentially allowing the execution of arbitrary code.
f3fcb34a28acf29468cfa0440ef186a6Mandriva Linux Security Advisory 2013-255 - A security flaw was found in the way Clutter, an open source software library for creating rich graphical user interfaces, used to manage translation of hierarchy events in certain circumstances. Physically proximate attackers could use this flaw for example to obtain unauthorized access to gnome-shell session right after system resume.
59185307643f0f5885125255ba9eb797Mandriva Linux Security Advisory 2013-254 - Remotely exploitable buffer overflow in ospf_api.c and ospfclient.c when processing LSA messages in quagga before 0.99.22.2. Note: We have worked around this vulnerability by disabling the ospf_api and ospfclient features, which did not provide useful functionality.
0bc06d10d58d6d1628744d4afa4e55efMandriva Linux Security Advisory 2013-252 - A non-privileged user who was able to run jobs or login to a node which ran pbs_server or pbs_mom, could submit arbitrary jobs to a pbs_mom daemon to queue and run the job, which would run as root.
a56556c7c90b725b4ea6c00b201225eeMandriva Linux Security Advisory 2013-251 - A buffer overflow vulnerability has been discovered in Aircrack-ng. A remote attacker could entice a user to open a specially crafted dump file using Aircrack-ng, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition.
6ecce3ef269061bb9d3e6e7fe8034a90Mandriva Linux Security Advisory 2013-253 - Two heap-based buffer overflow flaws were found in the way libtar handled certain archives. If a user were tricked into expanding a specially-crafted archive, it could cause the libtar executable or an application using libtar to crash or, potentially, execute arbitrary code.
aefeecd1461c353a5155c7f124777a67Bugzilla Security Advisory - Multiple cross site scripting and cross site request forgery vulnerabilities have been discovered and addressed in various versions of Bugzilla.
bb3dbfca22221f11ac76979755c3e0f9Elite Graphix ElitCMS versions 1.01 and PRO suffer from cross site scripting and remote SQL injection vulnerabilities.
5e7e16f8a14624da000f3dc473762f9aBluetooth U version 1.2.0 suffers from a directory traversal vulnerability.
b9f478a15c2bec417bf76d2299464098This Metasploit module exploits a command execution vulnerability in WebTester version 5.x. The 'install2.php' file allows unauthenticated users to execute arbitrary commands in the 'cpusername', 'cppassword' and 'cpdomain' parameters.
5346027be18c609408f729a1a14f0e25LinkedIn suffered from a cross site request forgery vulnerability in the Join Group functionality.
e0a75d4e00fbc57584483b2ed19c0887Zikula CMS version 1.3.5 suffers from multiple cross site scripting vulnerabilities.
99b69ef2c64cc8a7cca5e67cc95ff609hwk is an easy-to-use wireless authentication and de-authentication tool. Furthermore, it also supports probe response fuzzing, beacon injection flooding, antenna alignment and various injection testing modes. Information gathering is selected by default and shows the incoming traffic indicating the packet types.
e6966ea245e44d2ba33e57da24e1c00cApache has announced the release of the Struts 2.3.15.3 framework which addresses multiple security issues including a broken access control.
149e0dc307b59f5d4555fb2a5efcd54eAdaudit Plus Online Demo suffers from multiple vulnerabilities including cross site request forgery, directory listing, and passwords being passed via a GET method.
cc4e518fbabe9f32665fb04b3c60e57fAdmanager Plus Online Demo suffers from cross site request forgery, directory listing, clickjacking, and cross site scripting vulnerabilities.
10a0e1da9187b18dd7f141c7e284365cQuick Paypal Payments, the plugin from quick-plugins.com, suffers from a persistent cross site scripting vulnerability.
45a892c6ff55acd5d90d805df8701518PHP Point Of Sale versions 10.x, 11.x, and 12.x remote code execution exploit.
189b59c7369ae4ec1267ad45aac0319bDrupal Simplenews third party module versions 6.x and 7.x suffer from a cross site scripting vulnerability.
af71e7cd7a0b0a6698d1ea8fda318417AIEngine is a packet inspection engine with capabilities of learning without any human intervention. It helps network/security professionals to identify traffic and develop signatures for use them on NIDS, Firewalls, Traffic classifiers and so on.
e1d4522e3f70b4cf9f842171fb455193HP Security Bulletin HPSBPV02918 2 - Potential security vulnerabilities have been identified with HP ProCurve Manager (PCM), HP PCM+ and HP Identity Driven Manager (IDM). These vulnerabilities could be exploited remotely to allow SQL injection, remote code execution and session reuse. Revision 2 of this advisory.
69eea8c03b85cb71b78f204d9f8ca9b4
© 2020 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed