Publish-It is prone to a (client side) security vulnerability when processing .PUI files. This vulnerability could be exploited by a remote attacker to execute arbitrary code on the target machine, by enticing the user of Publish-It to open a specially crafted .PUI file. Version 3.6d is affected.
4f00b02a79e23f09d447c39b8a1b5c407205e7628691b494b32c0036916b057dDrupal Services third party module version 7.x suffers from an access bypass vulnerability.
4fb10e61a2d487a3573e3b6b42b5848a9bd8f799a3e443482e02b6ec522f95e4Gentoo Linux Security Advisory 201402-7 - A vulnerability in Freeciv may allow a remote attacker to execute arbitrary code. Versions less than 2.2.1 are affected.
deb446e7df508f0088a1b6546d796ef9ec44ab24fa5ac603705d4d7e43ac9102Gentoo Linux Security Advisory 201402-6 - Multiple vulnerabilities have been found in Adobe Flash Player, the worst of which could result in execution of arbitrary code. Versions less than 11.2.202.336 are affected.
1857ba9319d23c219f2f844dd8bd46236f81d1d7172b1abc562681cf00028b10Debian Linux Security Advisory 2853-1 - Pedro Ribeiro from Agile Information Security found a possible remote code execution on Horde3, a web application framework. Unsanitized variables are passed to the unserialize() PHP function. A remote attacker could specially-crafted one of those variables allowing her to load and execute code.
0d04b90771e0f3ac7ebe670486cf9a41d92e4aee95c54d516f3e78cb2a963e1dPHP Webcam Video Conference suffers from cross site scripting and local file inclusion vulnerabilities.
6dbb4690a7866582b4dbf14d142b8f50d616645e0ddc295e1cf9e240e573cee1ownCloud version 6.0.0a suffers from file deletion, cross site request forgery, and cross site scripting vulnerabilities. It has also been reported that the same cross site scripting issue also affects Pydio version 5.20.
0fb9c931db1a45e7410c265273eefb3fe38de107452c5df50cfa8b1d1f8f8615AuraCMS version 2.3 suffers from a remote SQL injection vulnerability.
4e166ce3a14e946f7ee3b42af71bab9d187e588ff420f5131e6f16df03747258This is a whitepaper discussing the discovery of RPC vulnerabilities. Written in Turkish.
513fdf6e6be7dba449a50a572bb38d5581417c51cdf7bbfefd1d2f33568e1df0File Explorer (FX) for Android suffers from a path traversal vulnerability. version 2.3.0.10 is affected.
75beb06492c1bfac918f41afcd575cbf682aab74a42496ff864096601db8e3daDigital Whisper Electronic Magazine issue 49. Written in Hebrew.
1b26f6305d35a5e2ae7952c3fac5767a5c40bfdfdeeacc3fcc076f47d04c0c64doorGets CMS version 5.2 suffers from a remote SQL injection vulnerability.
579d78f78ded641a6672902cced917a242ce59baf8bd26abab4b04fe053a7173WAF-FLE is a console for ModSecurity. It allows modsec administrators to view and search events logged by mlogc or mlog2waffle. The dashboard shows a graphical view of events, and when combined with the powerful drill-down filter allows quick searching for relevant events. Events can be viewed in detail, whether sent by one or many sensors.
53f72777b31a175c81581ddf757c270a2c63f76854484c5076d1ade7558718f0Singapore versions 0.9.9b and 0.9.10 suffer from a cross site scripting vulnerability. Note that this finding houses site-specific data.
14c1ea7dea2d02e9bfe1aa3f308f17e0e46fd359601b48cca7289d3d9bc0c1a2Singapore versions 0.9.9b and 0.9.10 suffer from a remote file inclusion vulnerability. Note that this finding houses site-specific data.
1228b3b3edf0aee95ae5fb8d451f137c41f0c673288037f2f34ca4fdb4304914VLC Media Player version 2.1.2 denial of service proof of concept integer division by zero exploit.
e8080f60a26416fb2e3fb8b700578598d70d8d39ad0a3beed77c793a95aaa73cPlogger version 1.0 RC1 suffers from cross site request forgery and cross site scripting vulnerabilities.
a49eead59fd5705116cc4d80c09aee540f3a2f568159cf534b30887330db8dfaWhitepaper that discusses viruses that make use of COM interfaces to implement their functionality and how to reverse the binaries.
6bd84f361d4b7a3a4d92217238917f08e6f6a2c74e8d9597f60630d686bbaf8ciNET Business Hub suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
25209707f9ad4f0be972a7364bb0b33452e8dc208447254b5f94bb048379e372
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed