Geeklog version 2.1.0 suffers from a remote command injection vulnerability.
dd75a19a45dac7527b505e0e2c726ab4phpwcms version 1.7.9 suffers from a code execution vulnerability.
16e3ec2f77b7077b3cc2a5896ccf765cCodoForum version 3.4 suffers from a cross site scripting vulnerability.
c343f7f42ac3486d45531eb4339528a1Geeklog version 2.1.0 remote command injection exploit.
aa3542990be0b9459d27525a7881aacb4images version 1.7.11 suffers from a code execution vulnerability.
77b34a4b06a756e3a6e7dd945ec7ce244images version 1.7.11 code execution proof of concept exploit.
98fa895aa5ef0365e30cd5dfc2e356ebphpwcms version 1.7.9 suffers from cross site request forgery vulnerabilities.
348abcb796f5b5e0a0d1354c79b256bf4images version 1.7.11 suffers from a path traversal vulnerability.
630af1593604a75aef660335ff8a5d56Cacti versions 0.8.8f and below suffer from a remote SQL injection vulnerability.
da58d64925e42ef8d1daf114845be6c4Geeklog version 2.1.0 suffers from a cross site scripting vulnerability.
d30c61682f26fcb171ae37a62e67da834images version 1.7.11 suffers from a remote SQL injection vulnerability.
09074a1ffdb1db70a06e82f4cd73c6b64images version 1.7.12 suffers from a cross site scripting vulnerability.
7a720950e91c3779d59bc214a87fffdbCore Security Technologies Advisory - The 'application' tag in Microsoft Windows Media Center link files (.mcl extension) can include a 'run' parameter, which indicates the path of a file to be launched when opening the MCL file, or a 'url' parameter, which indicates the URL of a web page to be loaded within the Media Center's embedded web browser. A specially crafted MCL file having said 'url' parameter pointing to the MCL file itself can trick Windows Media Center into rendering the very same MCL file as a local HTML file within the Media Center's embedded web browser.
74ea83d965e529488bfa6515c1580c14Red Hat Security Advisory 2015-2589-01 - The glibc packages provide the standard C libraries, POSIX thread libraries, standard math libraries, and the Name Server Caching Daemon used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. It was discovered that the nss_files backend for the Name Service Switch in glibc would return incorrect data to applications or corrupt the heap. A local attacker could potentially use this flaw to execute arbitrary code on the system. It was discovered that, under certain circumstances, glibc's getaddrinfo() function would send DNS queries to random file descriptors. An attacker could potentially use this flaw to send DNS queries to unintended recipients, resulting in information disclosure or data loss due to the application encountering corrupted data.
19cba1476d7eb01430fcb1c63abd9f4dRed Hat Security Advisory 2015-2587-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way the Linux kernel's file system implementation handled rename operations in which the source was inside and the destination was outside of a bind mount. A privileged user inside a container could use this flaw to escape the bind mount and, potentially, escalate their privileges on the system. It was found that the x86 ISA is prone to a denial of service attack inside a virtualized environment in the form of an infinite loop in the microcode due to the way delivering of benign exceptions such as #AC is handled. A privileged user inside a guest could use this flaw to create denial of service conditions on the host kernel.
1cee6dd6b1125ce72c0f2594112b8390LG Nortel ADSL modems with software version 3.04L.02V.sip._LE9500.dspApp3341A2pB022f.d19e suffer from authorization flaws, information disclosure, insecure configuration, and denial of service vulnerabilities.
9d94b25d1899520ad9665450381beb67
© 2016 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed