Cpanel version 9.1.0-STABLE 93 is susceptible to cross site scripting attacks.
20c3bdf8e4b2a726db63def0c72d5806799896bda6eb6b6f619e27b3a22a4d22
GreyMagic Security Advisory GM#005-MC - Both Yahoo and Hotmail are susceptible to cross site scripting attacks.
e4ee9aa186ad94384d63d64398e181264a2f7be0a28d2b43868db54160ea73cf
Ipswitch WS_FTP server version 4.0.2.EVAL has a flaw that allows a remote attacker that ability to read any memory address. With the right address, the user can cause a buffer overflow and execute arbitrary code as SYSTEM.
3cb9ce74977358040d15ba38c7f849fd531dd829829d647e0922398a87feb947
Ipswitch WS_FTP server version 4.0.2.EVAL allows for a local attacker with program execution privileges to run anything with SYSTEM privileges. Full step-by-step exploitation given.
09db33767583c0197cf2fc533a27f68d312a5b5a994ac463fa779980c06c0d47
Ipswitch WS_FTP server version 4.0.2.EVAL allows a remote attacker to fill up the hard disk of the server via the REST command, resulting in a denial of service.
77b6d6329d32b02f40d9fcdb072ee8f5b668c3da6d3aec7a892a5c89f8a6b227
Remote exploit for Ipswitch WS_FTP server version 4.0.2.EVAL that makes use of a buffer overflow in the STAT command.
e993fa25947b8629ad5a12de268189a00ea40196ac545b8061e970e085a73b11
Ipswitch WS_FTP server version 4.0.2.EVAL allows for a remote user with write access to a directory the ability to execute arbitrary code due to a buffer overflow in WS_FTP Server's STAT command when downloading a file the user created.
b865a821c9ab141926df964d0139b73948e886598becc6fb68a6d21a43c17b94
News Manager Lite 2.5 and News Manager Lite administration suffer from cross site scripting, SQL injection, and cookie hijacking vulnerabilities.
c6b957877bb54eb34a118dda9d6a1ea76f8fd56c3ed84f5494f8e2553fe802e9
Input validation holes in Member Management System version 2.1 allow for SQL injection and cross site scripting attacks.
8843ba631656a0d022b943d1f9ed88a01141aac6cffc9a70563c08e061916c03
PHP-Nuke versions 6.x through 7.1.0 allow for link inclusions that can force an administrator to unknowingly add a superuser.
31cc6559f4c7a91a97c76521c220fd991009d04a5c2dbeddbe787fadbdf0b497
MS Analysis module version 2.0 for PHP-Nuke has full path disclosure, cross site scripting, and SQL injection vulnerabilities.
c0010912fa273ff4a30d55b15d18fc5fd19b2b54ca1007ad349039d5a371a812
xweb version 1.0 is susceptible to a directory traversal attack that allows viewing of files outside of the web root.
60b21d81251bb77af83e0f1e4ca6d1adf6571fe672b763de3f470ec726a71428
The mod_survey module versions 3.0.16-pre1 and below for Apache are susceptible to a script injection attack.
18880aeaa0e51e9fe61f172cb98d6871fcde873b32f602869732da1c35fa91e9
Invision Power Top Site List versions 1.1 and below are susceptible to a SQL injection attack.
9c7ea4878e7254176e4bcaac6f32a59ebf68c04e43e0a4b49b0efe9f6594621c
Invision Gallery version 1.0.1 fails to properly validate user supplied input allowing for various SQL injection attacks.
8406dd6fdc8e09171b80e6595a6cdc39e2810302ba082391f91b9ca2d80ba0a7
KisMAC is a stumbler application for Mac OS X that puts your card into monitor mode. Unlike most other applications for OS X, it is completely invisible and sends no probe requests.
0af226cedcb727ff3b4082d3963b92f690f0a2797c3889560525a80b84ad95bb
This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.
4304eebd70fb7e8a565fc8bb32930abb0682b274db9fca4b50f47677bf9966b6
Motiontrack is a set of tools that detects motion between two images. It is able to successfully distinguish random flicker from real object movement by applying a set of filters to the images, and can optionally ignore given colors and/or image regions. The roadmap provides for being able to identify objects by pattern detection and AI routines. Currently, this tool is able to turn line-art images into ASCII-art text as a demo feature.
796fb4c8c37c60240344f37468a047c57c32196f1c8416159e3977c0a404b5d3
phpBB versions 2.0.7a and below are susceptible to cross site scripting, SQL injection, and remote command execution attacks.
815693b4ce058c8188efae85234c700b507656011ddae5cb4beb547eb9a22005
phpBB 2.0.6d suffers from a cross site scripting vulnerability.
1253cde0d7b076a44a8d71949704b1821424924eea3d66f2ceef5e96497afdd7
xine-bugreport suffers from insecure file creation in /tmp that can lead to a symlink attack.
4fcbc54a6a9efec0d6e0816d90e344ec790ee578689ee2db652db4331f3b7d11
mod_disk_cache, for versions of Apache 2.0.49 and below, stores all client authentication credentials for cached objects on disk. This means proxy authentication credentials and possibly in certain RFC2616 defined cases, standard authentication credentials.
33e8126715a7862594819b683f4ef3dee79a08ceed7484268d1fde2303ba2210
Endeavour Mark II AntiVirus Scanner is an anti-virus scanner for Endeavour Mark II that uses the ClamAV library (libclamav). It allows you to create a list of scan items for frequently scanned locations and features easy virus database updating, all in a simple GUI environment.
dc9f097b7b33ffc6123308c5caffc0e5b20f5916dca866f2c6c47878f6d3cd69
fwanalog is a shell script that parses and summarizes firewall logfiles. It understands logs from ipf (xBSD, Solaris), OpenBSD 3.x pf, Linux 2.2 ipchains, Linux 2.4 iptables, and a few types of routers and firewalls (Cisco, Checkpoint FW-1, and Watchguard). The excellent log analysis program Analog is used to create the reports.
8ddc4c7ec16e59a27691e25fdd1f266838230ee08c3495fa289db0e7fc008e13
Apache 2.0.49 has been released to address three security vulnerabilities. A race condition that allows for a denial of service attack, a condition that allow arbitrary strings to get written to the error log, and a memory leak in mod_ssl have all been addressed.
666378a2dac755746ebe339e702406b4148bfa0f7e45b8cfb45a932c59ff3931