phpBB Auction module version 1.2m suffers from a SQL injection vulnerability.
c795fedacb95b4e3a28134fb0a24bf694c85c044f4193534fbcc7182bdd94779PMsoftware miniature HTTP server remote stack overflow exploit.
9525ff54f4bce796e7a507b8bf3f2f24b8bf70434b720199a4b7d4e40cca4562Netmailshar 4.0 (Build 15) directory traversal and user enumeration exploit.
52cbfce163e380cfe2d16daca8dcc0d9d49a78abc847d7fed42838566979d9efPHPROJEKT 4.2 Chatroom is vulnerable to Cross-Site Scripting (XSS) attacks allowing a broadcast attack to users in the chatroom.
924c24da845df4c0ceb5a3948b17ff81ec7c79bb09b72fb4da784f4f20a07a14Coppermine Photo Gallery 1.3.2 suffers from multiple SQL injection vulnerabilities.
dffcd6ac14b44ebb73b028fa0dc6fb6228b85e86bf5a48cfe1e6b89d3ae54462A denial of service vulnerability exists that could allow an attacker to send a specially crafted Internet Control Message Protocol (ICMP) message to an affected system. An attacker who successfully exploited this vulnerability could cause the affected system to reset existing TCP connections, reduce the throughput in existing TCP connections, or consume large amounts of CPU and memory resources. This exploit affects various Cisco, AIX, and Windows versions.
c38bf63263b456c9b7c004c4c24fa3d01dfd91eac3ac084536fbdffe4d081a45DUportal 3.1.2 suffers from numerous SQL injection flaws.
8ff5cf542f2fde8de91d5e43f21fe46d56ea3cef30968cbfe7b65b49548c95a0DUportal Pro 3.4 suffers from numerous SQL injection flaws.
0ceb255a466ca99c8145750bf06caf07186f80f6b1af41055ddc26d93912196fBitchX local exploit that only works if it is setuid locally. Made for version BitchX-1.0c20cvs.
eeff5f898f93c27e4210e9dc3757a1670f06bc8cbe6499faeb33a3cf9cc43d53Local file disclosure flaw that affects both Firefox and IE6. Sample exploitation provided.
7a9d672c68d19b5548033ad4ebe63b121c36d3aebaed302b433c1118bf7650e2Gentoo Linux Security Advisory GLSA 200504-19 - Heap overflows have been found in the code handling RealMedia RTSP and Microsoft Media Services streams over TCP (MMST). Versions less than 1.0_pre6-r4 are affected.
9c210f39c70c4af2a86566d59cbc0461e1c2b3ad20eedb16521f65098d8bf10dRealNetworks RealPlayer, RealOne Player, and Helix Player all suffer from a remote heap overflow that allows for remote code execution.
f5dfc6020b55f720a8cbcc1e223a699e696def7db5ae15407dbb1fa62bf5b52fNeslo Desktop Rover suffers from a remote denial of service vulnerability.
a60e6aaf17789932c5057f3a7942283c9a1bb3e4836d0c355a8b98aa268c362aeGroupewar versions below 1.0.0.007 suffer from multiple cross site scripting and SQL injection vulnerabilities.
17b0c9fae94df3b9ba7e1a7b70639e656620493755d4ff5de56650d241cc96c8AZBB versions 1.0.07d and below suffer from arbitrary file deletion and enumeration flaws.
6306c8d12777015f47460895fa5507cfd12177435797106e750bf523bbff3697Whitepaper discussing how Linux 2.6.x vsyscalls may be used as powerful attack vectors.
b406a9c21a431bb2fc0c47ac6bb5111954aaf9f872651dfaa10e0e4884893849annuaire netref version 4.2 is susceptible to a remote command execution flaw.
e5bbb9d2b62449c51f0599f113e3cd34afe9beab0a052bd9eef867c2f7d76b01Ecommerce-Carts EcommPro versions 3 and below suffer from a SQL injection attack that allows for login bypass.
d11701c28fd50e9b869cfbe9e48729c69bbcbb9ce5292f2d6c775337082e0457Shoutbox SCRIPT versions 3.0.2 and below suffer from a remote retrieval flaw that allows for the grabbing of an administrator's MD5 hash and their username.
c842a3fc2bdd4a19441502e17c25a603e831b4a4310fbce61bf631805f0fd703UBB printthread.php is susceptible to a SQL injection attack.
926a7b3ef4e890765c8d552d4e159104eeefe7ca0c1cd19600d58bbcfcaaa017MS05-021 Exchange X-LINK2STATE exploit that makes use of a heap overflow in SvrAppendReceivedChunk function which is located in xlsasink.dll.
02975744297487606f18172eef11cfb3c711a1ccadc13c5fc69f15560aa634eeGreyMagic Security Advisory GM#015-IE - Windows Explorer fails to filter dangerous data in links used in the webview on Windows.
b0e0113b63d7852efda22daf6fc544646e9787e6e936b0d0a0ea9c9fbbfd7063Debian Security Advisory DSA 712-1 - Tim Dijkstra discovered a problem during the upgrade of geneweb, a genealogy software with web interface. The maintainer scripts automatically converted files without checking their permissions and content, which could lead to the modification of arbitrary files.
9a0eca1814872b0a7fcc4dbe92282fa4c5686c5a69ec0ae85a69f55eca060887apexec.pl suffers from a directory traversal flaw.
5b767ab2f10cf9dfd9b0e426317221a95c123387b2fcb54fe415e1ce4e2de5adGentoo Linux Security Advisory GLSA 200504-18 - New Mozilla Firefox and Mozilla Suite releases fix new security vulnerabilities, including memory disclosure and various ways of executing JavaScript code with elevated privileges. Versions less than 1.0.3 are affected.
3304fb9c0dd2ac34c28c8a52fa2aebb4d38b78bb11517ce76c83bb77926d2156
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed