Wizz Forum is susceptible to multiple SQL injection attacks. Exploit provided.
892dd79222d9cd846ba10ecb938506a65059ffc81e6c80a8a0a09134ee751b69Midicart is susceptible to a SQL injection attack in search_list.asp.
8283bf34eaa3cb519c16ce50c1dd3428e9119c6f871a60491507a21dc17a761dGAO Report - Federal Efforts to Improve Security and Reliability of Electronic Voting Systems Are Under Way, but Key Activities Need to Be Completed.
a43c4a0ab9f407a8ca42196df289cf0094dd757c4da3b6459b1c1290efe128171-2-All Broadcast email software is susceptible to SQL injection attacks.
31ca02b5f82ace90ba5a6bb890159183fd8c5afc0eae186ef195ca4ad2d61ed0phpWebThings version 1.4.4 is susceptible to SQL injection attacks in download.php.
acddaf6e32dab9902b44b291240cac0d2abd8c645b5d0d0d1ff513130abb2920Secunia Security Advisory - vade79 has reported a vulnerability in Lynx, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to unspecified configuration and input validation errors in the handling of certain URI handlers which execute local programs. This can be exploited to execute arbitrary commands via the lynxcgi, lynxexec, and lynxprog URI handlers. The vulnerability has been reported in version 2.8.5. Other versions may also be affected.
53fc76f9fd86f1808dcd3419082d7d602875e11a8a5bc9a58e4257f915884691Secunia Security Advisory - A vulnerability has been reported in Horde, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed certain unspecified parameters is not properly sanitised before being returned to the user in error messages. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability has been reported in versions prior to 2.2.9.
fabb4f3194302c541de81bba6933c668aec9d953712eb5273e588e42b397da39Secunia Security Advisory - Gentoo has issued an update for php. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks and bypass certain security restrictions. For more information: SA16971 SA17371
8e8ac3c37b723170e3047425d01e55ab2f2739a0e6c1c288f1a82071d7a79bb6Secunia Security Advisory - Aliet Santiesteban Sifontes has reported a vulnerability in Mailman, which potentially can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to Scrubber.py failing to handle the exception condition when Python fails to process an email file attachment that contains utf8 characters in its filename. This can potentially be exploited to cause the mailing list to stop working via a specially crafted email. The vulnerability has been reported in version 2.1.5. Other versions may also be affected.
a8bd20a61182b923ca51752cdd1bd614c100dadda4c7a735c1efc94921bbf691Secunia Security Advisory - Gentoo has issued an update for lynx. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system. For more information: SA17372
01f87276d9955f321cc7da31e772889dfe9a846a4121a4e8767190017c33ebf7Secunia Security Advisory - Gentoo has issued an update for rar. This fixes two vulnerabilities, which can be exploited by malicious people to compromise a user's system. For more information: SA16973
e58df71d7492577a6fe6ff13485eb4701cd3c5e77a64de72808eb4accc1f3573Secunia Security Advisory - Gentoo has issued an update for ftpd. This fixes a vulnerability, which can be exploited by malicious users to compromise a vulnerable system. For more information: SA17465
7a14eb2f5541bc3b5fc0c39410d3862bb9f22d437091955bb64d714f3ca7d300Secunia Security Advisory - r0t has reported a vulnerability in Peel, which can be exploited by malicious people to conduct SQL injection attacks. Input passed to the rubid parameter in index.php isn't properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability has been reported in versions 2.6 and 2.7. Other versions may also be affected.
cafd0bde1e49063cbadf6845b79ae226c4bd1c8e492211c79bbac04b07149a35Secunia Security Advisory - Robin Verton has discovered a vulnerability in various CodeGrrl products, which can be exploited by malicious people to compromise a vulnerable system. Input passed to the siteurl parameter in protection.php isn't properly verified, before it is used to include files. This can be exploited to include arbitrary files from external and local resources. Successful exploitation requires that register_globals is enabled. The vulnerability has been confirmed in PHPCalendar 1.0, PHPClique 1.0, PHPCurrently 2.0, PHPFanBase 2.1, and PHPQuotes 1.0. Other versions may also be affected.
65a7e3f63bc08b5c810e789e6ad17662249788d47ca83dbd5c890803e1f1029cSecunia Security Advisory - Mandriva has issued an update for lynx. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system. For more information: SA17372
62cb12d43383e2bf0255238e180f1b9536d2e22f775cd0bf61e8493c40321804Secunia Security Advisory - A vulnerability has been reported in various Cisco products, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to errors in the processing of IKEv1 Phase 1 protocol exchange messages. This can be exploited to cause a DoS. The vulnerability has been reported in the following products. * Cisco IOS versions based on 12.2SXD, 12.3T, 12.4 and 12.4T * Cisco PIX Firewall versions up to but not including 6.3(5) * Cisco PIX Firewall/ASA versions up to but not including 7.0.1.4 * Cisco Firewall Services Module (FWSM) versions up to but not including 2.3(3) * Cisco VPN 3000 Series Concentrators versions up to but not including 4.1(7)H and 4.7(2)B * Cisco MDS Series SanOS versions up to but not including 2.1(2) Note: For Cisco IOS, only images that contain the Crypto Feature Set are vulnerable.
ae9f1a36323689ac2e6e097e7e38f6e0c581a13a70ebfe959b2202d9b94d80fdSecunia Security Advisory - Red Hat has issued an update for lynx. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system. For more information: SA17372
2ac0f307e523c1f24f6d8e99db68c7b9762ed26723c074ee29f7dc23da690cc0Secunia Security Advisory - SUSE has issued updates for multiple packages. These fix various vulnerabilities, which can be exploited by malicious people to disclose system information, cause a DoS (Denial of Service) and potentially to compromise a vulnerable or a user's system. For more information: SA17436 SA17220 SA17184 SA17434 SA15746
f283b16a0365d82fcb03a88b77ffe924bf4a9dcf880c8b6aeaa926eeb84ea731Secunia Security Advisory - r0t has reported a vulnerability in iCMS, which can be exploited by malicious people to compromise a vulnerable system. Input passed to the page parameter in index.php isn't properly verified, before it is used to include files. This can be exploited to include arbitrary files from external and local resources.
633e51ca2882a4b17da3a0992e38ecbd869cb1c896a43272bc9f212594182314Secunia Security Advisory - StoneSoft has acknowledged a vulnerability in StoneGate Firewall and VPN, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA17553 The vulnerability has been reported in the following versions: * StoneGate Firewall and VPN engine versions 2.6.0 and prior. * StoneGate VPN Client versions 2.6.0 and prior.
56ad0b6ddfc808d9af695a28acec511fe3ea4cd9698b8e330a70d2d77193f5f9Secunia Security Advisory - Secgo has acknowledged a vulnerability in Secgo Crypto IP Gateway/Client, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially to compromise a vulnerable system. For more information: SA17553 The vulnerability has been reported in the following products: * Crypto IP gateway/client 2.3 (all 2.3 versions) * Crypto IP gateway/client 3.0.0 - 3.0.82 * Crypto IP client 3.1 (all 3.1 versions) * Crypto IP gateway/client 3.2.0 - 3.2.26 Older software versions Crypto IP 3.0.84 and 3.2.28 are not vulnerable.
5c6244572a3265f7b099869243a4d738937a016e9dbb49c69a62ec64c46277f2Secunia Security Advisory - A vulnerability has been reported in JUNOS and JUNOSe, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA17553 The vulnerability has been reported in all Juniper Networks M/T/J/E-series routers running JUNOS or JUNOSe.
7db6678f47edd881dc85eb1a61081f36b51d8d727c8e4c48a7dbda82eb258b72
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed