Secunia Security Advisory - FarhadKey has discovered a vulnerability in EasyMoblog, which can be exploited by malicious people to conduct cross-site scripting attacks.
63c5516c6dd8ad79f0ed240ba737d4e7380feb7e73419979b09d66636420dddbSecunia Security Advisory - Trustix has issued an update for curl. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a user's system.
d6c18d5e71c446eb0b06fb1e1d49703e325fe6b04a1c7fb3dabb2b2ea08c632fSecunia Security Advisory - A vulnerability has been reported in HP-UX, which can be exploited by malicious people to cause a DoS (Denial of Service).
c517fa4cc1c4e8e4ebecaf7dce20bce8e4f0c1470d966b6f2217cba30284f939Secunia Security Advisory - Debian has issued an update for kernel-source-2.6.8. This fixes some vulnerabilities, which can be exploited by malicious, local users to disclose potentially sensitive information, cause a DoS (Denial of Service), gain escalated privileges, and bypass certain security restrictions, or by malicious people to cause a DoS, bypass certain security restrictions, and disclose certain sensitive information.
28d845006e0392fabe31832bf93965d5f23486fc8d4fee7185e4433f91543f3dSecunia Security Advisory - Gentoo has reported some vulnerabilities in the nethack / falconseye / slashem packages, which can be exploited by malicious, local users to gain escalated privileges.
973584b8dea865158d6d22d6b23ef223e3e36656bc3819c5ad322d97622bb381Secunia Security Advisory - SCO has issued an update for xpdf. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a user's system.
056e30bd03247254785f7b1884dcf1b1146a0d35f189ec813d733219838751b9Secunia Security Advisory - FarhadKey has discovered a vulnerability in CoMoblog, which can be exploited by malicious people to conduct cross-site scripting attacks.
f2bbced2eafe647e7686c9482fd04da109fe14cb84a6ab19a96f0693fbcb08adSecunia Security Advisory - Debian has issued an update for evolution. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a vulnerable system.
197c6815098cd053c864b8c78df43920d1bf9c5668fec906d06317a07b40d6b7bordersstores.com suffers from XSS in search.jsp.
6726791820184fd9fa2280b8797254349d0ad602f3934508885682ae85f411aeSeveral US Government sites, including ic3.gov and house.gov suffer from XSS vulnerabilities.
a9daa06c8ab33ad1895a01cf09bbdbcbf4a3d36ea4a4bd058ff4f832135d5f6dBomberclone versions less than 0.11.6.2 remote exploit.
de7ebf09bae8d3533c40c6d55892e6d9cc4b1781559d10601d5383d129026681Computer Terrorism (UK) :: Incident Response Centre :: Security Advisory :: CT22-03-2006 :: Microsoft Internet Explorer (mshtml.dll) - Remote Code Execution
a358559835b66bd7f11646de7b1079018a6c6a2b80441124809359a797721011eVuln ID: EV0094 - PHP SimpleNEWS, PHP SimpleNEWS MySQL suffer from a weak authentication mechanism.
b19e0ccb3a4fc19fac1dc1984dfdb02af986d5df37585bb0ca39b1f0ff46b6faPHP Live! 3.0 suffers from XSS in status_image.php.
34e8bfbf37cc8f4b08ab9bbb61900ada026b59bdb97d451be810b4b8cc75abc3WinHKI 1.6x Archive Extraction Directory traversal: Due to an input validation error when extracting files compressed with certain formats, it is possible to have files extracted to arbitrary locations on the filesystem.
acbbfa4624f22737b64996b5e1a76b98c6f58d897fb2102c680182f1b5d35763cutenews 1.4.1 allows any user to access arbitrary files due to lack of sanitization of the "archive" parameter.
580b43b3832494e683fa4077eddfe17d7a2d38bf9778028fe8bed5571bda0330It is possible to DOS the IIS Worker Process (w3wp) due to improper reference of STA COM components in ASP.NET. POC Exploit included.
08835ab51fb255d6fe3eb1745d1e532f650748175084efc2259cda056de558dcMini-Nuke versions less than or equal to 1.8.2 suffer from multiple sql injection vulnerabilities.
e946a381b5f09a41cdb0918cee4c675e9350f2ea376baca0fd531418b2957bf0ASPPortal versions less than 3.1.1 Multiple Remote SQL Injection exploit.
70d81b25b7f53ba1155e66fe5919e491a9aa6a6d6dcd3aae4f8746a9eeddd3cdFree Articles from 99articles.com suffers from a remote command execution vulnerability.
f1e6d5fc9b9b74dd1b7f17f05ff0d4cbedc98a488e598c576347b2b78d5bafc35 Firepass 4100 SSL VPN v. 5.4.2 suffers from XSS in in my.support.php3. This allows an attacker to submit a crafted link to users of the vulnerable Web application in order to abuse their trust and steal their authentication credentials or hijack their sessions.
ff4fd9822a3a5c3918ff9217ff53b087caf92737953fcd30bb6f7094615f0e29Core Security Technologies Advisory ID: CORE-2006-0124 - Cross-Site Scripting in Verisigns haydn.exe CGI script: A cross-site scripting vulnerability found in Verisigns haydn.exe could allow an attacker to execute scripting code in the machine of a user within the user's web browser with the same trust level as that of the site hosting the haydn.exe file (this is usually a trusted site, since it is used to enroll, revoke or validate certificates).
63b5e84abe37e8304236a3e800985b05671f3353ac846c47ccff0b26cd403452PhpOutsourcing Noah's Classified 1.3 and below suffers from XSS and full path disclosure vulnerabilities.
8a6bfe7a4bb5e8bfc061e5a2925ff874677a048c44500b4382d59da47e19b848It is possible to bypass authentication in Microsoft Commerce Server pre SP2
896846e873ec1a1bb9b4e70032331be7942f1231cfd48459e53fb076624b6f45FreeBSD-SA-06:13.sendmail - A remote attacker may be able to execute arbitrary code with the privileges of the user running sendmail, typically root.
a91ef9dc623f5dd7661ec2d7d573f0c4dd33cb89772efd81f6e9c2126ba5f627
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed