4images versions less than or equal to 1.7 suffer from XSS.
dd4f8ced7053b1dc27882562c980eeb823918049ba52a31e0446db357b2d3041exploit for SQL injection vulnerability in confixx professional 3.1.2
0f7c30067f53156ac8c8bb9c803ece79d8a8dd95127c20da80a71200f0c0ebd9Nmap Log Stripper is a Bash script intended to be a way to condense all, or some, of the IPs of a "random" (-iR) Nmap scan into a file for later usage. Common uses are to be able to feed the file back into nmap with the -iL switch, or feeding it into another port or vulnerability scanner of your choice. Stripper supports stripping the Nmap log of all but the IPs of hosts running a certain service, a version of a service, or even an arbitrary banner, and writing them to a file.
536eb93e5c4e3ddff4d1b8be7a6928eb5a041b4ed267d67b5890a1e21fa71e57Oracle Database 10gR1 suffers from a buffer overflow in VERIFY_LOG procedure (DB03) Oracle Database Server provides the DBMS_SNAPSHOT_UTL package that includes capability to manage materialized views. This package contains the public procedure VERIFY_LOG that is vulnerable to buffer overflow. By default DBMS_SNAPSHOT_UTL has EXECUTE permission to PUBLIC so any Oracle database user can exploit this vulnerability.
ea6e241657c9e065a438b5455bcab515b2160933d8125c649d1b3edd73b8d8f6It is possible to crash a Allied Telesyn AT-9724TS switch by sending it a large stream of UDP data.
50e2df1c017e8cd7389ad0d861ff537254bdfd7c99f45f613c3e628ba242e99eWWWThread RC 3 suffers from multiple SQL injection vulnerabilities.
9945ef4289547564b7bb8ca997ca31f39f47632c93b0f408b72208a9c4fe4bd1ASPSitem 1.83 and prior suffer from SQL injection in the id parameter of Haberler.asp.
5232f8c53dd3c171c97ec452b2f0da3388a1e4c96c7aae2ac88deca51b0d0400EasyGallery CMS is vulnerable to XSS in EasyGallery.php.
b80c54c57e8171cd793813ed58372da55a2e68227059fafc1e798c105b2081c4ContentBoxX CMS is vulnerable to XSS in login.php.
c7485a4adaa537a5f590f2c4858294aa2ec523db4d8854ab52b52e6bbb81ed4cFlexBB 0.5.5 function/showprofile.php remote SQL injection exploit. Grabs admin password hash.
b0945bda11f774741fe19c1158b6cd1ce09807ae39a3e239d69a09db83f317e8dForum versions less than or equal to 1.5 suffer from multiple remote file inclusion vulnerabilities.
16742458901518ce8a3be484666d89ebb8b2c21391c51b2565c764643916fde0r57shell.php suffers from XSS.
d92a6a3717ee7798169732bfeebfab45026ff281c803ef75059631335db5647aSimplog 0.93 and earlier suffer from SQL injection in preview.php, archive.php, and comments.php as well as XSS. POC included.
a817a5016933f39da266ee3357cafffc6971069ff9d80b60ec6a498306698745The MKPortal vBulletin plugin versions 1.1 RC1 and prior suffer from SQL injection in index.php.
79eb44ae1226bb2fe59c30af2c33f93656d0189a49cd7f4d08d2ff8e859b01d4My Gaming Ladder Combo System versions less than or equal to 7.0 suffer from a remote file inclusion vulnerability.
8d344e5d17ebd2ab053ec6722d22068b796074b4094c4de2dd14db9d988d4783There appears to be a vulnerability in how Microsoft Internet Explorer handles (or fails to handle) certain combinations of nested OBJECT tags. This may lead to execution of code.
6880a1239046effd5defd553a873969d4f86cd06011c2e3d852b721791b32847RIblog suffers from SQL injection. POC included.
b37bde6ffa4540d6a62205acacb7eff62c9b79c4b495ebbfcc2e743f857b37e0Firefox 1.5.0.2 suffers from a buffer overflow which may lead to execution of arbitrary code. POC included that crashes firefox 1.5.0.2.
3bcdcf8e9858bdd514b50af3e51464c02f75764f9b25174f6b98fdc25bd86214Scry Gallery v1.1 suffers from XSS.
5927b3444ab2aa0d898c26b0ef9d345e7a28559c508e8b4b9e55d5d95279ff1fClansys versions less than or equal to 1.1 suffer from a PHP code insertion vulnerability.
29407a2b2f167f57c593bc3ae310f197012456c4a89fa12c3c9a270d54eb16baAn interesting paper on using the TOR network to anonymously collect funds with eGold.
eeed8459776111cd6c67faa53caf1900c1f39dd4bae1bbc5c9eab1f24d091519CoreNews versions less than or equal to 2.0.1 suffer from multiple remote vulnerabilities.
25de6652f5ae9f8c2ad915509e1b3624cbae55bceefc8ddcc5fbad143a0d620bThree vulnerabilities have been discovered in the Symantec Scan Engine which can lead to unauthorized access of critical data.
030a179c7996e7676ef83aab58100acfa484b11d85f5aa94d340a80dac313bcbSkulltag 0.96f and prior suffers from a format string vulnerability exploitable when a client passes a wrong version string.
62649cd57e18a1f22dddb4770c1e4efb93a0e15ae7ad93d2c1ab16515169b11cOpenTTD versions less than or equal to 0.4.7 suffers from several flaws.
a819727493428087200b3598dffc9d4dc2eb93491c611a3414bd30d2a2a7dc83
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed