SUSE Security Announcement SUSE-SA:2006:021: various security problems in Mozilla based browsers.
857b5ed50fab95079142b787cc274b3bfa52988e5f7f05515ae658bda0a46019It is possible to bypass any website that is in the "Uncategorized" Websense Category simply by adding a question mark at the end of the URL.
55611f0cd7905eaaa26e929be292f5754311b45644f74b51d8641148f109ba74ActualAnalyzer suffers from a remote file inclusion vulnerability if register_globals = On.
d7ae65095b07e73a72f7307ef4ec2e3ffe376ec82b513e546dfba79ea5074470exploit for Oracle 10g 10.2.0.2.0.
5bdd48609fbc48eaa4e5f651c41fd237a9522c5bd339aa23e7688596c66c5426A perl script to bypass the OCR Shop XTR vvlicense validation scheme.
c421e21e1e3ad1e1c704a942563a1fcee8fa3f7a4e02ebabb0989d3873c8b188CuteNews 1.4.1 suffers from XSS.
5907095f8019149d125aa50509e94635b6c059595842c80febd4cd0ce81f8ad4Remote file open flaw in Firefox 1.5.0.2: It is possible by a malicious web site to open local content in the browser by tricking a user into right-clicking and +choosing "View Image" on a broken image, which is referencing a local resource (e.g. via the file: URI handler).
e147a304405ebb3f6d93391f1d2bd171363d6a3d926e7a0a8292f58a0b83dc2dMambo / Joomla do not properly validate user-supplied input in rss.php.A remote user can supply a specially crafted URL to cause the system to display an error message that discloses the installation Path or force the script to create Tons of superfluous xml files which in some cases results in remote DOS attacks against target.
db42190082b571f33f9fecedb2b59dcaab5850e3a505040dbd582a73a95286524images versions less than or equal to 1.7 suffer from XSS.
dd4f8ced7053b1dc27882562c980eeb823918049ba52a31e0446db357b2d3041exploit for SQL injection vulnerability in confixx professional 3.1.2
0f7c30067f53156ac8c8bb9c803ece79d8a8dd95127c20da80a71200f0c0ebd9Nmap Log Stripper is a Bash script intended to be a way to condense all, or some, of the IPs of a "random" (-iR) Nmap scan into a file for later usage. Common uses are to be able to feed the file back into nmap with the -iL switch, or feeding it into another port or vulnerability scanner of your choice. Stripper supports stripping the Nmap log of all but the IPs of hosts running a certain service, a version of a service, or even an arbitrary banner, and writing them to a file.
536eb93e5c4e3ddff4d1b8be7a6928eb5a041b4ed267d67b5890a1e21fa71e57Oracle Database 10gR1 suffers from a buffer overflow in VERIFY_LOG procedure (DB03) Oracle Database Server provides the DBMS_SNAPSHOT_UTL package that includes capability to manage materialized views. This package contains the public procedure VERIFY_LOG that is vulnerable to buffer overflow. By default DBMS_SNAPSHOT_UTL has EXECUTE permission to PUBLIC so any Oracle database user can exploit this vulnerability.
ea6e241657c9e065a438b5455bcab515b2160933d8125c649d1b3edd73b8d8f6It is possible to crash a Allied Telesyn AT-9724TS switch by sending it a large stream of UDP data.
50e2df1c017e8cd7389ad0d861ff537254bdfd7c99f45f613c3e628ba242e99eWWWThread RC 3 suffers from multiple SQL injection vulnerabilities.
9945ef4289547564b7bb8ca997ca31f39f47632c93b0f408b72208a9c4fe4bd1ASPSitem 1.83 and prior suffer from SQL injection in the id parameter of Haberler.asp.
5232f8c53dd3c171c97ec452b2f0da3388a1e4c96c7aae2ac88deca51b0d0400EasyGallery CMS is vulnerable to XSS in EasyGallery.php.
b80c54c57e8171cd793813ed58372da55a2e68227059fafc1e798c105b2081c4ContentBoxX CMS is vulnerable to XSS in login.php.
c7485a4adaa537a5f590f2c4858294aa2ec523db4d8854ab52b52e6bbb81ed4cFlexBB 0.5.5 function/showprofile.php remote SQL injection exploit. Grabs admin password hash.
b0945bda11f774741fe19c1158b6cd1ce09807ae39a3e239d69a09db83f317e8dForum versions less than or equal to 1.5 suffer from multiple remote file inclusion vulnerabilities.
16742458901518ce8a3be484666d89ebb8b2c21391c51b2565c764643916fde0r57shell.php suffers from XSS.
d92a6a3717ee7798169732bfeebfab45026ff281c803ef75059631335db5647aSimplog 0.93 and earlier suffer from SQL injection in preview.php, archive.php, and comments.php as well as XSS. POC included.
a817a5016933f39da266ee3357cafffc6971069ff9d80b60ec6a498306698745The MKPortal vBulletin plugin versions 1.1 RC1 and prior suffer from SQL injection in index.php.
79eb44ae1226bb2fe59c30af2c33f93656d0189a49cd7f4d08d2ff8e859b01d4My Gaming Ladder Combo System versions less than or equal to 7.0 suffer from a remote file inclusion vulnerability.
8d344e5d17ebd2ab053ec6722d22068b796074b4094c4de2dd14db9d988d4783There appears to be a vulnerability in how Microsoft Internet Explorer handles (or fails to handle) certain combinations of nested OBJECT tags. This may lead to execution of code.
6880a1239046effd5defd553a873969d4f86cd06011c2e3d852b721791b32847RIblog suffers from SQL injection. POC included.
b37bde6ffa4540d6a62205acacb7eff62c9b79c4b495ebbfcc2e743f857b37e0
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed