SUSE Security Announcement SUSE-SA:2006:021: various security problems in Mozilla based browsers.
857b5ed50fab95079142b787cc274b3bfa52988e5f7f05515ae658bda0a46019
It is possible to bypass any website that is in the "Uncategorized" Websense Category simply by adding a question mark at the end of the URL.
55611f0cd7905eaaa26e929be292f5754311b45644f74b51d8641148f109ba74
ActualAnalyzer suffers from a remote file inclusion vulnerability if register_globals = On.
d7ae65095b07e73a72f7307ef4ec2e3ffe376ec82b513e546dfba79ea5074470
exploit for Oracle 10g 10.2.0.2.0.
5bdd48609fbc48eaa4e5f651c41fd237a9522c5bd339aa23e7688596c66c5426
A perl script to bypass the OCR Shop XTR vvlicense validation scheme.
c421e21e1e3ad1e1c704a942563a1fcee8fa3f7a4e02ebabb0989d3873c8b188
CuteNews 1.4.1 suffers from XSS.
5907095f8019149d125aa50509e94635b6c059595842c80febd4cd0ce81f8ad4
Remote file open flaw in Firefox 1.5.0.2: It is possible by a malicious web site to open local content in the browser by tricking a user into right-clicking and +choosing "View Image" on a broken image, which is referencing a local resource (e.g. via the file: URI handler).
e147a304405ebb3f6d93391f1d2bd171363d6a3d926e7a0a8292f58a0b83dc2d
Mambo / Joomla do not properly validate user-supplied input in rss.php.A remote user can supply a specially crafted URL to cause the system to display an error message that discloses the installation Path or force the script to create Tons of superfluous xml files which in some cases results in remote DOS attacks against target.
db42190082b571f33f9fecedb2b59dcaab5850e3a505040dbd582a73a9528652
4images versions less than or equal to 1.7 suffer from XSS.
dd4f8ced7053b1dc27882562c980eeb823918049ba52a31e0446db357b2d3041
exploit for SQL injection vulnerability in confixx professional 3.1.2
0f7c30067f53156ac8c8bb9c803ece79d8a8dd95127c20da80a71200f0c0ebd9
Nmap Log Stripper is a Bash script intended to be a way to condense all, or some, of the IPs of a "random" (-iR) Nmap scan into a file for later usage. Common uses are to be able to feed the file back into nmap with the -iL switch, or feeding it into another port or vulnerability scanner of your choice. Stripper supports stripping the Nmap log of all but the IPs of hosts running a certain service, a version of a service, or even an arbitrary banner, and writing them to a file.
536eb93e5c4e3ddff4d1b8be7a6928eb5a041b4ed267d67b5890a1e21fa71e57
Oracle Database 10gR1 suffers from a buffer overflow in VERIFY_LOG procedure (DB03) Oracle Database Server provides the DBMS_SNAPSHOT_UTL package that includes capability to manage materialized views. This package contains the public procedure VERIFY_LOG that is vulnerable to buffer overflow. By default DBMS_SNAPSHOT_UTL has EXECUTE permission to PUBLIC so any Oracle database user can exploit this vulnerability.
ea6e241657c9e065a438b5455bcab515b2160933d8125c649d1b3edd73b8d8f6
It is possible to crash a Allied Telesyn AT-9724TS switch by sending it a large stream of UDP data.
50e2df1c017e8cd7389ad0d861ff537254bdfd7c99f45f613c3e628ba242e99e
WWWThread RC 3 suffers from multiple SQL injection vulnerabilities.
9945ef4289547564b7bb8ca997ca31f39f47632c93b0f408b72208a9c4fe4bd1
ASPSitem 1.83 and prior suffer from SQL injection in the id parameter of Haberler.asp.
5232f8c53dd3c171c97ec452b2f0da3388a1e4c96c7aae2ac88deca51b0d0400
EasyGallery CMS is vulnerable to XSS in EasyGallery.php.
b80c54c57e8171cd793813ed58372da55a2e68227059fafc1e798c105b2081c4
ContentBoxX CMS is vulnerable to XSS in login.php.
c7485a4adaa537a5f590f2c4858294aa2ec523db4d8854ab52b52e6bbb81ed4c
FlexBB 0.5.5 function/showprofile.php remote SQL injection exploit. Grabs admin password hash.
b0945bda11f774741fe19c1158b6cd1ce09807ae39a3e239d69a09db83f317e8
dForum versions less than or equal to 1.5 suffer from multiple remote file inclusion vulnerabilities.
16742458901518ce8a3be484666d89ebb8b2c21391c51b2565c764643916fde0
r57shell.php suffers from XSS.
d92a6a3717ee7798169732bfeebfab45026ff281c803ef75059631335db5647a
Simplog 0.93 and earlier suffer from SQL injection in preview.php, archive.php, and comments.php as well as XSS. POC included.
a817a5016933f39da266ee3357cafffc6971069ff9d80b60ec6a498306698745
The MKPortal vBulletin plugin versions 1.1 RC1 and prior suffer from SQL injection in index.php.
79eb44ae1226bb2fe59c30af2c33f93656d0189a49cd7f4d08d2ff8e859b01d4
My Gaming Ladder Combo System versions less than or equal to 7.0 suffer from a remote file inclusion vulnerability.
8d344e5d17ebd2ab053ec6722d22068b796074b4094c4de2dd14db9d988d4783
There appears to be a vulnerability in how Microsoft Internet Explorer handles (or fails to handle) certain combinations of nested OBJECT tags. This may lead to execution of code.
6880a1239046effd5defd553a873969d4f86cd06011c2e3d852b721791b32847
RIblog suffers from SQL injection. POC included.
b37bde6ffa4540d6a62205acacb7eff62c9b79c4b495ebbfcc2e743f857b37e0