Halberd discovers HTTP load balancers. It is useful for web application security auditing and for load balancer configuration testing.
7c31ccd75cb9932150f699975f11f7750c13f8b6593db9c41b293d4408ce8474
Multiple vulnerabilities have been found in Windows 2000. When Internet Explorer tries to instantiate the ciodm.dll, MyInfo.dll, msdxm.ocx, Creator.dll(Media player 9) COM object as an ActiveX control, it may corrupt system memory in such a way that an attacker may cause a denial of service and/or execute arbitrary code.
e8aa42a275938fe5a35441d65b4915a46b5fbbe27f869633e987407a8ac180e5
DotClear version 1.2.5 is susceptible to cross site scripting attacks.
f20e1734db1bdd3604013e7d56b07a77438a24b52501927c077bd5c2cc977e45
Diesel Pay is susceptible to cross site scripting attacks.
b7407b21d7bd5683757e664e6c9163f44a804ca971cbde7b70a90c8fde968cd6
Smart Traffic is susceptible to a remote file inclusion vulnerability.
f8b45b00e3561b33fe9c9ce52e55271d35111bf84f52ebc164377ae84508b7d0
Diesel Paid Mail is susceptible to a cross site scripting attack in getad.php.
6601a0fe42472036f6b0491595b63b536a165c3f23111dfb0a6d76828ed33691
Diesel Job Site is susceptible to cross site scripting attacks.
7753fc79384d7613037402d8d86a6e6bb6962f70d0708d8227ee3603a9fd0bba
Debian Security Advisory 1154-1 - James Bercegay of GulfTech Security Research discovered a vulnerability in SquirrelMail where an authenticated user could overwrite random variables in the compose script. This might be exploited to read or write the preferences or attachment files of other users.
bdccc0ff91a61b9bd0be657183bf5d5b828194ad13e8a93cc52faa046b23d511
LBlog suffers from a SQL injection vulnerability in comments.asp.
f903392e224272f2ea432add9c9ca37584c021e229f34652e356ee781f9ac697
Proof of concept exploit for the mod_rewrite vulnerability in Apache that makes use of an off by one overflow in the handling of ldap requests.
47f17f2bae7bce7af834754bc7cd0e1bc951414c01f5d33309f9e31e99e9e771
SimpleBlog versions 2.0 and below suffer from a SQL injection vulnerability in comments.asp.
fec508b64062de0786daaa779eff8a0bdf033c20a60c80d715540a4c3efc0950
The Eichhorn Portal is susceptible to multiple SQL injection and cross site scripting flaws.
43a1d2b3b41b9e48d9d875a9c45f9678a22ff39a1be0118d1a793b2c22d0721d
ToendaCMS versions 1.0.3 and below suffer from a remote file inclusion flaw.
c32af9e89d6947672bc7fdb14eadf7e265cc702d07ca508960b64413a4052021
The Estate Agent Mambo component suffers from a remote file inclusion vulnerability.
0ed0b22a6e5ae62748be7ecd4c32994e13a83deda729ef860a29666037f9f681
The ContXTD Mambo component suffers from a remote file inclusion vulnerability.
e638a5e03c89cdf898280c577899e0b7cda426ec7b972ddf336634f55d5c6211
The MOSBot Manager suffers from a remote file inclusion vulnerability.
619eb81f3301ab36b657d1188e9ae78b548fb803e8068a64f18a5c15bacb1b57
The 2wire Gateway User Interface suffers from a denial of service condition.
4fe7414d3559dc9c5dbeaf12016431522c1296b8ef224dab79370ead035f839d
Mambo com_cropimage version 1.0 suffers from a remote file inclusion vulnerability.
49f460a39763d9495a896c146929cde47cc60d0ce79a9b8db4d35f95ee518d81
Mambo CatalogShop suffers from a remote file inclusion vulnerability.
3709b233ecc6f3ec546ed805bab7e0da388df7fe8e903fce2a4c9305a4b091e4
PBSite versions B1 C45.1 and below suffer from a remote file inclusion vulnerability.
e39a15a826a27b680836ff5c54c9d4e6bab35fc98d9b083c617b093cf1971084
L-Forum versions 2.4.0 and below suffer from a remote file inclusion vulnerability.
37ca01cfd06c8230e14db5dcb96bf8eb49fe8fed52db1c2779c35a4588c8b60a
Spaw Editor versions 1.6 and 1.7 suffer from a remote file inclusion vulnerability.
7592a6a1892d22aeb4cf799cbfdd9846fe55ae537678b34ba99521c3c2ab5a1f
RealVNC 4.1.2 appears susceptible to a denial of service condition due to an integer overflow.
a2e6dbe9ebc4d4753bde410e5bb88160a8c0a2f9a76a492d6904d457c1d77623
Ako Comments suffers from a remote file inclusion vulnerability.
2497f52aba4b9e6f4ad669f137d110345db2352a684224f01bcb568161651249
XennoBB versions 2.1.1 and below suffer from a SQL injection vulnerability.
51b54e560af19138280b7fb48770a962a33302494575fb1a5e5858792e8d825d