maintain-3.0.0-RC2 suffers from remote file inclusion in example6.php.
4bb51629aefcb73aaa6c17c6470cb351979e556055669955203c55f3dd2cc0c6Security Advisory for Bugzilla 2.18.5, 2.20.2, 2.22, and 2.23.2: This advisory covers six security issues that have recently been fixed in the Bugzilla code.
4fee028c5a9a72d7c9ac4452a531f1b39e9680e9bba27265fc3a24d0fa91ecf0PHP Forge 3b2 suffers from a remote file inclusion vulnerability in inc.php.
ccdf758804c073ef26ea4456845129299445bdbe187e80e5f9b476b1a83c2f69patchlodel-0.7.3 suffers from a remote file inclusion vulnerability in calcul-page.php.
453d857f333311cd436170375a141a6ac60d8d9875a4ea3dfe1f8999f97ff0e0kmail 1.9.1 table/frameset DOS proof of concept.
667d336a0c82cde8a65570b60b3fb5af3cdfd0c23f4d0d6a7ba48819800ca3ecDeatils on spoofing the security dialog in Windows object packager.
7acc740ea36cdfd85ab1eb307e3a6424c784a540e5b69f7d48f55824ad0b6912Jinzora 2.6 and prior suffer from a remote file inclusion vulnerability in mt.php.
8e4ef0fbbda7a1356a0d1656fb8d5c31c3dfa3b17ec3569a91d5396accb89967EXlor 1.0 suffers from a remote file inclusion vulnerability in /fonctions/template.php
cd7d51d31ef0b5b84acc3d7f854532330ea35dc488499d5bf2e01710d9d4fb5aA small C program that can brute force gadu-gadu accounts starting from a given number and using a hardcoded list of passwords.
048dcc6171b1c08f6132e372e9ac410d6b68d1e47402d1a2901c9bb8bf5528e7Armorize-ADV-2006-0005 discloses multiple cross-site scripting vulnerabilities that are found in Gcontact, which is a Web based address book written in Ajax/PHP offering multi-user, multi-contacts (email,phone,icq,msn,...) & multi-address for each person, birthday reminder by email, mailing-list management, Excel export, etc.
8c00d8f70c2d466f2cb4980a4297d1bfbf34ffdf2e3ffa80be27b73a2ed5292fArmorize-ADV-2006-0003 discloses multiple cross-site scripting vulnerabilities that are found in Zen Cart, which is a PHP +e-commerce shopping program and is Built on a foundation of OScommerce GPL code. It provides an easy-to-setup and run +online store.
b5df486f27e52a1b4f91bc2b83b947e59cfddb83cebec8fca490934c31eed8aaArmorize-ADV-2006-0003 discloses multiple cross-site scripting vulnerabilities that are found in Zen Cart, which is a PHP e-commerce shopping program and is Built on a foundation of OScommerce GPL code. It provides an easy-to-setup and run online store.
b5df486f27e52a1b4f91bc2b83b947e59cfddb83cebec8fca490934c31eed8aa@lex Guestbook suffers from a remote file inclusion vulnerability in Mxconf.php.
ad345d07ac7c46a388bf07bc6ddeba5d4c6c366e729c56871766c33812205753osTicket suffers from a remote file inclusion vulnerability in open_form.php.
1b18ab69688c4a3afdb93a47e347dffb7665bab00ce344e2be69bd2653e3ef5aPOC for a possible integer overflow bug in konqueror 3.5-latest.
00263bb5a228545e88b8e05dee01534319248a7271970aec28977e1612e8fbe9Symantec Vulnerability Research SYMSA-2006-010: The web server under IronWebMail employs a simple macro language for evaluating pathname references. A loss of confidentiality occurs as a result of faulty pathname evaluation, causing unauthenticated access violation.
70d347b30c2f24ca5298b306b53bddf54e9c34e14f16894f24b825724792f064raptor_libnspr - Solaris 10 libnspr oldschool local root exploit. Exploits the design error vulnerability in NSPR.
4534f08fb4e5ebcc7329d2d59c1fbdfb5145398877594c9b4e82b067b081c76biDefense Security Advisory 10.13.06 - Remote exploitation of a format string vulnerability in the mod_tcl module for the Apache httpd v2.x could allow attackers to execute arbitrary code in the context of the httpd.
aa822f011982ff0d3ccb3b5cfacc8f0a60f500d6df8113792a7954839f072cfcThe second Internet Security Operations and Intelligence (ISOI) DA workshop will take place on the 25th and 26th of January, 2007. It will be hosted by the Microsoft Corporation, in Redmond WA. An after-party dinner will be hosted by Trendmicro. The call for papers is now open to the public. The main subject of interest is vulnerabilities and 0day exploits used in the wild. Secondary subjects are DDoS, phishing and general botnet subjects.
669e54de218bb16532988610c786ca340672bcaae385d66f0953e184c3db008eOpen Conference Systems 1.1.3 and prior suffer from a remote file inclusion vulnerability in theme.inc.php and footer.inc.php.
b134a8d617c8ccafcb8f467e5e15bc5172d2d1df2170e45acd32681f9cf23057Input passed to the "torrent" field of a GET Request is not properly sanitized before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in an users browser session in context of an affected site if a user clicks on a malicious link.
6a6b34ce2afcfa0432decb731a485ffde68dda4a0bce0e1f03541dbea8424bcdWyd is a tool for password profiling. The general idea is to personalize or profile the available data about a "target" person or system and generate a wordlist of possible passwords/passphrases out of available information. Instead of just using the command 'strings' to extract all the printable characters out of all type of files, we wanted to eliminate as much false-positives as possible. The goal was to exclude as much "unusable" data as possible to get an effective list of possible passwords/passphrases. It is very effective to get reasonable passwords from websites or filesystems.
3581d74785a5071ea404d0bbe59de4768ac89952f157729de10a21ab0abb2277POC for a memory corruption vulnerability in the "drmstor.dll" library which is part of the DRM (Digital Rights Management) software supplied with MS Windows.
2cbde388cbdb99ce63dfa813a707d4b197d88ee064f57afa7715e9847ad592eaWlandecrypter is a password generator for certain ADSL WIFI routers provided by Telefonica of Spain. Essid named WLAN_XX when XX are two hexadecimal digits.
43dc4ccd6f02b5fb1594641aa245b1db35ea43464e0a053cdecba88c1b4fe23bAirflood is a modification of aireplay that allows for a DOS in in the AP. This program fills the table of clients of the AP with random MACs doing impossible new connections. Useful external "MAC filter" function can allow only the "attacker" to connect to the AP
1206f824aaaaadcd2ba79d79f61bdfc0456a2aa4ee4834a27e36f30aa01f1424
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed