TorrentFlux version 2.2 suffers from arbitrary file creation/deletion/overwrite as well as a command execution vulnerability.
5e9b1feeb64e4868fc0e0c12fdfe8661b4b35e3c0e503ba2625406fba125de59phpPeanuts version 1.3 Beta suffers from a remote file inclusion vulnerability in Inspect.php.
01864069990a9337d7b56ace3c652614e0336efd0e2f1ef382c2f8d8296afd19Aigaion versions 1.2.1 and below suffer from a remote file inclusion vulnerability.
2b8572e392b09291d6dde65319c43ec497b8504af9cf327b6b938e2f42fbaf3aRemote denial of service exploit for UniversalFTP version 1.0.50.
a98de21b65503de4856c18c52473f66274b0a8b986e24c23eea62b7a846df7e7WinZIP versions 10.0.7245 and below FileView ActiveX control stack overflow proof of concept exploit.
45e7ef5aa4bed66d4ed69bb7ffcbf9d14a655fc54a25b33506fdc4372ff0f652Debian Security Advisory 1211-1 - It was discovered that malformed TCP packets may lead to denial of service and possibly the execution of arbitrary code if the PowerDNS nameserver acts as a recursive nameserver.
90b63c78ab3362eb056147d89cf57fd09b2272a89ff5370b95439e8d92a22c61Helm version 3.2.10 suffers from multiple cross site scripting flaws.
e8eb8131141bd7a4f252673308db055ba43ee8f734caa1f1929cdf2b47177e10Technical Cyber Security Alert TA06-318A - Microsoft has released updates that address critical vulnerabilities in Microsoft Windows, Internet Explorer, and Adobe Flash. Exploitation of these vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service on a vulnerable system.
951c76926138803cae0e90c90c10bd566f549711e3d83f3d682cdbf1c715604dA flaw exists in a default Windows component called the "Workstation Service" that when exploited allows for remote code execution in SYSTEM context, allowing an attacker to take complete control of affected systems. Systems affected include Windows 2000 (Remote Code Execution), Windows XP SP1 (Local Privilege Escalation).
367cc68f34ddc938cf2dcc518afe55cf78d89fa4e11fb54f7de27032d7c6cf8eE-Calendar Pro version 3.0 suffers from login bypass and SQL injection vulnerabilities.
b6dcb793991aa3bce98f1db3530abd21fa566c0d4b3a490ff672dad9b0d03cd6MultiCalendars suffers from SQL injection vulnerabilities.
b2f23750f6a54c36ba12ec009c3e157fe1aebd8a81123578e14f0ac59d773329Dragon Events Listing suffers from login bypass and SQL injection vulnerabilities.
3dde952ee76fd73b179a30dceda5c374f34a7df0dede9e4fa945100016693346A+ Store E-Commerce suffers from SQL injection and cross site scripting vulnerabilities.
fe8fcd38c0792ddf93afc0266b0f5324b1c6b8d80a53ed650aa9c38653b97b4bEvolve Merchant suffers from a SQL injection vulnerability.
f500afea98878d6e0fd724a3c8732c37c6351dec9f6cde747432068841186471A-Cart Pro suffers from a SQL injection vulnerability.
2b0ad31b786c3e3213c2862150bc5276a9ce13ec5810d2ec231f3cda6ac92005A vulnerability allows attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific vulnerability exists due to improper parsing of HTML CSS 'float' properties. By ordering specially crafted 'div' tags in a web page, memory corruption can occur leading to remote code execution. Internet Explorer version 6 is affected.
1669130cd4af4fc99047e9c1f559840afa5aac45427643454da5dc6c0dfaf18dThe hpecs shopping cart suffers from login bypass and SQL injection vulnerabilities.
8b5729d4e7c1e931c405874f81aacc72d5784a728f835e80612727073d512bb8A vulnerability allows remote attackers to execute arbitrary code on systems with vulnerable installations of WinZip. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. Affected is WinZip 10.0 (pre build 7245).
06c0a0311eb69db540002126c6af3e38d1298b9ce5ad646d96ccc8903102a2a0Hardened PHP Project Security Advisory - Dotdeb PHP versions below 5.2.0 revision 3 suffer from an email header injection vulnerability.
7aba22abbcde28fff1cae212fbfcccf3a83a9218f5ce24a5357f7b683d45e2bdBlogme version 3 suffers from SQL injection and cross site scripting vulnerabilities.
8e8da300bb73abc58c114f26fa43fb27299e9706ea2388a4d7034d70ab5c8af0FunkyASP Glossary version 1.0 suffers from a SQL injection vulnerability.
236240f630c21c3ff5908c6c26a5c498199aa814b92c6ff4d6024d7f7bffa236Property Site Manager suffers from SQL injection, login bypass, and cross site scripting vulnerabilities.
485410e46cebe8360f83f03cbe4a86562c302b57d6a9106ea20483442d3f62a6Car Site Manager suffers from SQL injection and cross site scripting vulnerabilities.
053b251f3faeb32983435606f63d4035dc0257567b26a5796db1dbe2c9d8b0baInventory Manager suffers from SQL injection and cross site scripting vulnerabilities.
3115c8d473025b6078a4ac37ba8d3f23f38a6e582380252c06fec49673bffe7eSecunia Security Advisory - Filipe Balestra and Rodrigo Rubira Branco have reported a vulnerability in FreeBSD, which can be exploited by malicious, local users to disclose potentially sensitive information.
ff5c58c4ac6bc65c4405a8b90330a865a07fba16a2f3914dbc9b805a0a6821ae
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed