OpenSSH, when configured to use S/KEY authentication, is prone to a remoteinformation disclosure weakness.
827bc6c037cf63160a94b7ff9a14a24cb084daaa8c20cf1bd442f18e90af8314
FG-Injector is a tool that leverages the pentester's work by facilitating the exploitation of SQL Injection vulnerabilities. It includes a a powerful proxy feature for intercepting and modifying HTTP requests, a network spy module to allow the analyst view HTTP requests and their corresponding responses and an inference engine for automating SQL injection exploitation. The Inference Engine Module of the FG-Injector Framework automates the generation and injection of SQL statements needed for exploitation of a Blind SQL Injection. This module will work also for regular injections using the same method. It can produce blind injections on web/app servers using MS SQL Server, MySQL, and PostgresSql DBMSs.
74b3c38d6f2099312260d15315e3efffa0931c01dbf652273a76ad062166cd72
Phorum version 5.1.20 is susceptible to cross site scripting and SQL injection attacks.
c129314d9cc2a57cd9583bfb706c6ceb610700c5ba267b22a3034575c693cc62