Netkamp Emlak Scripti is susceptible to a SQL injection vulnerability.
89b14bb41b6db98788e40f03d8fc3047cb99245f794eb3fa30c9bc6b2b7db1bfOhesa Emlak Portal is susceptible to a SQL injection vulnerability.
a3f8a7412f9eb1c696cf443bddce0e3b995c95732615ddf57512fd11f0343788Ubuntu Security Notice 522-1 - It was discovered that OpenSSL did not correctly perform Montgomery multiplications. Local attackers might be able to reconstruct RSA private keys by examining another user's OpenSSL processes. Moritz Jodeit discovered that OpenSSL's SSL_get_shared_ciphers function did not correctly check the size of the buffer it was writing to. A remote attacker could exploit this to write one NULL byte past the end of an application's cipher list buffer, possibly leading to arbitrary code execution or a denial of service.
07593e231df1e5dc0f594139f370e808bd38529d8959b1b5b701f3d15f5be2e0Debian Security Advisory 1378-2 - Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code.
0605e3e63d0b2b1a9ed33c2af397d4bac98e7c643acc8edde998a2b4b02aa190This script can be used to steal G-Mail's keychained password by injecting javascript into Safari. When executed it opens G-Mail's login page, reads the saved password and sends it to a logging server by creating an hidden iframe into G-Mail's page.
20de0e897ec70cae2d19020dbc28f0afb395ff11a21cf566e2d898f6373105e1This script can be used to steal G-Mail's keychained password by injecting javascript into Safari. When executed it opens G-Mail's login page, reads the saved password and prompts it into an alert box.
d1666deab432edbc9e59a484712e616f3e4b12ccc20689e06d1d5c0bc471f7eaTor versions below 0.1.2.16 ControlPort remote rewrite exploit.
60b86debafefb6d4092a83ca2af33ae8129a47368aa7ce9d92ec93a733810284mxBB module mx_glance version 2.3.3 suffers from a remote file inclusion vulnerability.
2452ced34c50af4690d62b6fe58791ab3b0d2ded240e907461225e7342a0a5daMambo component Mambads versions 1.5 and below suffer from a remote SQL injection vulnerability.
bc2e66c74f97bc49fce32b0cc68da588ed69741137f1b8c385c35065f452beb1MDPro version 1.0.76 remote SQL injection exploit.
64eaf5d131bd08a7e3e3c5b3b5c444e628ed3dcb7fa505197104b5c034e53233Zomplog versions 3.8.1 and below suffer form an arbitrary file upload vulnerability.
51229d2b0d699b76e2f2d85f2160f5d3f9583f5d8bec1e486329a2849f66fd41Public Media Manager versions 1.3 and below suffer from a remote file inclusion vulnerability.
73c24490fa872998ce87aa181b956bc916cdd6b48ba86c301e654ff1fd49ae10PhFiTo version 1.3.0 suffers from a remote file inclusion vulnerability.
6f201de717e60b3590a98f42735faca4702aa76c08b947c8b723f015079fc7aeNmap Log Stripper is a Bash script intended to be a way to condense all, or some, of the IPs of a "random" (-iR) Nmap scan into a file for later usage. Common uses are to be able to feed the file back into nmap with the -iL switch, or feeding it into another port or vulnerability scanner of your choice. Stripper supports stripping the Nmap log of all but the IPs of hosts running a certain service, a version of a service, or even an arbitrary banner, and writing them to a file.
1a67ab5aaf2d8f6c3040cead6ca0ae4fd6fe5fee712ed7f7bd4f06ca75842110Mandriva Linux Security Advisory - A vulnerability was discovered in KDM by Kees Huijgen where under certain circumstances and in particular configurations, KDM could be tricked into allowing users to login without a password.
282e85a63e64b85c7cc421aee20e564b2296562cd10fd53bc8702125c618ef7fUbuntu Security Notice 521-1 - Luigi Auriemma discovered that libmodplug did not properly sanitize its input. A specially crafted AMF file could be used to exploit this situation to cause buffer overflows and possibly execute arbitrary code as the user.
fedcc331c95208511c21b229acf97430edf70aba3923ab9b666e62fad87f864eA vulnerability results from the Net::HTTPS library from Ruby versions 1.8.5 and 1.8.6 failing to validate the name on the SSL certificate against the DNS name requested by the user. By not validating the name, the library allows an attacker to present a cryptographically valid certificate with an invalid CN.
30fcafc5523a3be23deee577529d910574c4482ca24286ec62b4815b2b3dcf84
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed