A-Cart suffers from SQL injection and cross site scripting vulnerabilities.
b88c9d2d5610ab94133985d2710736aabdc956242becc4ed51cd6e2b32d2d2cfDebian Security Advisory 1390-1 - Hamid Ebadi has discovered a buffer overflow the intT1_Env_GetCompletePath routine in t1lib, a Type 1 font rasterizer library. This flaw could allow an attacker to crash and application using the t1lib shared libraries, and potentially execute arbitrary code within such an application's security context.
f1f99de36dc124eb99855035833c588793e50108a12c7b05c2d25a455a80184fw3af, is a Web Application Attack and Audit Framework. The framework and the plugins are fully written in python. Each plugin will add a functionality like cross site scripting detection or SQL injection exploitation.
67d891aa6500e7df47db2f09f38d9e2c51954964e0f2cf5cf740433665379e95Various websites including eBay, CNN, and Monster.com use a version of the advertising system Pointroll that leaves them susceptible to cross site scripting vulnerabilities.
4427207b323c5a81bfc34e201f949113171c4cf907a9767129df240e40066affNth Dimension Security Advisory (NDSA20071016) - The SiteBar application has single high risk issues with its translation module. It can can be made to retrieve any file to which the web server user has read access. The SiteBar application has multiple high risk issues with its translation module. It can be made to execute arbitrary code to gain remote access as the web server user typically nobody. The SiteBar application has multiple medium risk issues where it is vulnerable to Javascript injection within the requested URL. The SiteBar application has single medium risk issue where it is vulnerable to malicious redirects within the requested URL. Version 3.3.8 is affected.
f9787ab6aeb07593ce7cda6de093a36855c1a84a926762bb230871ba4fa62bdbThe Microsoft Windows binary of curl contains a vulnerable version of zlib.
23ffc0004b9551d2eac301f99d76817eaf4fd4cb36162d70811e58df6ded7a07The freeware version of Softwin's Bitdefender software contains a vulnerable version of zlib.
8e49cc4ec5ada844916e219cdc6a719f8e49e6f776aa8674aa60f48ab56c3486The Microsoft Windows binary GSV48W32.EXE of gsview contains a vulnerable version of zlib.
4f5970a0b756c59df38bb2646529f1f975572ff3992b0be14d2bee4befb49e8cMacrovision Safedisc secdrv.sys privilege escalation exploit for use with Kartoffel. Exploit Microsoft Windows XP SP2 and 2003.
d6d916e9ed801ae67787048fc759ceaab183f26a46e0550aaf9a5901c539b061The Nortel Communication Server 1000 is susceptible to a denial of service condition when flooded with packets.
3a1e612d60083c059d9753663e4abc70b615d2ef15c60154acdfb92999133c6aThe Nortal UNIStim IP Phone signalization protocol is vulnerable against spoofed re-authentication messages.
ae2a7818f57204ac8d0a23e283013e74226689cf3f793a25d7f4c67a3e4e5699The Nortel UNIStim IP Phone is susceptible to a remote denial of service attack when flooded.
7a2e54f9bf1e9278e11d68163cdf787bfc5685d2297f2dc850ba093be662b2e7The Nortel UNIStim IP Phone appears to suffer from a spoofing vulnerability that allows for message interception.
65392c715d8f5d5e32499a312b577546f7ad65f7876e976a35b1c5f4974aa06fThe UNIStim IP Softphone appears to suffer from a buffer overflow condition when flooded with data on the RTCP port.
737767383a1c7d460e112d9f620f886c11febc5c5cf9f7ec719c6edfe4f954d1Latest additions to the Web Hacking Incidents Database (WHID) detailing major recent incidents.
9ef7b26b0eddd38519c2953eb60af13bd895e1dfd5872fb67ca39a54c0ead65e.aware electronic magazine Beta - Overground Hacking.
5a4b07ba182e6b8446b49c6fd53fb1ed404063d5cb2466af0c5dcd2ede939da1VISO apps are vulnerability to a local file inclusion vulnerability.
b0c7ada4029056f644ab09494a67b9a8ece06f4d4a2aa46052aaf1fdb8921671Knowledge Networking version 1.0.b suffers from a local file inclusion vulnerability.
f3bf1ea47c84c56ec8f9fa85f609ffc8954025f621e208d23d7dadf5e8d925deSimplePHPBlog version 0.4.9 suffers from a cross site request forgery vulnerability.
e8ab4fdfb8230e314dd589d37c9d99da8638dd7af3c46f311583e4b55be805aaOpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.
0e26886845de95716c9f1b9b75c0e06e9d4075d2bdc9e11504eaa5f7ee901cf0Secunia Security Advisory - A vulnerability has been reported in IBM DB2, which potentially can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.
b9c4cf6f0bdfc23fc719af48318e81ce4f181e64d9ade4df3efd3fb87c51a6cfSecunia Security Advisory - JosS has discovered a vulnerability in WWWISIS, which can be exploited by malicious people to disclose sensitive information.
c83fdae09b2cf39e863fc1d9790ca17f48ee0e41e9ae7084f1d2671f01671373Secunia Security Advisory - Some security issues with unknown impact have been reported in Support Incident Tracker.
e75f40d838022c97beee352d501b5ccdaa63116cf33253c2caa44781fda720b4Secunia Security Advisory - Matthijs Kooijman has reported a weakness in Bacula, which can be exploited by malicious, local users to disclose potentially sensitive information.
81a10fc4cc612fc53cb8b98391eb7a94900dc2e53697cfe8dc4a5201f3b5983dSecunia Security Advisory - SUSE has issued an update for IBM Java. This fixes some vulnerabilities and a security issue, which can be exploited by malicious people to bypass certain security restrictions, cause a DoS (Denial of Service) or compromise a user's system.
7350d476dcb2edacf5586ba7d9b0aa8869682cb0382ad96afe02d0b5f5c6e968
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed