Danneo CMS version 0.5.1 and below remote blind SQL injection exploit.
c7175baf1adf469cddac5569f27e69aff0b6af74237cf9302582f88cbac4391a
A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office. Exploitation requires that the attacker coerce the target into opening a malicious .XLS file. The specific flaw exists within the parsing of malformed cell comments. When Excel encounters a malformed record it attempts to rebuild the broken meta-data. A flaw in this rebuilding process allows the user to specify critical data offsets eventually leading to code execution under the logged in users credentials.
4cf43f9561e5a5e4d745658e0eb4739ce0e1b5b461cdd5424899992f213d97b0
Technical Cyber Security Alert TA08-071A - Microsoft has released updates to address vulnerabilities that affect Microsoft Office, Outlook, Excel, Excel Viewer, Office for Mac, and Office Web Components as part of the Microsoft Security Bulletin Summary for March 2008. The most severe vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code.
ee9b68b8e589da2e9feeb6dfe808452853c1b4d0029f482f3583daefab97d63b
Core Security Technologies Advisory - Timbuktu Pro suffers from remote path traversal and log injection vulnerabilities.
d86243f80adb465a8eb0832d5b4b1a1dc8921c5e790c1bef0c2f4f28fc78447c
The PHP-Nuke ZClassifieds module suffers from a SQL injection vulnerability.
9895865f185a3093aaa1202b8fcd1b886a8a9d338f1151bf92faa179316bc109
The Adobe LiveCycle Workflow version 6.2 suffers from a cross site scripting vulnerability.
dc548ea97b7dc5c43a82690d612495df86788f2dac77a1573042945be6cea39b
Internet Explorer 5 and 6 are vulnerable to a File Transfer Protocol (FTP) CSRF-like command injection attack, whereby an attacker could execute arbitrary commands on an unsuspecting user's authenticated or unauthenticated FTP session.
e29fa2fbfaeb4c5dca00851ee9f57bff81c9cbcfddd64aa674ee8193aead2097
A HTML injection vulnerability exists in the WebLogic administration console. Version 10.0 is susceptible.
31c7f522f189ed3bfdfb6a0997208a45558be78e9d59f1585239b571c11fe2f3
A session fixation vulnerability exists in the WebLogic administration console. Version 10.0 is susceptible.
f9b44008606d60660c826241111888eda4b9b18827b96578d1ccf098a3fbaca8
HP Security Bulletin - A potential security vulnerability has been identified with HP-UX running HP CIFS Server (Samba). The vulnerability could be exploited remotely to execute arbitrary code.
3bae5d2dd4db78af21f99c784c9b4a0885c6f68a20b226243b6e92f2fe7d6701
The PHP-Nuke NukeC30 module suffers from a SQL injection vulnerability.
f1db061b95dd651bc93d7c9cf7d3c4ba9722cef91867e14f82c9283a8243c1c3
The Mambo module ensenanzas suffers from a remote SQL injection vulnerability.
3bedc566f6dcce36569ac5fc138c39ffe31abc2e63b4b8688e6523b960359288
Ubuntu Security Notice 585-1 - Piotr Engelking discovered that strxfrm in Python was not correctly calculating the size of the destination buffer. This could lead to small information leaks, which might be used by attackers to gain additional knowledge about the state of a running Python script. A flaw was discovered in the Python imageop module. If a script using the module could be tricked into processing a specially crafted set of arguments, a remote attacker could execute arbitrary code, or cause the application to crash.
cd03b8dbf697c6db46fb74e77386209cce8d3588922b6212135c0cea2d1a94f7
Acronis True Image Group Server versions 1.5.19.191 and below suffer from an invalid memory access vulnerability.
75aa998d1f57b132b63aa9ca688d3bdcfa12d6c3f7e18fe7a7f6f4a7d34e3677
Acronis PXE Server versions 2.0.0.1076 and below suffer from directory traversal and null pointer vulnerabilities.
740ad7f929b39f39a90fbb427a720fc5178317b8768a759971f6e8e40ff9cb1d
The pt360 Tool Suite Pro versions 2.0.3901.0 and below suffer from a denial of service vulnerability.
b7e590b9b62f550ba014096043346e7342645b9312b64d5e9d31c5726ce976bb
Argon Client Management Services versions 1.31 and below suffer from a directory traversal vulnerability.
9f51a26f55b3d96c8a49996b404e78d1b1e6837cd13caeae9b1949a0e8bb1d86
Proof of concept exploit for Timbuktu Pro Remote Control Software version 8.6.5 and below which suffer from denial of service and limited upload directory traversal vulnerabilities.
1b703bb5f50daed26088d5d2760db4a0004f2ff14de5021571fd273efe39ceea
Timbuktu Pro Remote Control Software version 8.6.5 and below suffer from denial of service and limited upload directory traversal vulnerabilities.
67af4a853f51649b9ad69d7059221b923737841d11867268be74f562369bb639
ASG-Sentry versions 7.0.0 and below suffer from arbitrary file deletion, heap overflow, and buffer overflow vulnerabilities.
79dd377b86a5b6185e5860c5181a4aadbb9876c1bbcdd06aee057bda35a36bbf
Remote Anywhere Server and Workstation versions 8.0.668 and below suffer from a null pointer vulnerability.
a9ae2d052dcd9a08c5a505981125dd33f6f555a0da86dbcfea1f43610e73805e
Proof of concept exploit for Argon Client Management Services versions 1.31 and below which suffer from a directory traversal vulnerability. Example use of this would be tftpx SERVER ../../windows/win.ini none or tftpx SERVER ..\boot.ini none.
ea7ef03419275b65e612b8abd4b3f5ca633ceb66c93d9a70c982791f5ddd64c2
Acronis True Image Windows Agent versions 1.0.0.54 and below suffer from a null pointer vulnerability. Put ??????? in a file and nc SERVER 9876 -v -v < file.txt to test for a demonstration of the vulnerability.
4f245ee8851e646707220ec3e54cf4d1fa7be5c60a6ad563d1777aa18f5e8062
The phpBB module FileBase suffers from a remote SQL injection vulnerability.
b42b1ea69182b5054976691f826763325ee57faa951d6ca6bd6c5e45fa921ef4
Bloo versions 1.00 and below suffer from multiple SQL injection vulnerabilities.
bd9709dd66c18dcb22788826246a41ee06eb3aa1e278eed4ae0890ce6f4257b7