CodeDB suffers from a local file inclusion vulnerability in list.php.
c04949091346c9a4ffa04eb1577065a9Scripteen Free Image Hosting Script version 1.2 administrative password grabbing exploit.
0a039166792ec92a6cd0054193523e70ITechBids version 7.0 Gold suffers from cross site scripting and SQL injection vulnerabilities.
47f73ac26246ad8afc0b2787ce728a2ePluck version 4.5.1 suffers from a local file inclusion vulnerability.
594c48dfd8433f96b3939aba67ad57f2The Call For Papers for DeepSec IDSC 2008 ends tomorrow. Get your submission in today!
77417a9f5ef7bd6ea11c50505a04f22aFreeBSD Security Advisory - The BIND DNS implementation does not randomize the UDP source port when doing remote queries, and the query id alone does not provide adequate randomization.
68270ba16f4122fec61835a8a609ce74Avlc Forum suffers from a remote SQL injection vulnerability in vlc_forum.php.
26ac2aa382340a458cf6a4e4e3a8c0acMFORUM version 0.1a suffers from an arbitrary add administrator vulnerability.
5060542df96d795580c5e08468080827jSite version 1.0 OE suffers from SQL injection and local file inclusion vulnerabilities.
200e1f73b7af96b86b649c16fc2c7b87Fuzzylime CMS version 3.01 remote code execution exploit that leverages commrss.php. Written in PHP.
f6d13732d552a22cc272860854928531Fuzzylime CMS version 3.01 remote code execution exploit that leverages polladd.php. Written in Perl.
9281b4ba2097210d37a8b1b3206d6699Fuzzylime CMS version 3.01 remote code execution exploit that leverages polladd.php. Written in PHP.
f85ac4bc37b2a2ef09b1b6c9f64e48dbYahoo! Messenger version 8.1 ActiveX remote denial of service exploit.
d184f3c05f0726a968c63d465eba10dcDebian Security Advisory 1608-1 - Sergei Golubchik discovered that MySQL, a widely-deployed database server, did not properly validate optional data or index directory paths given in a CREATE TABLE statement, nor would it (under proper conditions) prevent two databases from using the same paths for data or index files. This permits an authenticated user with authorization to create tables in one database to read, write or delete data from tables subsequently created in other databases, regardless of other GRANT authorizations.
c3744708947638838c41045af52ff9a5Simple DNS Plus versions 5.0 and 4.1 remote denial of service exploit.
d8d6200a8db9cbe135ad9962188749beMandriva Linux Security Advisory - A denial of service vulnerability was discovered in the way the OpenLDAP slapd daemon processed certain network messages. An unauthenticated remote attacker could send a specially crafted request that would crash the slapd daemon. The updated packages have been patched to correct this issue.
e067e9635f844806f64c3081f75e1484Mandriva Linux Security Advisory - Integer overflow in the rtl_allocateMemory function in sal/rtl/source/alloc_global.c in OpenOffice.org (OOo) 2.0 through 2.4 allows remote attackers to execute arbitrary code via a crafted file that triggers a heap-based buffer overflow. The updated packages have been patched to fix the issue. The OpenOffice.org package for Mandriva Corporate 3 missed the patch application due to a build error. This update fixes that.
8bd061d9f1aa04e66a24a47d77511715Snoop is a GNU/Linux file descriptor monitoring tool inspired by FreeBSD's 'watch'. It goes beyond simple TTY snooping by allowing the interception of any file descriptor. You can attach on the fly to regular files, TTYs, named pipes, character devices, and pretty much anything that is represented by a file descriptor and addressable in the standard name space.
930526597960a2cb501a9de8b3d2d33eSiLK (System for Internet-Level Knowledge) consists of two sets of tools: a packing system and an analysis suite. The packing system receives Netflow V5 PDUs and converts them into a more space efficient format, recording the packed records into service-specific binary flat files. The analysis suite consists of tools that can read these flat files and then perform various query operations, ranging from per-record filtering to statistical analysis of groups of records. The analysis tools interoperate using pipes, allowing a user to develop a relatively sophisticated query from a simple beginning.
287912494f4908511cb57b45dd8c73e5Ultrastats versions 0.2.142 and below remote blind SQL injection exploit that makes use of players-detail.php.
aee92b78cc0a84df00b311fcec99010dWebCMS Portal suffers from a remote SQL injection vulnerability.
98bdf8da8c2c185cc50c99f36dbdab83Joomla n-forms component version 1.01 blind SQL injection exploit.
efa1aef9075e49b2a4616ab128d7ab2cTrixbox version 2.6.1 remote root exploit written in Python that spawns a reverse shell.
90971bc3960ef207e3050812d4f68b2fMaian Recipe versions 1.2 and below suffer from a poorly designed cookie vulnerability.
d9fed84f2a750196d37a76cadfc4ae4aMaian Links versions 3.1 and below suffer from a poorly designed cookie vulnerability.
2f442baa3e22d38deb13ee84ae712416
© 2020 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed