CodeDB suffers from a local file inclusion vulnerability in list.php.
56a2663dce48b0521bb75e349218563a73d072d01c14cfb3c65d04310ef30ebeScripteen Free Image Hosting Script version 1.2 administrative password grabbing exploit.
6a0a610f81f0863e880117b1e3ac6a87e0141fd6b9b5fdce033db61209d64ce3ITechBids version 7.0 Gold suffers from cross site scripting and SQL injection vulnerabilities.
3738018d4c007f87135d3353ef09c273379c8aa5348129adbff3cafca24ae3c4Pluck version 4.5.1 suffers from a local file inclusion vulnerability.
97359dbd07b27df4394cfd514c94a283ac92098fcbf90ff15c5c3cfc0e028c60The Call For Papers for DeepSec IDSC 2008 ends tomorrow. Get your submission in today!
20b960645ed6dfedd3a4d472a94e74ca34f364ce7013583ff139630ebb4895f6FreeBSD Security Advisory - The BIND DNS implementation does not randomize the UDP source port when doing remote queries, and the query id alone does not provide adequate randomization.
fb04e361ce950a2eb37bbee1c2ca35ab538b362079ecb611780d440663993f72Avlc Forum suffers from a remote SQL injection vulnerability in vlc_forum.php.
6179f2da4d08d4a167d084865f97f3185b39cff49c836ed0b85fe2c00a6cfe71MFORUM version 0.1a suffers from an arbitrary add administrator vulnerability.
807f18e60215df83baf72791fca62e63d51add18a51c869243eddde68c0bb583jSite version 1.0 OE suffers from SQL injection and local file inclusion vulnerabilities.
fdd01faf208fb1601f555295be0fe1dfc2afd66dfe54d830f0c6ede0312317a4Fuzzylime CMS version 3.01 remote code execution exploit that leverages commrss.php. Written in PHP.
bfb84d50396053f20de768ceab95923c2ab02c1c3871d340f8128bd4c32e42cfFuzzylime CMS version 3.01 remote code execution exploit that leverages polladd.php. Written in Perl.
14aeffdf9e319fce05296d28467b43e83c68ba71e5948fae3423e2be99820120Fuzzylime CMS version 3.01 remote code execution exploit that leverages polladd.php. Written in PHP.
a8c44acead9986af75368b435f55146aa609a6ffaefd0d7e3f9ac812287aa5b6Yahoo! Messenger version 8.1 ActiveX remote denial of service exploit.
b86529c5c94705d2fa1eb098389b8c296df0db1270649c873ef34d3cbd30931cDebian Security Advisory 1608-1 - Sergei Golubchik discovered that MySQL, a widely-deployed database server, did not properly validate optional data or index directory paths given in a CREATE TABLE statement, nor would it (under proper conditions) prevent two databases from using the same paths for data or index files. This permits an authenticated user with authorization to create tables in one database to read, write or delete data from tables subsequently created in other databases, regardless of other GRANT authorizations.
f36bea7ac060105616e86d6befc0a778abc8db40a7c072eabdd764d2b4e156aeSimple DNS Plus versions 5.0 and 4.1 remote denial of service exploit.
6c347700d81e481ba932dc2c036c6a9ad7f8890deff1e0a3dff7bfebc77dbe17Mandriva Linux Security Advisory - A denial of service vulnerability was discovered in the way the OpenLDAP slapd daemon processed certain network messages. An unauthenticated remote attacker could send a specially crafted request that would crash the slapd daemon. The updated packages have been patched to correct this issue.
0086e0b69ef62cdf3040c7dbe542813ee38fad87afd143e3d4de43d040215a78Mandriva Linux Security Advisory - Integer overflow in the rtl_allocateMemory function in sal/rtl/source/alloc_global.c in OpenOffice.org (OOo) 2.0 through 2.4 allows remote attackers to execute arbitrary code via a crafted file that triggers a heap-based buffer overflow. The updated packages have been patched to fix the issue. The OpenOffice.org package for Mandriva Corporate 3 missed the patch application due to a build error. This update fixes that.
cba8ef6fe369d68f51876e63cd4e84efabd1b52022f827bc2ffa123464041e03Snoop is a GNU/Linux file descriptor monitoring tool inspired by FreeBSD's 'watch'. It goes beyond simple TTY snooping by allowing the interception of any file descriptor. You can attach on the fly to regular files, TTYs, named pipes, character devices, and pretty much anything that is represented by a file descriptor and addressable in the standard name space.
ac10fd95cf6b885d3ca967216b94200f527e87415a52f0f743d521a845da925fSiLK (System for Internet-Level Knowledge) consists of two sets of tools: a packing system and an analysis suite. The packing system receives Netflow V5 PDUs and converts them into a more space efficient format, recording the packed records into service-specific binary flat files. The analysis suite consists of tools that can read these flat files and then perform various query operations, ranging from per-record filtering to statistical analysis of groups of records. The analysis tools interoperate using pipes, allowing a user to develop a relatively sophisticated query from a simple beginning.
a6367a8c25a709527279819c4ec474da194eccd5bb306d9b195f22e9f7ad640cUltrastats versions 0.2.142 and below remote blind SQL injection exploit that makes use of players-detail.php.
019e21465b24053ea907149e640207acc794f0d6201b1b7a809e5c5162b188fbWebCMS Portal suffers from a remote SQL injection vulnerability.
8c0060a7cca56e19e7977dcdc0f0ee2f5f3d7ebf8a2ea6babdfc83f6164d55d1Joomla n-forms component version 1.01 blind SQL injection exploit.
2563504ee8b94b0f75e1a2841c690b08d2c111348c01ad6c28cefd90ea8cc090Trixbox version 2.6.1 remote root exploit written in Python that spawns a reverse shell.
3f6ae161657fee10bb1b94f8851f662ec45c6d00a9982ae5161a385caba2cc38Maian Recipe versions 1.2 and below suffer from a poorly designed cookie vulnerability.
c01a73156e6de4fa6d759d7ca6ad2eecc65ff0223e229fcdb73deea384319e23Maian Links versions 3.1 and below suffer from a poorly designed cookie vulnerability.
007bf1d1fddad50e1b187cc8bd740a5c3dc8dc39919720f1b4fe547e052c3afa
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Subscribe to an RSS Feed