Yourownbox version 4.0 authentication bypass exploit that uses cookie modification.
3a3ebc9cb2e25823d058339b88e2c0462c7dbbc42b656cf933d7eb66add731fb
56 bytes setreuid, execve(pfctl -d) shellcode for freebsd/x86.
9f0ec696e7b3ac3dcc7755ae7e73a249c3f2fb62e635e84b71bf5bfc525ee831
WebPortal CMS version 0.7.4 and below SQL injection exploit that leverages download.php.
040b9a047d86b445f68060a948eb32e5b269fe418667ebcd7e12fc5c1b27e738
iBoutique version 4.0 suffers from a remote SQL injection vulnerability.
756d22b1aa731e7828784a8538d997d75f175ca58d434a756cd2711760ef5931
Sports Clubs Web panel version 0.0.1 suffers from a remote file upload vulnerability.
4536731a7629eb760b382eda49ba6990491bea70aed3cf05f572999c13918064
Sports Clubs Web Panel version 0.0.1 suffers from multiple SQL injection vulnerabilities.
f987c0942f61ed50dc25afc5304b57b28f604510e9b711ce1fc63b47bb5f676e
Easy Photo Gallery version 2.1 suffers from an arbitrary add administrator vulnerability.
b9fc7189c56503910212f2570f0afcacff08e6f9f5e04d1569442e076675d575
PhpWebGallery version 1.3.4 suffers from a blind SQL injection vulnerability.
e72313bf05befc98bd8bf020327dded015cdc94a328144d377f1b9945cd61695
Absolute Poker suffers from a remote user enumeration vulnerability.
034af54b9dac02c196dcacca9302d0e450bd616d28cfa4559abf4e15753d65a0
Mandriva Linux Security Advisory - A heap-based buffer overflow was found in how libxml2 handled long XML entity names. If an application linked against libxml2 processed untrusted malformed XML content, it could cause the application to crash or possibly execute arbitrary code. The updated packages have been patched to prevent this issue. As well, the patch to fix CVE-2008-3281 has been updated to remove the hard-coded entity limit that was set to 5M, instead using XML entity density heuristics. Many thanks to Daniel Veillard of Red Hat for his hard work in tracking down and dealing with the edge cases discovered with the initial fix to this issue.
1e3f41aed1bbde242e20d768dd1cd631a00b1b0292f0e84a50929112613e0636
Mandriva Linux Security Advisory - A vulnerability in the rcp protocol was discovered that allows a server to instruct a client to write arbitrary files outside of the current directory, which could potentially be a security concern if a user used rcp to copy files from a malicious server. This issue was originally corrected in MDKSA-2005:100, but the patch had not been applied to the development tree, so released packages after that date did not have the fix applied. This update also corrects an issue where rexecd did not honor settings in /etc/security/limits if pam_limits was in use.
bded2d87701a28901e50b4ea42a719106d88f4b21271c291b0275243ab8f2032
Secunia Security Advisory - Multiple vulnerabilities have been reported in Easy Photo Gallery, which can be exploited by malicious people to bypass certain security restrictions, and conduct SQL injection and cross-site scripting attacks.
39b9b453a404b0c315966b80068b899b25d7805af1dd855e90574fd9b6e12039
Secunia Security Advisory - Some vulnerabilities have been reported in WebCMS.es, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.
0a11140b84f4ae4c30edf1f49870c0f9dc36de655bfef7cf8d6225008706fb96
Secunia Security Advisory - Ubuntu has issued an update for postfix. This fixes a security issue, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
974f684854ece91758ad254bb64d8b4154e9dbcad43448927984a03d4fa03f08
Secunia Security Advisory - Juan Pablo Lopez Yacubian has discovered a vulnerability in ZoneAlarm Internet Security Suite, which can be exploited by malicious people to compromise a user's system.
2bc902773a2eaaba6e3fc20a4954e741befe679b8e71d15599a150c8cbe59926
Secunia Security Advisory - Ubuntu has issued an update for freetype. This fixes some vulnerabilities, which potentially can be exploited by malicious people to compromise an application using the library.
6c62c82f51a9ef706c4de6ccb2b3c8afcad2afdab42ffb26474d358465868858
Secunia Security Advisory - Debian has issued an update for linux-2.6.24. This fixes some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and disclose potentially sensitive information.
c35e1513ca60b1b189d65f02e614362f3a3828662b226c6082bf73626d27c522