SIU Guarani suffers from information disclosure, file upload, and remote SQL Injection vulnerabilities.
11675374fb1fa62ad61601f39365f126bb06bd39e8f55b3f48d6eb165c147d9eDebian Security Advisory 168201 - Ivan Markovic discovered that SquirrelMail, a webmail application, did not sufficiently sanitise incoming HTML email, allowing an attacker to perform cross site scripting through sending a malicious HTML email.
b37e6d28638f92ee2556f72ac25b124f3a8848d6bb63479f35654cda8a3da5b7ezgallery suffers from a remote database disclosure vulnerability.
4529ff5baa5cacbf8515c72c33d9ff0295c6b482eec09d3df4398fcfcbaddc56phpMyAdmin version 3.1.0 suffers from a SQL injection vulnerability that can be leveraged via a cross site request forgery vulnerability.
6fea7c89f574af0d28b9bebdb2cdd757f68eb0587fa6b37c18ae7ac1c782cfd5Simple Directory Listing version 2.1 beta 1 suffers from a cross site file upload vulnerability.
d41b2657c76cd59cd7b128d92c25922e04bdfc553a395a9b214d7bc493cb743bDotNet Blog suffers from a remote database disclosure vulnerability.
a8156cecdd596a32469d2848f14a0e69a96fb6b95fa068ba95f9eebe43ccf8fbASP Server Info suffers from a remote database disclosure vulnerability.
cbeafdec8ff685d60deceb162aeb8cb18cd9185bac8438505ec1c9f221ff218bHacking Bash History discusses about why the history mechanism of bash cannot be used as a monitoring/logging facility even with the strictest measures applied to secure it. A section of the text is dedicated to hacking the bash source code to interface it with syslog.
664907504e0403cff84e669772a659f42d9afd1ce6f9686ef6d6fc7b1c4948aaLocating Stateless Firewalls focuses on methods to discern between stateful and stateless firewalls. It discusses about how stateless firewalls can be further exploited due to possible misconfigurations and the result of RFC ambiguities.
92d70c1c1a8bf87994a15eeeeb1e386c40d0cbd93cb04ba70c8be0cb5f7f9dd0This paper's purpose is to explain the often misunderstood nature of raw sockets. The driving force of writing this text was the curiosity of the author to learn the ins and outs of this powerful socket type also known as SOCK_RAW. What is going to be discussed here will *not* be another tutorial on how to hand-craft one's own packets. This topic has been overly discussed many times and one can find quite a few references on the net about it (mixter etc). What is going to be discussed here is what raw sockets do behind the scenes.
e34013ce5d7e14ab4a3bc4b93aca009bab908303d63fe43a0d0f483523fa035aMG2 version 0.5.1 suffers from a remote code execution vulnerability.
3cb15f8a4a3de1019b13bbfad475d45453bb6d3ad0436e12ed1190f862dd4556Complemento is a collection of tools for penetration testing. LetDown is a TCP flooder written after reading the Fyodor article "TCP Resource Exhaustion and Botched Disclosure". Reverse raider is a domain scanner that uses brute force wordlist scanning for finding a target's subdomains or reverse resolution for a range of IPs. Httsquash is an HTTP server scanner, banner grabber, and data retriever. It can be used for scanning large ranges of IPs for finding devices or HTTP servers.
a9c415af494e5be03b60dde1ffa3bf530546c49c85c8648c3fab1f8a7ec24f93PHPmyGallery Gold version 1.51 suffers from a directory traversal vulnerability in index.php.
8967baaa8008e70109e6f6feeaf5db059cac3c3d73e1b98adcbf83dad46045a1ASP Talk suffers from cross site scripting and remote SQL injection vulnerabilities.
8c2f5c8a96fc1631895334fe38e40167fcacb7601577c0fddff24576c05e4a0cQMail Mailing List Manager version 1.2 suffers from a remote database disclosure vulnerability.
90d1a37c7bad888536c133a977e1f080ceab18f0b6dbb7777fa6916c7e14fe60Mini-CMS version 1.0.1 suffers from multiple local file inclusion vulnerabilities in index.php.
def974c2180f48d1486a2c4e13e1c298bd4172a9267a078e418f8352d255d801Mini Blog version 1.0.1 suffers from multiple local file inclusion vulnerabilities in index.php.
53d751d23b601bdf062f72b3398311f42abe32784deb3f3b65f97bf002177c67ASPManager Banners suffers from remote file upload and database disclosure vulnerabilities.
792e8c2c931c4c97c9ebeb965587c8e106a94c2f53236efd21aead1056a3c2b5Ikon AdManager version 2.1 suffers from a remote database disclosure vulnerability.
51f909d59b34ef0f93063f8f968ea0c3fa55d6197875e5de656d6c9b4bf0f2fbProfessional Download Assistant 0.1 suffers from a remote database disclosure vulnerability.
868f650e55b7f9e6df9282e7bced30db5e1e0b1e07fa61a5f1d0c96a7b2dc3c9NatterChat version 1.12 suffers from a remote database disclosure vulnerability.
e976b8907ea9a2418a4c2cc760f384d1b08969f6b3f1bc9b3218727a4e5fa1f5w3blabor CMS version 3.0.5 arbitrary file upload and local file inclusion exploit.
450a6728bf2dde66bd644cac5eca5c523e70579823c6d81308c24d1cd1e93fbaProduct Sale Framework version 0.1b suffers from a remote SQL injection vulnerability.
36e3328540b8f382a00f87a9a737cac8cd21593d5cd19d774fae66295a72d3d6PayPal eStore administrative password changing exploit.
3141673b240678884ad6ce5c3f4fc13b46d1f7ce1cdc0090028652b164fc039bBonza Cart versions 1.10 and below administrative password changing exploit.
c8f97716c522710d777c85a907c4e97bcb2c1d8f4fec10cac3efd8695727e6da
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed