I-Rater Basic suffers from a remote SQL injection vulnerability in messages.php.
f44d02801233ab4da9be2c297e974ff8733001a42f220d261f2134ba08f7f66bInjader CMS versions 2.1.1 and below suffer from a remote SQL injection vulnerability.
6f746f14cd77dd76c645a78e171cbe64969d6dffc65ff4330f051ae73e04c6d7Calendar Script version 1.1 suffers from an insecure cookie handling vulnerability.
f6d5f922b49a0d67a88b3262aad7cc20a28e7d0e1b8a898d01f0ab9e039d9932This vulnerability was originally reported to the Apache Software Foundation as a Tomcat vulnerability. Investigations quickly identified that the root cause was an issue with the UTF-8 charset implementation within the JVM. The issue existed in multiple JVMs including current versions from Sun, HP, IBM, Apple and Apache. It was decided to continue to report this as a Tomcat vulnerability until such time as the JVM vendors had released fixed versions.
e900270f78788247830b00a35c41b325144bc065b616b71c79bd1ef3ec0ed86b2532|Gigs version 1.2.2 Stable remote command execution exploit.
fa507c5f0a6702fdea43c9fdbb7c6d97de817d690a4c40efad1278c99431ec902532|Gigs version 1.2.2 Stable suffers from a remote login bypass vulnerability.
b92ec05691fb7744af74baaf967dbd0f4466361097ed62af77aef12cd8311c262532|Gigs version 1.2 Stable suffers from file upload and local file inclusion vulnerabilities.
d688d779c939c82a7773e68bd0a2bddfbc496db9d1ed2b3c0eaa7e19352d8d08Wordpress version 2.7 password hash attack tool.
30d6307236524b8d061f1e23c91bfcbdbb9a483afabb89d74266758f3be6f94fE-Smart Cart suffers from a remote file upload vulnerability.
2ff28932cfa6530d4666dbddcb94ca50c9cafc75391839f75c0819f2c45c47dcE-Learning Portal suffers from a remote file upload vulnerability.
609154c940f4bb4bf338ad2f70a946a0fa0d92fde680b41ac37696ea261a9dddSun Solaris suffers from a SIOCGTUNPARAM IOCTL kernel null pointer vulnerability.
a891f595f6f13435a2f5b8eb4f88c409b8f3d63c0a46587d1d8311e4fb22ed15EasySiteNetwork suffers from a remote SQL injection vulnerability in joke.php.
db8af0d393b805d4f9c3258d7ab0a043c8e62000fde5de1d878914e0f5dd91fbJASniff is a small handy graphical Windows TCP/UDP/ICMP packet sniffer. This tool will be embedded in the MSF-XB exploits development platform soon.Full source and a binary is included.
6b72a88cfe89a5313587d5fba7cc23c2b8067328f13b9efe6198926a12e185e5Mini File Host version 1.x suffers an arbitrary php file upload vulnerability.
5a8e464621c704590941b30390c8a4f5bb92779dbc65d524f377ff4ff6a52920QuickerSite Easy CMS suffers from a remote database disclosure vulnerability.
82034aa234a2d6b85c8be84b138d50bf1d40c22abcb6ebcce8b351e72923416dTinyMCE version 2.0.1 suffers from a remote SQL injection vulnerability in index.php.
bda6d2af696f540ec0f9fd474555d489de9daf79fd1934ddc2b39f66d440b152The Joomla Tech Article component version 1.x suffers from a remote SQL injection vulnerability.
74a9b7ed27c83f47b6ba4fa73482cff27e6bf2450f91c5c18e0cfa0113bccaceSamhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.
501c715144fbfe9b3cd17ab20de171782c8bdf2823ddadb991cb1bc4a252bbaaLizardware CMS versions 0.6.0 and below blind SQL injection exploit.
b189ae58bf078dce2b8316b9eca3b50f29d138a3017092b935e9934de369e28br.cms version 2 suffers from multiple SQL injection vulnerabilities.
dd1b2f42181c15daf01651d6862ed52aabee2271bfb2fcd43a19affde8cf42b4sqlmap is an automatic SQL injection tool developed in Python. Its goal is to detect and take advantage of SQL injection vulnerabilities on web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specific DBMS tables/columns, run his own SQL SELECT statement, read specific files on the file system and much more.
fd47be9ac455b207a54a975f54d8a5e80fbc48844992b666e5c976e55a1f96d7Mandriva Linux Security Advisory 2008-245 - Security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox 3.x, version 3.0.5. This update provides the latest Mozilla Firefox 3.x to correct these issues.
8e8a124d3442c7f7e103e33992e5c8bfc960102e2339c8903eed555f5a12867dUbuntu Security Notice USN-695-1 - Paul Szabo discovered a race condition in login. While setting up tty permissions, login did not correctly handle symlinks. If a local attacker were able to gain control of the system utmp file, they could cause login to change the ownership and permissions on arbitrary files, leading to a root privilege escalation.
24c7617bdfd0890f4289a1db8b2fa6d9dddddd879bc7d8f43b46de458e0d9f93Ubuntu Security Notice USN-694-1 - It was discovered that libvirt did not mark certain operations as read-only. A local attacker may be able to perform privileged actions such as migrating virtual machines, adjusting autostart flags, or accessing privileged data in the virtual machine memory and disks.
fde4991571a0af53b9e549fc4264b639d09bf22a7da9e0cba9e83a0705496305Ubuntu Security Notice USN-690-3 - Several flaws were discovered in the firefox browser engine.
7cd6de3e24fa478d5f29d6ca1ebe9883eeea6fd0f297d074dcac90ac0ee11ef6
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed