Multi Website version 1.5 suffers from a cross site scripting vulnerability.
a5e6824c181db59e45207fcc21fa480eb67b37db6008fb033a053094361a36e4Debian Security Advisory 1850-1 - Several vulnerabilities have been discovered in libmodplug, the shared libraries for mod music based on ModPlug.
81fb930ff96e23d185d8dbaabb5f114ab92989bfd83a85581dbbf7cb9e4a1f7cOpenNews version 1.0 suffers from SQL injection and command execution vulnerabilities.
69928830aa3899fc302a0071d63fd2b94c20bc604a0fd1bb2b1f14fb8feae246This is the web UI for the Xplico network forensic analysis tool.
bc90beb54356bd5dc7ed1b1e5d00b6228776e240a62feab26eaf073ff4dd778cXplico is an open source Network Forensic Analysis Tool (NFAT) that allows for data extraction from traffic captures. It supports extraction of mail from POP, IMAP, and SMTP, can extract VoIP streams, etc. This is the version that has a GUI allowing you to view photos, texts and videos contained in MMS messages.
0a3af6d2072476f7a6ebb7cbbf8f2c9a549d43bf4f2629909d37a1776ad823baAftablog suffers from a cross site scripting vulnerability.
5375a26e337cc8e3276e33b3fb51a6edbc1c3561c4880227957d7a9fbcc52d8eHP Security Bulletin - Potential security vulnerabilities have been identified with HP Serviceguard Manager B8325BA (Stand alone). These vulnerabilities can be exploited remotely to allow execution of arbitrary code and to create a Denial of Service (DoS).
f6d04ff6fcc7ab31c8f7311d599408d1f779e76c5ffe7712a160db23439cc987Perl$shop E-Commerce Script suffers from an input parameter injection vulnerability.
b0b105f5c579241f90cdc06fa32430cdd7d657ac7d0f7583b6a3099571901b8cFiked is a fake IKE daemon that supports just enough of the standards and Cisco extensions to attack commonly found insecure Cisco PSK+XAUTH VPN setups in what could be described as a semi-MitM attack. Basically, knowing the pre-shared key, also known as shared secret or group password, the VPN gateway can be impersonated in IKE phase 1, in order to learn XAUTH user credentials in phase 2. The configuration supported by fiked is IKE aggressive mode using pre-shared keys and XAUTH. Supported algorithms are DES, 3DES, AES128, AES192, AES256, MD5, SHA1, and DH groups 1, 2, and 5. Main mode is not supported.
94badfbb545c4f0f4092a937d20a277a5854093417fd93f61c92b4bdea3f03faelgg versions 1.5 and below suffer fro a local file inclusion vulnerability.
dc52921cd87d251005156724a5644a59e707f684921d2a4f1e1c88b46ed0b7bcPayment Processor Script suffers from a blind SQL injection vulnerability.
342f36838608f75caaa04e9e22409cab51e067306991cf42776ec7ef7eece83aMAXcms version 3.11.20b suffers from remote file inclusion and file disclosure vulnerabilities.
5177336ed8b1b5c1810bbd8e64148b1569d23eae3500f713ff2aef57c25114f0Blink Blog suffers from a remote SQL injection vulnerability that allows for authentication bypass.
9273d24b63f5363595b57eac4ff67279e1c11f9c54a06bb6cee40678a70ff07aDiscloser version 0.0.4-rc2 suffers from a remote SQL injection vulnerability.
e6b7ca675f005a5bf1e926c4721a2b2383a5762f040fd409538d8f8052e561daUploaderr remote arbitrary file upload exploit.
8938105dc52c4f3ed77632d06840917ac648d83ac2384c95e4749d61ee928890Asterisk Project Security Advisory - An attacker can cause Asterisk to crash remotely by sending malformed RTP text frames. While the attacker can cause Asterisk to crash, he cannot execute arbitrary remote code with this exploit.
7cdb743f4d11e06fb523803f2e6f40f3d378378fd8b9554a26d5efcd6ce48db9Mandriva Linux Security Advisory 2009-191 - Multiple integer overflows in OpenEXR 1.2.2 and 1.6.1 allow context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors that trigger heap-based buffer overflows, related to (1) the Imf::PreviewImage::PreviewImage function and (2) compressor constructors. NOTE: some of these details are obtained from third party information. The decompression implementation in the Imf::hufUncompress function in OpenEXR 1.2.2 and 1.6.1 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors that trigger a free of an uninitialized pointer. Buffer overflow in the compression implementation in OpenEXR 1.2.2 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors. This update provides fixes for these vulnerabilities.
dfedef316c0434e4da68e94dd8b4edea8b9272dd21d5404ff868ca260697963eArab Portal versions 2.2 and below suffer from a local file inclusion vulnerability in mod.php.
e7d75ccb6f37aba8588c85f27a2b861477b4601c0d7ab215a2830b2b788bb367Multi Website version 1.5 suffers from a remote SQL injection vulnerability.
87392b984b905648dbd1c969323446248e35b5092f3c4c0835887e5d0dd05612Questions Answered version 1.3 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
14b7d3f7cdae6bf364f020117f75ccb65aa8e5915b3c3128576ec72ed3f98348ProjectButler version 1.5.0 suffers from a remote file inclusion vulnerability in pda_projects.php.
de34fee8a7ea21c1d0e368e62b352c9fa113f03285bf432a69b2a27fdcdb208fMandriva Linux Security Advisory 2009-190 - Multiple integer overflows in OpenEXR 1.2.2 and 1.6.1 allow context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors that trigger heap-based buffer overflows, related to (1) the Imf::PreviewImage::PreviewImage function and (2) compressor constructors. NOTE: some of these details are obtained from third party information. The decompression implementation in the Imf::hufUncompress function in OpenEXR 1.2.2 and 1.6.1 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors that trigger a free of an uninitialized pointer. This update provides fixes for these vulnerabilities.
9fba3f9b676ff2bfb13c7bd429624b68128af6b7dba38ab4df821402a9de46dcServeez versions 0.1.7 and below remote buffer overflow proof of concept exploit.
2c7482454cb13cd0ff6733500bdebdee4f6eac46cd907c0579dd13fc4792029e
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed