Debian Linux Security Advisory 1978-1 - Several remote vulnerabilities have been discovered in phpgroupware, a Web based groupware system written in PHP.
69f85bade634aaa80b3a1ffe6f5ddcafd82e697ba944c468ffbf9fa38537dbdd
Whitepaper called Methods Of Quick Exploitation Of Blind SQL Injection.
c69a4c103d432b2d88223df4dc98088b20c316605edf6809bd15d959593d2fd5
LookMer Music Portal suffers from a database disclosure vulnerability.
a3ee94babad164467618891403ee460acf6ea0ce265ec1b2dc0617c058fd9c7b
Basmi Okul Scripti suffers from shell upload and database disclosure vulnerabilities.
4862a4f33b48b143c77d2cf8b1b48377ec8d80bb4ea2eef7e2809cb304ab5dd3
Discuz! version 6.0.0 suffers from a cross site scripting vulnerability.
bc946b356870b8085d969310360a71bc24171d2134452572fcd12fdece9df47a
Mandriva Linux Security Advisory 2010-026 - libraries/libldap/tls_o.c in OpenLDAP, when OpenSSL is used, does not properly handle a \\'\\0\\' (NUL) character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct this issue.
d24aa6b26a33a379ee5a3aeb6a16a1856818804de3fa37eae392f97c6825290a
Ubuntu Security Notice 890-4 - USN-890-1 fixed vulnerabilities in Expat. This update provides the corresponding updates for PyXML. Original advisory details: Jukka Taimisto, Tero Rontti and Rauli Kaksonen discovered that Expat did not properly process malformed XML. If a user or application linked against Expat were tricked into opening a crafted XML file, an attacker could cause a denial of service via application crash. It was discovered that Expat did not properly process malformed UTF-8 sequences. If a user or application linked against Expat were tricked into opening a crafted XML file, an attacker could cause a denial of service via application crash.
42a2daccd8cc1406010126b963ee66d202639413a9de1bb48654443115f644d7
UGiA PHP Uploader version 0.2 suffers from a shell upload vulnerability.
f8b27d4b44d0f381b3a521dd8e4bb36a8ac5308048e9d8bf34b12f6a9990bde6
This Metasploit module exploits a privilege escalation vulnerability in South River Technologies WebDrive. Due to an empty security descriptor, a local attacker can gain elevated privileges. Tested on South River Technologies WebDrive 9.02 build 2232 on Microsoft Windows XP SP3.
d1b1cd0b24c521c3ac658150a5658356bf2ad8fce479a3690ef93ddb1ce99210
KOL WaveIOX version 1.04 .wav local buffer overflow proof of concept exploit.
4c9d7c267dc16e081588cd99eab9a6bc279c175609e568fe2dc4497dc8f21c51
KOL Wave Player version 1.0 .wav local buffer overflow proof of concept exploit.
a8ef8bc0c251dbfab265c626b091962902c509e4cad875f7b9efb517bd032906
This perl script is a simple encoding utility that converts data to Hex, Unicode, etc.
2b30fb69bb60fef848c4afa61d58fad18d20e6e793de647d90fe8fd5c59c4af2
The IBM DataPower XS40 Security Gateway suffers from a malformed packet denial of service vulnerability.
22f95689d88e5a8859a94456da4be2b3876d90089600c32767be934074c15957
Microsoft Internet Explorer versions 6 and 7 local crash exploit.
4919b1da84a18ee8dd1946be9767fbd69d36552aef4bed91d749811ec7aa7886
Secunia Security Advisory - Trancer has reported a vulnerability in cPanel, which can be exploited by malicious people to conduct HTTP response splitting attacks.
a7c37a1685d9a31cc59ef4367bb453cb4f7de21dd5869597f71ee3e509b6f7f3
Secunia Security Advisory - A vulnerability has been reported in yaSSL, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library.
bb7784179150a0693fe149a19bfe158575e7985a64d4f6d3afaf6563bf408ff9
Secunia Security Advisory - A vulnerability has been reported in HP OpenView Storage Data Protector, which can be exploited by malicious, local users to bypass certain security restrictions.
f71dd45568764812b2462e52e2193e8989f5193f8d943c2b8c21305b7a18e79b
Mozilla Firefox version 3.6 suffers from an arbitrary setting of Personas without user interaction.
c0a381292581d3fcf994fd260f74219521dc77f1c33df1488cff34970457cc73
Secunia Research has discovered a vulnerability in Google Chrome, which can be exploited by malicious people to potentially compromise a user's system. The vulnerability is caused by a use-after-free error when trying to display a blocked pop-up window while navigating away from the current site. Successful exploitation may allow execution of arbitrary code. Version 3.0.195.38 is affected.
ca51a53be3e2be60a135aef75af0e1b2b44ab80b91e0ccfa337b8c33ef7be350
Joomla version 1.5.12 suffers from remote file execution / local file inclusion vulnerabilities.
a835dff9a8ce1c69ba0f9042398b4a9f1c7a7e1357438f432017e7ac275354b2
Joomla version 1.5.12 suffers from path disclosure and local file inclusion vulnerabilities.
34c9c59dbb357a2b1cbbbe48015e34d9b35753de40daafbf09042cabbfe2a13f
Debian Linux Security Advisory 1977-1 - Jukka Taimisto, Tero Rontti and Rauli Kaksonen discovered that the embedded Expat copy in the interpreter for the Python language, does not properly process malformed or crafted XML files. This vulnerability could allow an attacker to cause a denial of service while parsing a malformed XML file. In addition, this update fixes an integer overflow in the hashlib module in python2.5. This vulnerability could allow an attacker to defeat cryptographic digests. It only affects the oldstable distribution (etch).
28197fcb1e4306a91d0fa3becafcfc0ced03343e6c675879be0de7506a38c77d
Publique! Framework version 2.3 suffers from a remote SQL injection vulnerability.
b5c3513c8949c151cfc05bdfe1cd8973445f1bbc09b6cebdbedbef350dbaac2d
Status2k remote add administrator exploit.
0963d7f0df034726c05cd0e475a5566182a77d8c09f06d0ec2194f29055d6b8c
The login page of the F2L-3000 version 4.0.0 is vulnerable to SQL Injection. Exploitation of the vulnerability may allow attackers tobypass authentication and access sensitive information stored on the device.
0aa31d61a17571c0fb1db50bfa89f614672ac6e1de71f37e6ea906313453af1b