exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 50 of 1,197 RSS Feed

Files Date: 2010-04-01 to 2010-04-30

Secunia Security Advisory 39621
Posted Apr 29, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in 2daybiz Auction Script, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | cd879e5523565e51b39e240372bd0ccaf2666048010dd6c4521477691c44716a
Secunia Security Advisory 39612
Posted Apr 29, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in CLScript, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | d8ae16113423f3a548edbcad0cd589c1e98e2d587584f20857536495c2e26ce5
Secunia Security Advisory 39651
Posted Apr 29, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in Google Chrome, which can be exploited by malicious people to bypass certain security restrictions and potentially compromise a user's system.

tags | advisory, vulnerability
SHA-256 | 313b2fb698616bfaf692fa2baeb9cda98bd4eaddec719e4e65d2b4fc957ea617
Secunia Security Advisory 39656
Posted Apr 29, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for multiple packages. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to disclose potentially sensitive information, manipulate certain data, potentially gain escalated privileges, and cause a DoS (Denial of Service) and by malicious users to disclose sensitive information, bypass certain security restrictions, and compromise a vulnerable system and by malicious people to bypass the scanning functionality, gain access to potentially sensitive information, cause a DoS (Denial of Service), and compromise a vulnerable system.

tags | advisory, denial of service, local, vulnerability
systems | linux, suse
SHA-256 | 3f3fbbdf68920af71c24b6666152b7ce98b88e8d8c1f50497bfb75dc3b0fc4b5
Secunia Security Advisory 39600
Posted Apr 29, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in the NoticeBoard component for Joomla, which can be exploited by malicious people to disclose potentially sensitive information.

tags | advisory
SHA-256 | db4cd58eef504bbc7dba3abd4247b7f1da672af13128f6ff5cf4638613709a60
Secunia Security Advisory 39640
Posted Apr 29, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in CCMS Gaming, which can be exploited by malicious users to compromise a vulnerable system and by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
SHA-256 | d1faa2f8110a24a539192af3c027a6cbf0d87bd57f81b2be75f3885e04ba53ff
Secunia Security Advisory 39645
Posted Apr 29, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in HP Systems Insight Manager, which can potentially be exploited by malicious users to gain escalated privileges and by malicious people to conduct cross-site scripting and cross-site request forgery attacks.

tags | advisory, vulnerability, xss, csrf
SHA-256 | 3ab18cf0fd3daa1ab957ebc59501a7e6fcead70137ab82dbe0960a1efd32c6cf
Secunia Security Advisory 39564
Posted Apr 29, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in HTC Touch Pro2 and HTC HD2, which can be exploited by malicious people to manipulate certain data.

tags | advisory
SHA-256 | abd52b1830bd15b9e5ce7d104b8cb8bde9f244684e1d23e069684bb8f77e373a
Secunia Security Advisory 39615
Posted Apr 29, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in Help Center Live, which can be exploited by malicious people to disclose sensitive information.

tags | advisory
SHA-256 | e7655e99155313a895987c2ba0446f7b49d5a5527d011f46afefde2d043e0eb0
Secunia Security Advisory 39588
Posted Apr 29, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in the ABC component for Joomla, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | d66d592e52eebd35f06b3284cf092a8fee7774251edf6ab0e331408c0baf760c
Secunia Security Advisory 39592
Posted Apr 29, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in the SmartSite component for Joomla, which can be exploited by malicious people to disclose potentially sensitive information.

tags | advisory
SHA-256 | 48fdd54a820615243630794ab2e6c8f1c935e70d4db64cb4a16f9d9548d1ee3f
Botan C++ Crypto Algorithms Library 1.9.7
Posted Apr 28, 2010
Site botan.randombit.net

Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference.

Changes: This release adds support for reading SSLv2 client hellos, which some applications still send for compatibility with SSLv2-only servers. TLS ciphersuites using the South Korean. SEED block cipher are now supported. The Comb4P hash function combiner is now included. A bug that caused raw (unhashed, unpadded) signatures of messages beginning with 0 bytes to be rejected has been fixed.
tags | library
SHA-256 | a3eb1d8d5c24874e5cfa543fddcd28a558fcae234cbe1999f81e9a5992de2549
SoftBizScripts Hosting Script SQL Injection
Posted Apr 28, 2010
Authored by 41.w4r10r

SoftBizScripts Hosting Script suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 0c9b13a3a2f89999e72bb06578ec5b39a4d95566fcfdb3dee94359b77e2e11a5
SoftBizScripts Dating Script SQL Injection
Posted Apr 28, 2010
Authored by 41.w4r10r

SoftBizScripts Dating Script suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 50e83f42dd7c942695260a3f890e816fcc4e04c28cfae023022b535d59ad7a18
GeneShop 5.1.1 SQL Injection
Posted Apr 28, 2010
Authored by 41.w4r10r

GeneShop version 5.1.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | e27fb6ff783e27237acb6378e2f7a39ac29fe667c01212e5878147c63fa43727
UBB.threads 6.4.4 Forum Cross Site Scripting
Posted Apr 28, 2010
Authored by Cr3w-D, Dr.0rYX

UBB.threads 6.4.4 Forum suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 8cc680403713d3f0b758dc6cc5bf4bf3163c0a46dc3143b365ac7496c0847821
Microsoft SharePoint Server 2007 Cross Site Scripting
Posted Apr 28, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

Microsoft SharePoint Server 2007 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 1a31485d6b626dae460a2e3b7d0478f8e6364c68f3ca848d96c887bc981501cf
Mandriva Linux Security Advisory 2010-084
Posted Apr 28, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-084 - Multiple Java OpenJDK security vulnerabilities have been identified and fixed. Packages for 2009.0 are provided due to the Extended Maintenance Program.

tags | advisory, java, vulnerability
systems | linux, mandriva
advisories | CVE-2009-2409, CVE-2009-3555, CVE-2009-3728, CVE-2009-3869, CVE-2009-3871, CVE-2009-3873, CVE-2009-3874, CVE-2009-3875, CVE-2009-3876, CVE-2009-3877, CVE-2009-3879, CVE-2009-3880, CVE-2009-3881, CVE-2009-3882, CVE-2009-3883, CVE-2009-3884, CVE-2009-3885, CVE-2010-0082
SHA-256 | 312b3c1da3613bba6dee3a18734818e0ba9d2e9be62220fe962af073b0b2a26f
Mandriva Linux Security Advisory 2009-332
Posted Apr 28, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-332 - Integer overflow in the read_channel_data function in plug-ins/file-psd/psd-load.c in GIMP 2.6.7 might allow remote attackers to execute arbitrary code via a crafted PSD file that triggers a heap-based buffer overflow. Additionally the patch for in MDVSA-2009:296 was incomplete, this update corrects this as well. This update provides a solution to this vulnerability. Packages for 2009.0 are provided due to the Extended Maintenance Program.

tags | advisory, remote, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2009-3909
SHA-256 | d2b192cd78da8edd2e68f462274472b050263f13b309e1cab890312f91302408
Joomla Wap4Joomla SQL Injection
Posted Apr 28, 2010
Authored by Manas58

The Joomla Wap4Joomla component suffers from a remote SQL injection vulnerability in wapmain.php.

tags | exploit, remote, php, sql injection
SHA-256 | 331b9a8efe96a951f20193899004794dd17f40ae7d253aca823fcb3dc75f1854
Tele Data's CMS 0.9 SQL Injection
Posted Apr 28, 2010
Authored by AutoSec Tools

Tele Data's CMS version 0.9 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 4c34f67555fc70368e4139fb4d22613428c7d1dcbf726225359040eb6bda3ba3
Mandriva Linux Security Advisory 2010-085
Posted Apr 28, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-085 - The OSCAR protocol plugin in libpurple in Pidgin before 2.6.3 and Adium before 1.3.7 allows remote attackers to cause a denial of service (application crash) via crafted contact-list data for ICQ and possibly AIM, as demonstrated by the SIM IM client. Directory traversal vulnerability in slp.c in the MSN protocol plugin in libpurple in Pidgin 2.6.4 and Adium 1.3.8 allows remote attackers to read arbitrary files via a .. (dot dot) in an application/x-msnmsgrp2p MSN emoticon (aka custom smiley) request, a related issue to CVE-2004-0122. Directory traversal vulnerability in slp.c in the MSN protocol plugin in libpurple in Pidgin 2.6.4 and Adium 1.3.8 allows remote attackers to read arbitrary files via a .. (dot dot) in an application/x-msnmsgrp2p MSN emoticon (aka custom smiley) request, a related issue to CVE-2004-0122. Other issues have also been identified.

tags | advisory, remote, denial of service, arbitrary, protocol
systems | linux, mandriva
advisories | CVE-2009-3615, CVE-2010-0013, CVE-2010-0013, CVE-2010-0277, CVE-2010-0420, CVE-2010-0423
SHA-256 | 209643718e8208dbef837eae2a003ecf460b9808598317b3e97888b1d0d1d215
Mandriva Linux Security Advisory 2010-078
Posted Apr 28, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-078 - The command matching functionality in sudo 1.6.8 through 1.7.2p5 does not properly handle when a file in the current working directory has the same name as a pseudo-command in the sudoers file and the PATH contains an entry for ., which allows local users to execute arbitrary commands via a Trojan horse executable, as demonstrated using sudoedit, a different vulnerability than CVE-2010-0426. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct this issue. Packages for 2009.0 are provided due to the Extended Maintenance Program.

tags | advisory, arbitrary, local, trojan
systems | linux, mandriva
advisories | CVE-2010-1163
SHA-256 | 434d5ae46530ca84b4e40cec180a734b59057077f1e870dbe4462b04e8ee1772
Safari 4.0.3 / 4.0.4 Stack Exhaustion
Posted Apr 28, 2010
Authored by Fredrik Nordberg Almroth | Site h.ackack.net

Safari versions 4.0.3 and 4.0.4 stack exhaustion exploit.

tags | exploit
SHA-256 | 938050b12d8e854b8d626299c5b02d2478693ccb82a3c9f2f0e60fae7b36d4e9
Zero Day Initiative Advisory 10-079
Posted Apr 28, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-079 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks Helix Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the authentication provided by the administrative web interface and is only present if it is configured to use NTLM. The vulnerability can be triggered by specifying invalid Base64 string within the Authorization header. If the string is not proper Base64 the vulnerable function returns -1 which is not verified and is later used as a length to a string copy routine.

tags | advisory, remote, web, arbitrary
advisories | CVE-2010-1317
SHA-256 | 82b64874e461a91bd5206c27ae63f5c67cc13feabbf3505aea024977b045e5c3
Page 2 of 48
Back12345Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close