NPDS REvolution version 10.02 suffers from a remote blind SQL injection vulnerability.
c2a3cab57c4e399a03355de30c3da57875514424940b2c2136c167af04c834bfKapitalist version 0.4 and Capitalist version 0.3.1 suffer from heap corruption and denial of service vulnerabilities.
42272e8426849e04f0fffbb049a97ef26ed5f3fecaf48fc99f9e00e87fa0982fBlaB! Lite versions 0.5 and below suffer from a remote file inclusion vulnerability.
19bdc922dde112a38db62a54da9b83675387f6416b8a6f155d96ccdef693cbdaThe Joomla Konsultasi component suffers from a remote SQL injection vulnerability.
57b8bbc4dc53081da7df31627682621c368eaa0cccbbece9a4e2259ae11c6289IPB version 3.0.1 remote SQL injection exploit.
1627de9a57fa8a18135f95dcd53a28ab963518280e24b25fe2f88e95751dc673The Joomla Wrapper component suffers from a remote SQL injection vulnerability.
b4027c67a968632de71da152213ce783687b977900eb76d725797b30106b796ePlanet version 2.x suffers from a cross site scripting vulnerability.
f56a213a078b25ed1f2a0ce435352aa43d0fd43e658e53d39c73f3e611867dbaSecunia Security Advisory - Grabpot Thundergust has discovered a vulnerability in ocPortal, which can be exploited by malicious people to conduct cross-site request forgery attacks.
ed767cd108014eaf60750307cf9a69149ba5fe6b36aaade19bb7fd53d8321bebUbuntu Security Notice 938-1 - It was discovered that KGet did not properly perform input validation when processing metalink files. If a user were tricked into opening a crafted metalink file, a remote attacker could overwrite files via directory traversal, which could eventually lead to arbitrary code execution.
746315ac5a48a3f82a0b9ef9941e3f39092871f70399e967ebb36f5e00d31a5eMandriva Linux Security Advisory 2010-095 - There's a race condition in libXext that causes apps that use the X shared memory extensions to occasionally crash. Packages for 2008.0 and 2009.0 are provided due to the Extended Maintenance Program for those products. The corrected packages solves this problem.
acdafbf22f6b911420511e7f7e66000b4f1f998ac233fc90b0ef1418b63ddf73Mandriva Linux Security Advisory 2010-094 - Buffer overflow in BibTeX 0.99 allows context-dependent attackers to cause a denial of service (memory corruption and crash) via a long.bib bibliography file. Integer overflow in the ObjectStream::ObjectStream function in XRef.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, CUPS pdftops, and teTeX, might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow. Integer overflow in dvips in TeX Live 2009 and earlier, and teTeX, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted virtual font (VF) file associated with a DVI file. Multiple array index errors in set.c in dvipng 1.11 and 1.12, and teTeX, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a malformed DVI file. Integer overflow in the predospecial function in dospecial.c in dvips in (1) TeX Live and (2) teTeX might allow user-assisted remote attackers to execute arbitrary code via a crafted DVI file that triggers a heap-based buffer overflow. Multiple integer overflows in dvipsk/dospecial.c in dvips in TeX Live 2009 and earlier, and teTeX, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a special command in a DVI file, related to the (1) predospecial and (2) bbdospecial functions, a different vulnerability than CVE-2010-0739. Packages for 2008.0 and 2009.0 are provided due to the Extended Maintenance Program for those products. The corrected packages solves these problems.
1daa265999930ca2d9df2cbe02735d4f6dfa550c99969b1603e181f9469ec1b0The Joomla Advertising component version 2.0 suffers from a local file inclusion vulnerability.
a6b2b960ca240f513be76e59621634457cd24948bfbb43ec466fc421ae9e8d91Palo Alto Network suffers from a cross site scripting vulnerability.
3d0c6671fe43e34bdd0787218ccfb7f63893f06919773d0ff6b4725c89c700ecCisco Security Advisory - Multiple vulnerabilities exist in the Cisco PGW 2200 Softswitch series of products. Each vulnerability described in this advisory is independent from other. The vulnerabilities are related to processing Session Initiation Protocol (SIP) or Media Gateway Control Protocol (MGCP) messages. Successful exploitation of all but one of these vulnerabilities can crash the affected device. Exploitation of the remaining vulnerability will not crash the affected device, but it can lead to a denial-of-service (DoS) condition in which no new TCP-based connections will be accepted or created.
6b7875712dee6c2d9c034d9ed7cda093583b266d6e0bba37577d97be88566979The Joomla Seber Cart component version 1.0.0.1x suffers from a file disclosure vulnerability.
c8288a531ddab3f66de2b60b76607cbeaa730ba14f9a9f67cb84c26fe1cce193Damianov.net Shoutbox version 1.0 suffers from a cross site scripting vulnerability.
0bfa26ff5006457549a6a95064d9656c2c855b7382c4bbab69d63cdcc746666dZervit Web Server version 0.4 suffers from directory traversal vulnerabilities.
412f5bd324eda0957fd5a0e89ee6bacf545e251ff2eace1b61f5f221fde95db0Zervit Web Server version 0.4 suffers from a source disclosure vulnerability.
6c805cb1027e40126e41e44719826c6fd8ba45f40b1b10441a9ae7155c02d7d2Miniwebsvr version 0.0.10 suffers from a directory traversal vulnerability.
052a9e83d6d12c884693267a9e95733ea1c72e8fcbe5a5c85ef306156d415d62Poly Pager version 1.0rc10 suffers from a shell upload vulnerability.
12f6680f76c475a70802465f89309093063c1433b856f16ab0a2d2a4a0c20de54images versions 1.7.7 and below suffer from a remote command execution vulnerability.
3523c63c8e834f9d8b52dbb36406953d6ed16dbe08e7e89ff9e0473f4c60766aSecunia Security Advisory - A vulnerability has been reported in the Dione Form Wizard component for Joomla, which can be exploited by malicious people to disclose potentially sensitive information.
a4a013a86002c8c08896ad9f2cd34e6e168cc010bf18d38d92a4ef9b1e5afe06Secunia Security Advisory - Grabpot Thundergust has discovered some vulnerabilities in RuubikCMS, which can be exploited by malicious people to conduct cross-site scripting and cross-site request forgery attacks.
a5a4d92427c6c019ce415773ce68b36cba2dcd51d42477490b86b2631708299eSecunia Security Advisory - A vulnerability has been reported in HP MFP Digital Sending Software, which can be exploited by malicious people with local access to bypass certain security restrictions.
2f2fd428359122af02df87b1a657e7cd15a205f1084aa199c64af3cd3baada94Secunia Security Advisory - Debian has issued an update for phpgroupware. This fixes some vulnerabilities, which can be exploited by malicious people to conduct SQL injection attacks and disclose sensitive information.
f45ffe620d5dc43ad1136357ce609f146bfb40c55f8ca4ce27a8e087a7f8403b
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed