79 bytes small Solaris / x86 remote download file shellcode.
baf9171bb2d5a9bc4583a277d034b41d4e3d7397d5fe235639fb3f2f73f428dd
Website Design and Hosting By Netricks, Inc suffers from a remote SQL injection vulnerability.
2687aea2d8171fd5e4bdcd12db9019770c8976d0e051d175af9a8044e453258e
Microsoft Internet Explorer 8 suffers from an arbitrary file read vulnerability.
3258b2dc31c08f0742853dcebff0e0444aaf0f72c9ad7968d77d4562e0b95c01
Month Of PHP Security - PHP's strtr() function can be abused for information leak attacks, similar to all the other interruption exploits. However the interruption is not triggered inside the zend_parse_parameters() function and therefore another fix is required. PHP versions 5.2.13 and below and 5.3.2 and below are affected.
ff1c81a7124ac3182baaf60163657e7a541a27e788975c4c697b8f4c4561a02a
Month Of PHP Security - PHP's strpbrk() function can be abused for information leak attacks, because of the call time pass by reference feature. PHP versions 5.2.13 and below and 5.3.2 and below are affected.
274ba71a6e53ef04fb807692afac1c424fb46450b6fe5462b7db26ec367c4416
Month Of PHP Security - PHP's http_build_query() function can be abused for information leak attacks, because of the call time pass by reference feature. PHP versions 5.2.13 and below and 5.3.2 and below are affected.
2114e80fb67165abaa4f330235c37963b5138cfd8dcdb9ba0b476734e41fa993
Month Of PHP Security - PHP's str_getcsv() function can be abused for information leak attacks, because of the call time pass by reference feature. PHP versions 5.2.13 and below and 5.3.2 and below are affected.
6d847b738c636eb4f640142e72e0b46a26a2e4392356290dcf389a42c4b57155
Month Of PHP Security - PHP’s htmlentities() and htmlspecialchars() functions can be abused for information leak attacks, because of the call time pass by reference feature. PHP versions 5.2.13 and below and 5.3.2 and below are affected.
6d393c315c5467e139f5d0406c2433248990c6ecc6bf52111a89f5d78d6333f9
Real Estate Portal suffers from a shell upload vulnerability.
bc773363b1f3f1f39ab864e23861a3c9c74a5eee069655b206392472ca0f0b33
Month Of PHP Security - It was discovered that access control to the [php] bbcode which allows executing PHP code is wrongly implemented in e107. This allows unauthenticated users to execute arbitrary PHP code easily. e107 versions 0.7.20 and below are affected.
9e5e13070e5b1bbb208fabf81b566739464738bffb9c5bb3ff0a0421519c348e
The MKPortal Horoscop module suffers from a cross site scripting vulnerability.
5cd99b2b28c90012d2621fce1bc0d12c673e3eed4cf702644ac3592edd5f809f
Month Of PHP Security - PHP's iconv_mime_encode() function can be abused for information leak attacks, because of the call time pass by reference feature. This vulnerability also demonstrates that fixing zend_parse_parameters() is not enough to kill some of these vulnerabilities. PHP versions 5.2.13 and below and 5.3.2 and below are affected.
08ee43cbc95c598ee383529242b6261189ff5b0ff455b68a97bde61b467737a1
Software from HostFriendz.com suffers from a remote SQL injection vulnerability.
3b2094ccb61611208696bd23284f3bccbec8f621821c9bb28508a7739e661935
Month Of PHP Security - PHP’s iconv_substr() function can be abused for information leak attacks, because of the call time pass by reference feature. PHP versions 5.2.13 and below and 5.3.2 and below are affected.
645c4430db4a9b9297b0921897e599d7efa4b474715e9e39c3c5c3413aff47a3
Lizzard Active Media suffers from multiple remote SQL injection vulnerabilities.
60547b8115aaac6da072ca02e708470c806e2c9c0d8e4e1341e12f2cbc507893
Month Of PHP Security - PHP’s iconv_mime_decode() function can be abused for information leak attacks, because of the call time pass by reference feature. PHP versions 5.2.13 and below and 5.3.2 and below are affected.
d18872107c1dda39b76981664dc3403c8e50ea470b81d3b0498d2a2b02444189
Month Of PHP Security - An SQL Injection vulnerability was discovered in the user settings dialog of e107 that allows any user to become an admin easily. Versions 0.7.20 and below are affected.
7764fa816c681b9e1f35443ed5a5834ca32d0cf19952369802e37f00f1158457
The Scientific Atlanta DPC2100 Cable Modem suffers from cross site request forgery and insufficient authentication vulnerabilities.
526edd304fca1c5a00df908a6e6c705539bd6f5e7a759e2196082becea2fc227
Debian Linux Security Advisory 2052-1 - Shawn Emery discovered that in MIT Kerberos 5 (krb5), a system for authenticating users and services on a network, a null pointer dereference flaw in the Generic Security Service Application Program Interface (GSS-API) library could allow an authenticated remote attacker to crash any server application using the GSS-API authentication mechanism, by sending a specially-crafted GSS-API token with a missing checksum field.
6f3d78e03ea57964721893e934702126fc045a2b77d0bd036864e7d173302c72
Month Of PHP Security - A local file inclusion vulnerability was discovered in CMSQlite that might allow remote PHP code execution. Versions 1.2 and below are affected.
c42ae5c025360afcc5198f641ee48d83cab08933bf20481af75643e96227a51d
Month Of PHP Security - An SQL Injection vulnerability was discovered in CMSQlite that allows to retrieve all data from the database. Versions 1.2 and below are affected.
d891d11b3e1bf5820eb5f73a06da57a12a760c688e8c28e1aca1ae8888a888a2
Month Of PHP Security - The new phar extension in PHP 5.3 contains several format string vulnerabilities in the internal phar_wrapper_open_url() function. PHP versions 5.3 through 5.3.2 are affected.
88778104d5539c71d1331b422cb8c82ae5e1b58fcc633a019260fff969c2644a
Month Of PHP Security - The new phar extension in PHP 5.3 contains several format string vulnerabilities in the internal phar_parse_url() function. PHP versions 5.3 through 5.3.2 are affected.
9e0eb74b07d6b55063f896a9f5ca562cc45dd241ff70b6b37c470608c91cdd9e
Whitepaper called SQL Injection Filtering. Written in Persian.
471f2f35cac4b774613c5c87f33f9439226204686687b4aa52a6690d0be6aa40
BigAce versions 2.7.1 and below suffer from cross site request forgery and cross site scripting vulnerabilities.
e1ed4583798dfdd2f64c7245007020d142877493b13f66362674c6b54442493d