79 bytes small Solaris / x86 remote download file shellcode.
baf9171bb2d5a9bc4583a277d034b41d4e3d7397d5fe235639fb3f2f73f428ddWebsite Design and Hosting By Netricks, Inc suffers from a remote SQL injection vulnerability.
2687aea2d8171fd5e4bdcd12db9019770c8976d0e051d175af9a8044e453258eMicrosoft Internet Explorer 8 suffers from an arbitrary file read vulnerability.
3258b2dc31c08f0742853dcebff0e0444aaf0f72c9ad7968d77d4562e0b95c01Month Of PHP Security - PHP's strtr() function can be abused for information leak attacks, similar to all the other interruption exploits. However the interruption is not triggered inside the zend_parse_parameters() function and therefore another fix is required. PHP versions 5.2.13 and below and 5.3.2 and below are affected.
ff1c81a7124ac3182baaf60163657e7a541a27e788975c4c697b8f4c4561a02aMonth Of PHP Security - PHP's strpbrk() function can be abused for information leak attacks, because of the call time pass by reference feature. PHP versions 5.2.13 and below and 5.3.2 and below are affected.
274ba71a6e53ef04fb807692afac1c424fb46450b6fe5462b7db26ec367c4416Month Of PHP Security - PHP's http_build_query() function can be abused for information leak attacks, because of the call time pass by reference feature. PHP versions 5.2.13 and below and 5.3.2 and below are affected.
2114e80fb67165abaa4f330235c37963b5138cfd8dcdb9ba0b476734e41fa993Month Of PHP Security - PHP's str_getcsv() function can be abused for information leak attacks, because of the call time pass by reference feature. PHP versions 5.2.13 and below and 5.3.2 and below are affected.
6d847b738c636eb4f640142e72e0b46a26a2e4392356290dcf389a42c4b57155Month Of PHP Security - PHP’s htmlentities() and htmlspecialchars() functions can be abused for information leak attacks, because of the call time pass by reference feature. PHP versions 5.2.13 and below and 5.3.2 and below are affected.
6d393c315c5467e139f5d0406c2433248990c6ecc6bf52111a89f5d78d6333f9Real Estate Portal suffers from a shell upload vulnerability.
bc773363b1f3f1f39ab864e23861a3c9c74a5eee069655b206392472ca0f0b33Month Of PHP Security - It was discovered that access control to the [php] bbcode which allows executing PHP code is wrongly implemented in e107. This allows unauthenticated users to execute arbitrary PHP code easily. e107 versions 0.7.20 and below are affected.
9e5e13070e5b1bbb208fabf81b566739464738bffb9c5bb3ff0a0421519c348eThe MKPortal Horoscop module suffers from a cross site scripting vulnerability.
5cd99b2b28c90012d2621fce1bc0d12c673e3eed4cf702644ac3592edd5f809fMonth Of PHP Security - PHP's iconv_mime_encode() function can be abused for information leak attacks, because of the call time pass by reference feature. This vulnerability also demonstrates that fixing zend_parse_parameters() is not enough to kill some of these vulnerabilities. PHP versions 5.2.13 and below and 5.3.2 and below are affected.
08ee43cbc95c598ee383529242b6261189ff5b0ff455b68a97bde61b467737a1Software from HostFriendz.com suffers from a remote SQL injection vulnerability.
3b2094ccb61611208696bd23284f3bccbec8f621821c9bb28508a7739e661935Month Of PHP Security - PHP’s iconv_substr() function can be abused for information leak attacks, because of the call time pass by reference feature. PHP versions 5.2.13 and below and 5.3.2 and below are affected.
645c4430db4a9b9297b0921897e599d7efa4b474715e9e39c3c5c3413aff47a3Lizzard Active Media suffers from multiple remote SQL injection vulnerabilities.
60547b8115aaac6da072ca02e708470c806e2c9c0d8e4e1341e12f2cbc507893Month Of PHP Security - PHP’s iconv_mime_decode() function can be abused for information leak attacks, because of the call time pass by reference feature. PHP versions 5.2.13 and below and 5.3.2 and below are affected.
d18872107c1dda39b76981664dc3403c8e50ea470b81d3b0498d2a2b02444189Month Of PHP Security - An SQL Injection vulnerability was discovered in the user settings dialog of e107 that allows any user to become an admin easily. Versions 0.7.20 and below are affected.
7764fa816c681b9e1f35443ed5a5834ca32d0cf19952369802e37f00f1158457The Scientific Atlanta DPC2100 Cable Modem suffers from cross site request forgery and insufficient authentication vulnerabilities.
526edd304fca1c5a00df908a6e6c705539bd6f5e7a759e2196082becea2fc227Debian Linux Security Advisory 2052-1 - Shawn Emery discovered that in MIT Kerberos 5 (krb5), a system for authenticating users and services on a network, a null pointer dereference flaw in the Generic Security Service Application Program Interface (GSS-API) library could allow an authenticated remote attacker to crash any server application using the GSS-API authentication mechanism, by sending a specially-crafted GSS-API token with a missing checksum field.
6f3d78e03ea57964721893e934702126fc045a2b77d0bd036864e7d173302c72Month Of PHP Security - A local file inclusion vulnerability was discovered in CMSQlite that might allow remote PHP code execution. Versions 1.2 and below are affected.
c42ae5c025360afcc5198f641ee48d83cab08933bf20481af75643e96227a51dMonth Of PHP Security - An SQL Injection vulnerability was discovered in CMSQlite that allows to retrieve all data from the database. Versions 1.2 and below are affected.
d891d11b3e1bf5820eb5f73a06da57a12a760c688e8c28e1aca1ae8888a888a2Month Of PHP Security - The new phar extension in PHP 5.3 contains several format string vulnerabilities in the internal phar_wrapper_open_url() function. PHP versions 5.3 through 5.3.2 are affected.
88778104d5539c71d1331b422cb8c82ae5e1b58fcc633a019260fff969c2644aMonth Of PHP Security - The new phar extension in PHP 5.3 contains several format string vulnerabilities in the internal phar_parse_url() function. PHP versions 5.3 through 5.3.2 are affected.
9e0eb74b07d6b55063f896a9f5ca562cc45dd241ff70b6b37c470608c91cdd9eWhitepaper called SQL Injection Filtering. Written in Persian.
471f2f35cac4b774613c5c87f33f9439226204686687b4aa52a6690d0be6aa40BigAce versions 2.7.1 and below suffer from cross site request forgery and cross site scripting vulnerabilities.
e1ed4583798dfdd2f64c7245007020d142877493b13f66362674c6b54442493d
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed