Code Widgets Pop-Over Login Form suffers from a remote SQL injection vulnerability that allows for authentication bypass.
bdbf462c572d42d18b0dbe4c745bb4ef7bf3a9d17183ba7556dd3c0e21d31c13
ECHO Creative Company suffers from a remote SQL injection vulnerability.
d12d5178f1c5b9a32f7a2e80b85bafaafa5af143bccdcffec03c47d53bfabaa0
Asotomotiv suffers from a remote SQL injection vulnerability.
35990f3fecfba45e3c1a57d47a5bdc5b7f525f0554b783a33e33d6501648f584
Red Hat Security Advisory 2011-1163-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. This update includes backported fixes for two security issues. These issues only affected users of Red Hat Enterprise Linux 5.6 Extended Update Support, as they have already been addressed for users of Red Hat Enterprise Linux 5 in the 5.7 update, RHSA-2011:1065. A flaw was found in the way the Xen hypervisor implementation handled instruction emulation during virtual machine exits. A malicious user-space process running in an SMP guest could trick the emulator into reading a different instruction than the one that caused the virtual machine to exit. An unprivileged guest user could trigger this flaw to crash the host. This only affects systems with both an AMD x86 processor and the AMD Virtualization extensions enabled.
303a3ecb417ff2aea1d5fb21e19aaeb2898de66ab0083338f682f82189a3a67d
Comfortsuite suffers from a remote SQL injection vulnerability.
c730dcc146ed1d629caa2c01e54a623f96cb767bd6a3ad8a533d70a9d67e3f85
Secunia Security Advisory - Red Hat has issued an update for dhcp. This fixes two vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service).
1b5c1464e4e0c7d6eba971c081e4f9f4d95d184c75f133501077c22155d5f6ef
Secunia Security Advisory - A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
1102350095e406b75170661cdfded51007712d3a01ff4bb828762fa9f02e749b
Secunia Security Advisory - Ubuntu has issued an update for dhcp3. This fixes two vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service).
9b91216883d4513d88b450f85117250023f1b12cd8262fbd0d4c94d8c50c51c4
Secunia Security Advisory - A vulnerability has been reported in MarkLogic Server, which can be exploited by malicious people to compromise a vulnerable system.
e43d3528289079947fda94471f06a7e367f77a1447b0842327231ea670638975
Secunia Security Advisory - Ubuntu has issued an update for libxfont. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges.
dbbdadd58aaf5425ac9fdba10d62f4a07ced0604e99c479fb4c0e36c778176c0
Secunia Security Advisory - A vulnerability has been reported in Prediction Football, which can be exploited by malicious people to conduct cross-site request forgery attacks.
b21978370a15de88e6747a7eb7bd3a77a92c6a75da9f65b4038e0b2e2bd6c252
Secunia Security Advisory - Red Hat has issued an update for java-1.4.2-ibm. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system.
5e7dba1a5624b297953ba30a367b2fd35f2bff844ec15b920c1d25ee7876bbb9
Secunia Security Advisory - A vulnerability has been discovered in Fofou, which can be exploited by malicious people to conduct script insertion attacks.
fd11ad7d8aaa9bc0dfa62cd5b04ddb6a8ba15f55de945f0824a18a91dc02e315
Secunia Security Advisory - A vulnerability has been reported in Kolay PageRank Sorgulama Script, which can be exploited by malicious people to conduct cross-site scripting attacks.
46f2a1aa54c6cac15fcbc0782637f82892c898beab747e3260a3ea6de734b962
Secunia Security Advisory - A vulnerability has been reported in Aipo and Aipo ASP, which can be exploited by malicious users to conduct SQL injection attacks.
c501c6764d01ebcb985747c523d7ccb08fac485faff6d9af378a90fd48534a08
Secunia Security Advisory - Red Hat has issued an update for freetype. This fixes a vulnerability, which can be exploited by malicious people to potentially compromise an application using the library.
55bafa007a77a66691c38d933db8d977316248403a6c8e97581f2534a5c2c881
Secunia Security Advisory - Two weaknesses have been discovered in NetSaro Enterprise Messenger, which can be exploited by malicious, local users to disclose sensitive information.
0ec510e8c8447bf9d4530afe5205f79b5e2a0d52def23dbe84bacee38176c48b
Whitepaper called Flash Cookies And Privacy II: Now With HTML5 And ETag Respawning. This is a follow-up study that reassesses the flash cookie landscape and examines a new tracking vector, HTML5 local storage, and cache-cookies via ETags.
d034027c4b2e69e75390f976a780e8fc1fab1ac887010dcf7e3bc3bc82d11ac4
A vulnerability exists in the NetSaro Enterprise Messenger Server application allowing an attacker to obtain access to plaintext usernames and passwords. The stored passwords are used to authenticate users running the NetSaro Enterprise Client connecting to the server. This is a second level attack that requires access to the password files stored within the application root directory. An attacker who has previously compromised the host operating system or gained direct access to the NetSaro.fdb database file found in the "NetSaro Enterprise ServerDb" directory can obtain the user credentials using readily available tools.
5cbcfb103f656ef50499195011ab3f297cb4532d146aa664ccd91c09612fe813
Red Hat Security Advisory 2011-1161-01 - FreeType is a free, high-quality, portable font engine that can open and manage font files. It also loads, hints, and renders individual glyphs efficiently. These packages provide both the FreeType 1 and FreeType 2 font engines. A buffer overflow flaw was found in the way the FreeType library handled malformed font files compressed using UNIX compress. If a user loaded a specially-crafted compressed font file with an application linked against FreeType, it could cause the application to crash or, possibly, execute arbitrary code with the privileges of the user running the application.
04ed50d2699e967580278e471ecab2dc7b5369ea394c6249975889b8aeb7bf76
PHP Vulnerability Hunter is a PHP fuzzing tool that scans for several different vulnerabilities by performing dynamic program analysis. It can detect arbitrary command execution, local file inclusion, arbitrary upload, and several other types of vulnerabilities.
add28806781ecf08f8b6dd125cf3fe1ef7b0857f91e72062ae1768273680e1fe
Whitepaper called EvilQR – When QR Code Goes Bad . This is a security assessment of mobile QR readers.
7b3b37a824d45432f4d5dca8cf6fa59589898640f214c2a42d3938d5a4f243fd
Surge-FTP version 23b6 suffers from multiple cross site scripting vulnerabilities.
c4cac949fe0724969f92b678d5000ab08b6fa1d2d6bd11b348a7070098990d47
Elgg version 1.8 beta2 and versions prior to 1.7.11 suffer from a remote SQL injection vulnerability.
c950639fc029e83218a2070a2423cbfcde8e8fa6a471276241db1b8f809a07dc
A vulnerability exists in the NetSaro Enterprise Messenger Server application allowing an attacker to easily decrypt passwords used to authenticate to the application. The application implements Base64 encoding to obfuscate the values of plaintext passwords used for logging into the server administration console. This is a second level attack that requires access to the password files stored within the application root directory. An attacker who has previously compromised the host operating system or achieved direct access to the configuration.xml file found in the "NetSaro Enterprise Server" directory can obtain the encoded user credentials and decrypt them using readily available Base64 decoding tools.
1e5e9c85c5226e719db82524ba8e52dd4a1526c77d534b61ca30a522f9e623ab