PhpBridges Blog System suffers from a remote SQL injection vulnerability.
6362e761a3586ec32fcd239bedab9ed73acf99f59a8a9d5079bea3ffc10b29a5Proof Cast Design suffers from a remote SQL injection vulnerability.
c7160db5a99b1b8e10a47a35d9382ea3a0b50351d712bdc34ac8a8ff1520e97aStudio Manolibera - Milano suffers from a remote SQL injection vulnerability.
7259516f8bb4ecfe43682a310a6341d813dedbb6ad827a0e60f4a937b57f03c0OpenSSL Security Advisory 20120118 - A flaw in the fix to CVE-2011-4108 can be exploited in a denial of service attack. Only DTLS applications using OpenSSL 1.0.0f and 0.9.8s are affected.
e55f12039df4b1b5e3090b2ac7d30399d54dbd028fdcbc8d757749f399095b1dSecunia Security Advisory - A vulnerability has been reported in Jenkins, which can be exploited by malicious people to cause a DoS (Denial of Service).
c5fdc2c62c9e031ab454c0a9cd113983ea93ad449ed880dd8104c79bd9aad431Secunia Security Advisory - A vulnerability has been reported in 7-Technologies Interactive Graphical SCADA System, which can be exploited by malicious people to compromise a user's system.
33f5a27ba8dbd29615d82eab8eb6300acff39e27f0a95ed4397432f577cfae51Secunia Security Advisory - IBM has acknowledged two weaknesses and two vulnerabilities in IBM HTTP Server, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to bypass certain security restrictions and cause a DoS (Denial of Service).
2f642bb39ebeaf489a9e22d9b02cc0c34484d225ef269fb3b1703c2fb0a8b488Secunia Security Advisory - Some vulnerabilities have been reported in spamdyke, which potentially can be exploited by malicious people to compromise a vulnerable system.
efac53de21f852fdea9c94cd26dd2803f5ac4490230025b58458b3d634d9b531Secunia Security Advisory - SUSE has issued an update for openssl. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information and cause a DoS (Denial of Service).
adfde16518df240db88e2d47cbad314bbea2ff4fdc8f934f199bbf74db4e381fSecunia Security Advisory - A vulnerability has been reported in IBM WebSphere Application Server, which can be exploited by malicious people to cause a DoS (Denial of Service).
bc89a8809225bdece16bf8572ae0f9316cfe4931bbc4c668f6103c986fa02f2bSecunia Security Advisory - SUSE has issued an update for OpenSSL. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, cause a DoS (Denial of Service), and potentially compromise an application using the library.
ef645393fac490d603dae54567e2a0cfd6d8ac20860f10b2af276d183694d154Secunia Security Advisory - Stefan Schurtz has discovered some vulnerabilities in ATutor, which can be exploited by malicious people to conduct cross-site scripting attacks.
2fd5b2d3baff5e98cd1607e4996f3e5326c9101aee3a0a2a5a5d007f5ed4d990Secunia Security Advisory - Stefan Schurtz has discovered a vulnerability in Beehive Forum, which can be exploited by malicious people to conduct cross-site scripting attacks.
990f3d14a201be92b14663857490dde7ad569ab44a4aacfba377bd38b2647160Secunia Security Advisory - Luigi Auriemma has discovered two vulnerabilities in Rockwell Automation products, which can be exploited by malicious people to cause a DoS (Denial of Service).
4ef215ff363ed34f797770def2d9abb67d7a3458ed8f76add09d003c49a300caSecunia Security Advisory - Two vulnerabilities have been reported in IBM SPSS Data Collection, which can be exploited by malicious people to compromise a user's system.
2caaaffe9b1a3f1bd4c4d227dbca52e5912ab8b76997fb6160398679886fd6b3Secunia Security Advisory - A vulnerability has been reported in the Gamebase addon for deV!L'z Clanportal, which can be exploited by malicious people to conduct SQL injection attacks.
95afebcc57615fdd4c484442dbdaee3b1c683ac015091545b78fff917e7b375dSecunia Security Advisory - A vulnerability has been discovered in pGB, which can be exploited by malicious people to conduct SQL injection attacks.
cd2ed817d066d3759e378bbd873b0f6625affae1613c41563e5074fc31c916ffSecunia Security Advisory - A vulnerability has been reported in AccessData Forensic Toolkit, which can be exploited by malicious people to compromise a user's system.
b2d034d96d2ec4be550f57d8bdbea049f609e4a3a06aac5c40df361f0cfe3030This Metasploit module allows remote attackers to place arbitrary files on a users file system by abusing the "CacheDocumentXMLWithId" method from the "XMLCacheMgr" class in the HP Easy Printer HPTicketMgr.dll ActiveX Control (HPTicketMgr.dll 2.7.2.0). Code execution can be achieved by first uploading the payload to the remote machine embedding a vbs file, and then upload another mof file, which enables Windows Management Instrumentation service to execute the vbs. Please note that this module currently only works for Windows before Vista.
c66cbdd79894baf457dc97ef60cf3e98f8679bc1cdd968b80f389d4705ee544fThis Metasploit module exploits a buffer overflow in BS.Player 2.57. When the playlist import is used to import a specially crafted m3u file, a buffer overflow occurs allowing arbitrary code execution.
68ebe76c4a4336498d6613a83e8970ae062cd723584b5b6e76c16784d938d326This Metasploit module exploits a vulnerability found in McAfee Security-as-a-Service. The ShowReport() function (located in the myCIOScn.dll ActiveX component) fails to check the FileName argument, and passes it on to a ShellExecuteW() function, therefore allows any malicious attacker to execute any process that's on the local system. However, if the victim machine is connected to a remote share (or something similar), then it's also possible to execute arbitrary code. Please note that a custom template is required for the payload, because the default Metasploit template is detectable by McAfee -- any Windows binary, such as calc.exe or notepad.exe, should bypass McAfee fine.
debeb437470fa8e3b3a3c92cf587bcdbed8db74bfac9bf2f8a818ac7dc6ffb9dThis shellcode writes down your code in the end of found files. Your code will be added only .html and .php files. Search for files is carried out recursively.
8c618ade2e8e0d28c057139097aaa69a682f6fa5ffedd4dac01f8f3adfba7245Remote Linux IGMP denial of service exploit for a vulnerability introduced in kernel 2.6.36.
3f774420cceb820eadca2d64adb8e8aef38d2ecaaf08171ea9586e48b2e73616EMC SourceOne Web Search contains a vulnerability that may, under certain circumstances, log sensitive user credential information in plain text to the OS log of the web server. This can potentially be exploited by an unprivileged user with access to log information to gain access to the protected SourceOne components.
a20358ddd82913b5ef03b2c91d8ddbc986fe4b397263b780c91a7e8644021396Ubuntu Security Notice 1333-1 - Steve Manzuik discovered that Libav incorrectly handled certain malformed Matroska files. If a user were tricked into opening a crafted Matroska file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. This issue only affected Ubuntu 11.04. Phillip Langlois discovered that Libav incorrectly handled certain malformed QDM2 streams. If a user were tricked into opening a crafted QDM2 stream file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. Various other issues were also addressed.
d72c0cb6ecb9c5d8aee62bb0bd3a0486372898d42b6c4fd7b02edaeee790870f
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed