what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 50 of 53 RSS Feed

Files Date: 2012-02-17 to 2012-02-18

Facebook NYClubs Cross Site Scripting / SQL Injection
Posted Feb 17, 2012
Authored by Vulnerability Laboratory | Site vulnerability-lab.com

Facebook NYClubs suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | 020019b0185358c6ce547bb56328b622a933a70c7d9b015184e303bf8a78c074
Pandora FMS 4.0.1 Local File Inclusion
Posted Feb 17, 2012
Authored by longrifle0x, Vulnerability Laboratory | Site vulnerability-lab.com

Pandora FMS version 4.0.1 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | f622fa22608fe616e3b76956f2b63083b69ff106dfb8c0ed0c9ab4062916e540
TSS Scripts SQL Injection
Posted Feb 17, 2012
Authored by tempe_mendoan

TSS Scripts suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | f041bb176bfacdc4e197f9affdfdf5152134f9ef5f34c1057be3d6e106c8e66a
Upnorthwebs / Lightbox SQL Injection
Posted Feb 17, 2012
Authored by tempe_mendoan

Upnorthwebs and Lightbox suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | daa626d1bff561da13077e8f44f4acd60efb58200e9fb2f9b5c2962175752032
Urban Genesis SQL Injection
Posted Feb 17, 2012
Authored by tempe_mendoan

Urban Genesis suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 3f253791a76cd18d2b0708de683b953ae4f4ba20441ecdc13c9d0600cd435d96
Taylored Ideas SQL Injection
Posted Feb 17, 2012
Authored by tempe_mendoan

Taylored Ideas suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 5eb0af85917d396be354194d474b300d6b1760559b240d228d8421c9a85c216a
San Software CMS SQL Injection
Posted Feb 17, 2012
Authored by tempe_mendoan

San Software CMS suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 9c3ee7fef32482406b756c7ebec800a8270e6f8a2765a1aed1ef817ffa54ca44
Magezi Solutions SQL Injection
Posted Feb 17, 2012
Authored by tempe_mendoan

Magezi Solutions suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | da6578a88b8d69fc5b481f23cf982066ba63f7c508316066d9e21d792fabcbd1
Lava CMS SQL Injection
Posted Feb 17, 2012
Authored by tempe_mendoan

Lava CMS suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 674d4afdd88f36a1d4b16eb13634bcb5623077b9be5c6f58b83c97dc4788bbc3
kryCMS 3.0 SQL Injection
Posted Feb 17, 2012
Authored by tempe_mendoan

kryCMS version 3.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | b818b9d460bc9f06f3153a7b1e8f8a672500cce10141462f677aa807a2e68a2b
AtWiki Cross Site Scripting
Posted Feb 17, 2012
Authored by Sony

AtWiki suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 6dbf7267b0c15f6b6589d7aa897b6c7090c0153ec2b7fb5c2d39479c077bb467
RadhikaGB Local File Inclusion
Posted Feb 17, 2012
Authored by T0xic

RadhikaGB suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | 80b2b0881578c9dfb0e164730dbe6b67bca57a158d1a78dafc26d1482cf7bb71
WampServer 2.2c Cross Site Scripting
Posted Feb 17, 2012
Authored by LiquidWorm | Site zeroscience.mk

WampServer is vulnerable to cross site scripting vulnerability. This issue is due to the application's failure to properly sanitize user-supplied input thru the 'lang' parameter (GET) in index.php script. An attacker may leverage any of the cross site scripting issues to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials, phishing as well as other attacks.

tags | exploit, arbitrary, php, xss
advisories | CVE-2010-0700
SHA-256 | 82ba8e83ba12b2d04f1f098dc012b6530cdeb97fe3b3c62e90029c820877884c
Telerom CMS SQL Injection
Posted Feb 17, 2012
Authored by ITTIHACK

Telerom CMS suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | b15045be71336bb88fb5d1cf9c7ddbc694c9d76a9edd2108594ce8f8d6e701cf
Adbay SQL Injection
Posted Feb 17, 2012
Authored by Th4 MasK

Adbay suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | ffbba80a9691d80d765f37216fed24c73502b428cb5ecb760ca0fada9ab7e64f
SibexSystems SQL Injection
Posted Feb 17, 2012
Authored by Th4 MasK

SibexSystems suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | f3fad337d0e389ff2defd6c817db20a39a8e2bdd6c621f065681b80d54ce41fc
Jenkins Cross Site Scripting
Posted Feb 17, 2012
Authored by Sony

Jenkins suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 10b89dba54d906764040bf448f75e6f2072ff616cd632032d43b279f6bb7439a
ButorWiki Cross Site Scripting
Posted Feb 17, 2012
Authored by Sony

ButorWiki version 3.0.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | bda14c1fa1703b593fc2b9c3aafb3b0d9488efc4242e2f03752e57b754c128f7
JaWiki Cross Site Scripting
Posted Feb 17, 2012
Authored by Sony

JaWiki suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 7467a36a300624866ddd5674bfc5015c3582e4a62c16ba5506e7a9e544a0ca6d
java.util.zip Denial Of Service
Posted Feb 17, 2012
Authored by Timo Warns | Site pre-cert.de

PRE-CERT Security Advisory - The function countCENHeaders() in zip_util.c of the java.util.zip implementation contains an off-by-one bug. The bug can be exploited via corrupted ZIP files to cause an endless recursion. The endless recursion results in a segmentation fault of the JVM. Oracle Java SE and IcedTea6 have multiple affected versions.

tags | advisory, java
advisories | CVE-2012-0501
SHA-256 | b5f37a7f307a6f81bd2dc8df66689823d138dc57ed9df9c9fb504453144b4fc0
Ubuntu Security Notice USN-1367-1
Posted Feb 17, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1367-1 - It was discovered that libpng did not properly verify the embedded profile length of iCCP chunks. An attacker could exploit this to cause a denial of service via application crash. This issue only affected Ubuntu 8.04 LTS. Jueri Aedla discovered that libpng did not properly verify the size used when allocating memory during chunk decompression. If a user or automated system using libpng were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or execute code with the privileges of the user invoking the program. Various other issues were also addressed.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2009-5063, CVE-2011-3026, CVE-2009-5063, CVE-2011-3026
SHA-256 | 5e6e1c7a32e2b8add05d91924c69b9e74d43dbd36b0283706d28bae212b7b2a9
Red Hat Security Advisory 2012-0143-01
Posted Feb 17, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0143-01 - XULRunner provides the XUL Runtime environment for applications using the Gecko layout engine. A heap-based buffer overflow flaw was found in the way XULRunner handled PNG images. A web page containing a malicious PNG image could cause an application linked against XULRunner to crash or, potentially, execute arbitrary code with the privileges of the user running the application. All XULRunner users should upgrade to these updated packages, which correct this issue. After installing the update, applications using XULRunner must be restarted for the changes to take effect.

tags | advisory, web, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2011-3026
SHA-256 | 6a4b096326db08d8c2fcd440cbca979c1098ca6e720bb0bcd536477dcceab229
Ubuntu Security Notice USN-1368-1
Posted Feb 17, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1368-1 - It was discovered that the Apache HTTP Server incorrectly handled the SetEnvIf .htaccess file directive. An attacker having write access to a .htaccess file may exploit this to possibly execute arbitrary code. Prutha Parikh discovered that the mod_proxy module did not properly interact with the RewriteRule and ProxyPassMatch pattern matches in the configuration of a reverse proxy. This could allow remote attackers to contact internal webservers behind the proxy that were not intended for external exposure. Various other issues were also addressed.

tags | advisory, remote, web, arbitrary
systems | linux, ubuntu
advisories | CVE-2011-3607, CVE-2011-4317, CVE-2012-0021, CVE-2012-0031, CVE-2012-0053, CVE-2011-3607, CVE-2011-4317, CVE-2012-0021, CVE-2012-0031, CVE-2012-0053
SHA-256 | fa8c135df3525e7c504b7b8471eb4ffb02bbcb4cef2d2668c2621785aaf45c6c
Red Hat Security Advisory 2012-0142-01
Posted Feb 17, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0142-01 - Mozilla Firefox is an open source web browser. A heap-based buffer overflow flaw was found in the way Firefox handled PNG images. A web page containing a malicious PNG image could cause Firefox to crash or, possibly, execute arbitrary code with the privileges of the user running Firefox. All Firefox users should upgrade to this updated package, which corrects this issue. After installing the update, Firefox must be restarted for the changes to take effect.

tags | advisory, web, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2011-3026
SHA-256 | 9c3deacaccde4447524481ab21a6544b41c79753142e01143770d1d3b23bf6bc
Red Hat Security Advisory 2012-0141-01
Posted Feb 17, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0141-01 - SeaMonkey is an open source web browser, e-mail and newsgroup client, IRC chat client, and HTML editor. A heap-based buffer overflow flaw was found in the way SeaMonkey handled PNG images. A web page containing a malicious PNG image could cause SeaMonkey to crash or, possibly, execute arbitrary code with the privileges of the user running SeaMonkey. All SeaMonkey users should upgrade to these updated packages, which correct this issue. After installing the update, SeaMonkey must be restarted for the changes to take effect.

tags | advisory, web, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2011-3026
SHA-256 | f1267c41db6a862799ec7a24f82bdf3f9e615c43178f198aa66dbb317e17b034
Page 2 of 3
Back123Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close