WebVulScan is a web application vulnerability scanner. It is a web application itself written in PHP and can be used to test remote, or local, web applications for security vulnerabilities. As a scan is running, details of the scan are dynamically updated to the user. These details include the status of the scan, the number of URLs found on the web application, the number of vulnerabilities found and details of the vulnerabilities found. After a scan is complete, a detailed PDF report is emailed to the user. The report includes descriptions of the vulnerabilities found, recommendations and details of where and how each vulnerability was exploited.
7db76126f4d9d48f9ae2665799f23ecf665fdbd9bee7fda978423604c2ca79a2
Division 6 IT suffers from cross site scripting and remote SQL injection vulnerabilities.
beb72df7b1666169389e4e6e3035fd20971cddf0a679f8f6d5b10c1ecb0e553c
HP Security Bulletin HPSBUX02777 SSRT100854 - Potential security vulnerabilities have been identified in Java Runtime Environment (JRE) and Java Developer Kit (JDK) running on HP-UX. These vulnerabilities may allow remote Denial of Service (DoS), unauthorized modification and disclosure of information. Revision 1 of this advisory.
2cc74a2a5e99e58215f13d95e8b49783618308eb6d3e4abfe71dd4568d72d61e
Mandriva Linux Security Advisory 2012-077 - Untrusted search path vulnerability in configure.c in ImageMagick before 6.6.5-5, when MAGICKCORE_INSTALLED_SUPPORT is defined, allows local users to gain privileges via a Trojan horse configuration file in the current working directory. A flaw was found in the way ImageMagick processed images with malformed Exchangeable image file format metadata. An attacker could create a specially-crafted image file that, when opened by a victim, would cause ImageMagick to crash or, potentially, execute arbitrary code. A denial of service flaw was found in the way ImageMagick processed images with malformed Exif metadata. An attacker could create a specially-crafted image file that, when opened by a victim, could cause ImageMagick to enter an infinite loop. Various other issues have also been addressed.
d7de3f7e0b80f09045f1b2c5f542725b115d3f5c08f7a893d8351dc7200e188a
Ubuntu Security Notice 1443-1 - It was discovered that Update Manager created system state archive files with incorrect permissions when upgrading releases. A local user could possibly use this to read repository credentials. Felix Geyer discovered that the Update Manager Apport hook incorrectly uploaded certain system state archive files to Launchpad when reporting bugs. This could possibly result in repository credentials being included in public bug reports. Various other issues were also addressed.
6404506a03e0bd2370106f34332c5a744490330dc284ffba95740f7fd563f31a
Debian Linux Security Advisory 2474-1 - Benencia discovered that ikiwiki, a wiki compiler, does not properly escape the author (and its URL) of certain metadata, such as comments. This might be used to conduct cross-site scripting attacks.
a77c6364ff42f6e4ec36b1b89e3dd029f590700100d32902704980fbb69b522d
Secunia Security Advisory - A vulnerability has been reported in FishEye and Crucible, which can be exploited by malicious people to cause a DoS (Denial of Service) or disclose potentially sensitive information.
619745a18a194e45b5d52924cd8ead4e3d4cde8a5344ea51c2e7049f5b2fb267
Secunia Security Advisory - A vulnerability has been reported in JIRA, which can be exploited by malicious users to cause a DoS (Denial of Service).
2ace201a611dcbe655f664cdd109e85a95b75fd92a4b3274e8050be29b751241
Secunia Security Advisory - A vulnerability has been discovered in the Track That Stat plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.
6f97dfc1a2e7b50bcd23e7011c593eff7cc502dfb93c7aae9eda6c30c66b02cc
Secunia Security Advisory - Multiple vulnerabilities have been reported in Google Chrome, where some have unknown impacts and others can be exploited by malicious people to bypass certain security restrictions, and compromise a user's system.
4eeb301ede4d743d252dac48528e92f9cbc3ae1330bb34096f9f73e0b863611a
Secunia Security Advisory - A vulnerability has been reported in Cisco Adaptive Security Appliance (ASA), which can be exploited by malicious people to disclose potentially sensitive information.
e45add35072bcdc3ef566dbf7d8d09806ebc1397cbf59712514aac863b8976d8
Secunia Security Advisory - Multiple vulnerabilities have been reported in QuickTime, which can be exploited by malicious people to compromise a user's system.
950e052bbf14e52a5c10eae6bea9b9ddb60760783dd7b8bf84828da8133da1ce
Secunia Security Advisory - Luigi Auriemma has discovered a vulnerability in Invensys Wonderware InTouch, which can be exploited by malicious people to cause a DoS (Denial of Service).
d271034ef93519bc8f78b1a6ce1ad362874b784cd0e6d5888c4a0285908ebe63
Secunia Security Advisory - Gentoo has issued an update for connman. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system.
6fe45118d7ab4c8ac47fdaf4ba8734b72140b52d01b5f6339b4bb9610f48d1b6
Secunia Security Advisory - Some vulnerabilities have been reported in RealPlayer, which can be exploited by malicious people to compromise a user's system.
a1d30186496845399b0ac3d413e64ee8f1ddfdb9edb58adaddaeb4b9fb3c4891
Secunia Security Advisory - A vulnerability has been reported in IBM Cognos Express, which can be exploited by malicious people to potentially compromise a vulnerable system.
2252fd4b89af6fad4a83e793ac762a6fd2198fbe7e16bfcb47e09f709eeb87ae
Secunia Security Advisory - Chokri B.A. has reported a vulnerability in GENU, which can be exploited by malicious people to conduct cross-site request forgery attacks.
67226885bda9213fdf0e33dbe8a7e1049b1acd9d587ccd2e6031ecdeab50fb6e
Secunia Security Advisory - Ubuntu has issued an update for quagga. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service).
dd515f664bac6f66a462b3eb358d675506077b90c5fc1a608b4f214741b2e062
Secunia Security Advisory - Debian has issued an update for gridengine. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges.
158a0133a0d96405f70dd8b8ca43a4ab095c35ba1ea264eb57859f9f6a5b3d20
Secunia Security Advisory - Walied Assar has discovered a vulnerability in Resource Tuner, which can be exploited by malicious people to compromise a user's system.
2bf64ecbacb36788a5260654d9ea6801360c02e02c1ae20db3b183dc5d99aa3c
Artiphp CMS version 5.5.0 suffers from a database backup disclosure vulnerability.
2d47b6d911592d5ad10e5f9ed6aee5747555241f52f6549700cf57ce4a15e301
Artiphp CMS version 5.5.0 suffers from multiple POST cross site scripting vulnerabilities.
7a4376013ae27e84c455c4635174e7c9d3e1f35f0efd073c63ffb7ec3323f459
A review of the code in filter/source/msfilter msdffimp.cxx in OpenOffice.org versions 3.3 and 3.4 Beta revealed some unchecked memory allocations, which could be exploited via malformed Powerpoint graphics records ("escher") to cause bad_alloc exceptions. From this vulnerability a denial of service attack is possible.
37ba90753876b3352a8f998736c035b6682c16dcc663dc0b8448e6d9efb6e4d3
Drupal Zen third party module version 6.x suffers from a cross site scripting vulnerability.
8b3257fa66f9dcce4b6bc69cf81759ef4837da4cbef5fad1533b7add8f34b154
SiliSoftware backupDB() version 1.2.7a suffers from a cross site scripting vulnerability.
93a38f800fc0a877b5be79911d049e6102a1c97585507571023aa77665e09f5f