WebVulScan is a web application vulnerability scanner. It is a web application itself written in PHP and can be used to test remote, or local, web applications for security vulnerabilities. As a scan is running, details of the scan are dynamically updated to the user. These details include the status of the scan, the number of URLs found on the web application, the number of vulnerabilities found and details of the vulnerabilities found. After a scan is complete, a detailed PDF report is emailed to the user. The report includes descriptions of the vulnerabilities found, recommendations and details of where and how each vulnerability was exploited.
7db76126f4d9d48f9ae2665799f23ecf665fdbd9bee7fda978423604c2ca79a2Division 6 IT suffers from cross site scripting and remote SQL injection vulnerabilities.
beb72df7b1666169389e4e6e3035fd20971cddf0a679f8f6d5b10c1ecb0e553cHP Security Bulletin HPSBUX02777 SSRT100854 - Potential security vulnerabilities have been identified in Java Runtime Environment (JRE) and Java Developer Kit (JDK) running on HP-UX. These vulnerabilities may allow remote Denial of Service (DoS), unauthorized modification and disclosure of information. Revision 1 of this advisory.
2cc74a2a5e99e58215f13d95e8b49783618308eb6d3e4abfe71dd4568d72d61eMandriva Linux Security Advisory 2012-077 - Untrusted search path vulnerability in configure.c in ImageMagick before 6.6.5-5, when MAGICKCORE_INSTALLED_SUPPORT is defined, allows local users to gain privileges via a Trojan horse configuration file in the current working directory. A flaw was found in the way ImageMagick processed images with malformed Exchangeable image file format metadata. An attacker could create a specially-crafted image file that, when opened by a victim, would cause ImageMagick to crash or, potentially, execute arbitrary code. A denial of service flaw was found in the way ImageMagick processed images with malformed Exif metadata. An attacker could create a specially-crafted image file that, when opened by a victim, could cause ImageMagick to enter an infinite loop. Various other issues have also been addressed.
d7de3f7e0b80f09045f1b2c5f542725b115d3f5c08f7a893d8351dc7200e188aUbuntu Security Notice 1443-1 - It was discovered that Update Manager created system state archive files with incorrect permissions when upgrading releases. A local user could possibly use this to read repository credentials. Felix Geyer discovered that the Update Manager Apport hook incorrectly uploaded certain system state archive files to Launchpad when reporting bugs. This could possibly result in repository credentials being included in public bug reports. Various other issues were also addressed.
6404506a03e0bd2370106f34332c5a744490330dc284ffba95740f7fd563f31aDebian Linux Security Advisory 2474-1 - Benencia discovered that ikiwiki, a wiki compiler, does not properly escape the author (and its URL) of certain metadata, such as comments. This might be used to conduct cross-site scripting attacks.
a77c6364ff42f6e4ec36b1b89e3dd029f590700100d32902704980fbb69b522dSecunia Security Advisory - A vulnerability has been reported in FishEye and Crucible, which can be exploited by malicious people to cause a DoS (Denial of Service) or disclose potentially sensitive information.
619745a18a194e45b5d52924cd8ead4e3d4cde8a5344ea51c2e7049f5b2fb267Secunia Security Advisory - A vulnerability has been reported in JIRA, which can be exploited by malicious users to cause a DoS (Denial of Service).
2ace201a611dcbe655f664cdd109e85a95b75fd92a4b3274e8050be29b751241Secunia Security Advisory - A vulnerability has been discovered in the Track That Stat plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.
6f97dfc1a2e7b50bcd23e7011c593eff7cc502dfb93c7aae9eda6c30c66b02ccSecunia Security Advisory - Multiple vulnerabilities have been reported in Google Chrome, where some have unknown impacts and others can be exploited by malicious people to bypass certain security restrictions, and compromise a user's system.
4eeb301ede4d743d252dac48528e92f9cbc3ae1330bb34096f9f73e0b863611aSecunia Security Advisory - A vulnerability has been reported in Cisco Adaptive Security Appliance (ASA), which can be exploited by malicious people to disclose potentially sensitive information.
e45add35072bcdc3ef566dbf7d8d09806ebc1397cbf59712514aac863b8976d8Secunia Security Advisory - Multiple vulnerabilities have been reported in QuickTime, which can be exploited by malicious people to compromise a user's system.
950e052bbf14e52a5c10eae6bea9b9ddb60760783dd7b8bf84828da8133da1ceSecunia Security Advisory - Luigi Auriemma has discovered a vulnerability in Invensys Wonderware InTouch, which can be exploited by malicious people to cause a DoS (Denial of Service).
d271034ef93519bc8f78b1a6ce1ad362874b784cd0e6d5888c4a0285908ebe63Secunia Security Advisory - Gentoo has issued an update for connman. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system.
6fe45118d7ab4c8ac47fdaf4ba8734b72140b52d01b5f6339b4bb9610f48d1b6Secunia Security Advisory - Some vulnerabilities have been reported in RealPlayer, which can be exploited by malicious people to compromise a user's system.
a1d30186496845399b0ac3d413e64ee8f1ddfdb9edb58adaddaeb4b9fb3c4891Secunia Security Advisory - A vulnerability has been reported in IBM Cognos Express, which can be exploited by malicious people to potentially compromise a vulnerable system.
2252fd4b89af6fad4a83e793ac762a6fd2198fbe7e16bfcb47e09f709eeb87aeSecunia Security Advisory - Chokri B.A. has reported a vulnerability in GENU, which can be exploited by malicious people to conduct cross-site request forgery attacks.
67226885bda9213fdf0e33dbe8a7e1049b1acd9d587ccd2e6031ecdeab50fb6eSecunia Security Advisory - Ubuntu has issued an update for quagga. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service).
dd515f664bac6f66a462b3eb358d675506077b90c5fc1a608b4f214741b2e062Secunia Security Advisory - Debian has issued an update for gridengine. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges.
158a0133a0d96405f70dd8b8ca43a4ab095c35ba1ea264eb57859f9f6a5b3d20Secunia Security Advisory - Walied Assar has discovered a vulnerability in Resource Tuner, which can be exploited by malicious people to compromise a user's system.
2bf64ecbacb36788a5260654d9ea6801360c02e02c1ae20db3b183dc5d99aa3cArtiphp CMS version 5.5.0 suffers from a database backup disclosure vulnerability.
2d47b6d911592d5ad10e5f9ed6aee5747555241f52f6549700cf57ce4a15e301Artiphp CMS version 5.5.0 suffers from multiple POST cross site scripting vulnerabilities.
7a4376013ae27e84c455c4635174e7c9d3e1f35f0efd073c63ffb7ec3323f459A review of the code in filter/source/msfilter msdffimp.cxx in OpenOffice.org versions 3.3 and 3.4 Beta revealed some unchecked memory allocations, which could be exploited via malformed Powerpoint graphics records ("escher") to cause bad_alloc exceptions. From this vulnerability a denial of service attack is possible.
37ba90753876b3352a8f998736c035b6682c16dcc663dc0b8448e6d9efb6e4d3Drupal Zen third party module version 6.x suffers from a cross site scripting vulnerability.
8b3257fa66f9dcce4b6bc69cf81759ef4837da4cbef5fad1533b7add8f34b154SiliSoftware backupDB() version 1.2.7a suffers from a cross site scripting vulnerability.
93a38f800fc0a877b5be79911d049e6102a1c97585507571023aa77665e09f5f
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed