Santilga CMS version 1.2.6.3 suffers from cross site request forgery and remote SQL injection vulnerabilities.
8a0563560c5278232bee426b67531c717a2f791ad068e36e4a01e78a1f3d99fa
AzDGDatingMedium version 1.9.3 suffers from cross site request forgery, cross site scripting, php code execution, remote SQL injection, and directory traversal vulnerabilities.
fca95caa0dc8e622b5578c80db1cc25787bae0c338499f4de51aa6149b181c7b
iOS versions 5.1.1 and below Safari Browser JS match(), search() crash proof of concept exploit.
88bf13ee6936fd4a41664c0ccb5fe91fdf90eb621dae78246483afea0a274ca3
Hyperion is a runtime encrypter for 32-bit portable executables. It is a reference implementation and bases on the paper "Hyperion: Implementation of a PE-Crypter".
c66e6ff1b37e64fba12f60f561cdd9e8055b39f03c9995e6b21f14088f779c52
PHP List version 2.10.9 suffers from a remote PHP code injection vulnerability.
c0cd3d38f573e33e53f01d69feeb8194bc1884cbe78a7bafd51ad3ccfed51be8
Small CMS suffers from a remote PHP code injection vulnerability.
0e3a9859ea3125d9c006d7cd5165bb3dd6f354ff5d19ecf1a7e15e8aadc18427
Symantec Web Gateway version 5.0.2 remote local file inclusion root exploit.
1f988ae10011c9e9527aa54aee6542a4e4f221f26948b02c388b89c3b9e6db66
Secunia Security Advisory - Multiple vulnerabilities have been reported in EMC AutoStart, which can be exploited by malicious people to compromise a vulnerable system.
a6e381260040ed30c8fe34feebca489b5d64771aefe757a03e8daf27724f1500
Secunia Security Advisory - Debian has issued an update for request-tracker3.8. This fixes multiple vulnerabilities, which can be exploited by malicious users to disclose potentially sensitive information, conduct SQL injection attacks, and bypass certain security restrictions and by malicious people to conduct cross-site scripting attacks, cross-site request forgery attacks, and compromise a vulnerable system.
239897c56ebc22b5d44a1b1e9fb213c1589f2c4216471e4f440ee9ec7dc0d4a6
Secunia Security Advisory - Ubuntu has issued an update for openssl. This fixes two vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions and cause a DoS (Denial of Service) of the application using the library.
3df54d4ab9c228f2348a011b682aa98a3ebef7a3a1a8d4c5a6abf6b27f0cca98
Secunia Security Advisory - A vulnerability has been reported in RSSOwl, which can be exploited by malicious people to conduct script insertion attacks.
992e85a248c2293e75f89318e50500beed8e0b9fcb1b6abd091e2467009369eb
Secunia Security Advisory - Walied Assar has discovered two vulnerabilities in ResEdit, which can be exploited by malicious people to potentially compromise a user's system.
3b3949a10be20b754836c1b9797ee5defc961186fbea1ba0e79660f407dcf5c7
Secunia Security Advisory - A vulnerability has been reported in Logitec LAN-W300N/R, LAN-W300N/RS, and LAN-W300N/RU2, which can be exploited by malicious people to bypass certain security restrictions.
f9d56eee8b724d15b8c7efac14f151b0179305f5089c72f08e59bb9a31cc91f5
Ubuntu Security Notice 1454-1 - A flaw was found in the Linux's kernels ext4 file system when mounted with a journal. A local, unprivileged user could exploit this flaw to cause a denial of service.
f28320f5538e98298ed28cf4be19ea1c9e1808d3f2e263ff05dd1b27f77c788d
This Metasploit module exploits a vulnerability found in WeBid version 1.0.2. By abusing the converter.php file, a malicious user can inject PHP code in the includes/currencies.php script without any authentication, which results in arbitrary code execution.
80a84c00e66900b12e9cef081970706d89671fdd6de08048a29a545f296cfe05
This Metasploit module exploits a vulnerability found in RabidHamster R4's web server. By supplying a malformed HTTP request, it is possible to trigger a stack-based buffer overflow when generating a log, which may result in arbitrary code execution under the context of the user.
9bd2fe133907afe8dae3b0872be07135e15c6152fbb081eaf7b8fefe328ad0a3
The GreHack 2012 Call For Papers has been announced. It will be held in Grenoble, France on October 19th, 2012.
6e421da4cd6b7010e65487f7a52f69e401e8bb337e0877e8a18abd3df844ccff
ResEdit version 1.5.11-win32 suffers from a buffer overflow. Proof of concept denial of service exploits included.
b262a9976e97dcbc6e64df36a7f4ee9302668979e3d09d6cc91825b139dcfede
Kolkata is a tool for IDS evading web application fingerprinting. It is written in perl and uses LibWhisker.
51799f93b27c4bf9963d9bb0be06a9c97f9292d2a95f88350b3c19c6dc197876
This Metasploit module exploits a vulnerability found in Dorn Content Management Script (CMS), version 1.4. By abusing the add_page.php file, the attacker can upload/add a new file (.php) to the /cms/pages/ directory without any authentication, which results in arbitrary code execution.
d9e8467b701cbfb9bbe903c58d26bef4b2a9541424f51ceb8b51542282f6f250
The Hacktivity 2012 Call For Papers has been announced. It will be held from October 12th through the 13th, 2012 in Budapest, Hungary.
a163595c09a95340653cd554ab451e60125bc5eac1cd39d4800f8efeb1c8b86f
LogAnalyzer version 3.4.2 suffers from cross site scripting, arbitrary file reading, and remote SQL injection vulnerabilities.
20e0cd6da8ae12e950d981ee3947ff25853bdc8fedef7053293f570dfee099d1
Pligg CMS version 1.2.1 suffers from cross site scripting and local file inclusion vulnerabilities.
a7d8c229d604afce14ad7a8fb8d44e7b7cc72c937a69259550169bc098531f63
pragmaMx version 1.12.1 suffers from a cross site scripting vulnerability.
cff5f8ae37aa417115fc3dcd726341dfa6ed0e74700583b162c5da31739d0fdb
Ubuntu Security Notice 1453-1 - A flaw was found in the Linux's kernels ext4 file system when mounted with a journal. A local, unprivileged user could exploit this flaw to cause a denial of service. A flaw was found in the Linux kernel's KVM (Kernel Virtual Machine) virtual cpu setup. An unprivileged local user could exploit this flaw to crash the system leading to a denial of service. Steve Grubb reported a flaw with Linux fscaps (file system base capabilities) when used to increase the permissions of a process. For application on which fscaps are in use a local attacker can disable address space randomization to make attacking the process with raised privileges easier. Various other issues were also addressed.
0ce91b7b629cfee8a757c0aaf95f5ab728dc7c0c8392a5ba774db361dc1f15e3