Santilga CMS version 1.2.6.3 suffers from cross site request forgery and remote SQL injection vulnerabilities.
8a0563560c5278232bee426b67531c717a2f791ad068e36e4a01e78a1f3d99faAzDGDatingMedium version 1.9.3 suffers from cross site request forgery, cross site scripting, php code execution, remote SQL injection, and directory traversal vulnerabilities.
fca95caa0dc8e622b5578c80db1cc25787bae0c338499f4de51aa6149b181c7biOS versions 5.1.1 and below Safari Browser JS match(), search() crash proof of concept exploit.
88bf13ee6936fd4a41664c0ccb5fe91fdf90eb621dae78246483afea0a274ca3Hyperion is a runtime encrypter for 32-bit portable executables. It is a reference implementation and bases on the paper "Hyperion: Implementation of a PE-Crypter".
c66e6ff1b37e64fba12f60f561cdd9e8055b39f03c9995e6b21f14088f779c52PHP List version 2.10.9 suffers from a remote PHP code injection vulnerability.
c0cd3d38f573e33e53f01d69feeb8194bc1884cbe78a7bafd51ad3ccfed51be8Small CMS suffers from a remote PHP code injection vulnerability.
0e3a9859ea3125d9c006d7cd5165bb3dd6f354ff5d19ecf1a7e15e8aadc18427Symantec Web Gateway version 5.0.2 remote local file inclusion root exploit.
1f988ae10011c9e9527aa54aee6542a4e4f221f26948b02c388b89c3b9e6db66Secunia Security Advisory - Multiple vulnerabilities have been reported in EMC AutoStart, which can be exploited by malicious people to compromise a vulnerable system.
a6e381260040ed30c8fe34feebca489b5d64771aefe757a03e8daf27724f1500Secunia Security Advisory - Debian has issued an update for request-tracker3.8. This fixes multiple vulnerabilities, which can be exploited by malicious users to disclose potentially sensitive information, conduct SQL injection attacks, and bypass certain security restrictions and by malicious people to conduct cross-site scripting attacks, cross-site request forgery attacks, and compromise a vulnerable system.
239897c56ebc22b5d44a1b1e9fb213c1589f2c4216471e4f440ee9ec7dc0d4a6Secunia Security Advisory - Ubuntu has issued an update for openssl. This fixes two vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions and cause a DoS (Denial of Service) of the application using the library.
3df54d4ab9c228f2348a011b682aa98a3ebef7a3a1a8d4c5a6abf6b27f0cca98Secunia Security Advisory - A vulnerability has been reported in RSSOwl, which can be exploited by malicious people to conduct script insertion attacks.
992e85a248c2293e75f89318e50500beed8e0b9fcb1b6abd091e2467009369ebSecunia Security Advisory - Walied Assar has discovered two vulnerabilities in ResEdit, which can be exploited by malicious people to potentially compromise a user's system.
3b3949a10be20b754836c1b9797ee5defc961186fbea1ba0e79660f407dcf5c7Secunia Security Advisory - A vulnerability has been reported in Logitec LAN-W300N/R, LAN-W300N/RS, and LAN-W300N/RU2, which can be exploited by malicious people to bypass certain security restrictions.
f9d56eee8b724d15b8c7efac14f151b0179305f5089c72f08e59bb9a31cc91f5Ubuntu Security Notice 1454-1 - A flaw was found in the Linux's kernels ext4 file system when mounted with a journal. A local, unprivileged user could exploit this flaw to cause a denial of service.
f28320f5538e98298ed28cf4be19ea1c9e1808d3f2e263ff05dd1b27f77c788dThis Metasploit module exploits a vulnerability found in WeBid version 1.0.2. By abusing the converter.php file, a malicious user can inject PHP code in the includes/currencies.php script without any authentication, which results in arbitrary code execution.
80a84c00e66900b12e9cef081970706d89671fdd6de08048a29a545f296cfe05This Metasploit module exploits a vulnerability found in RabidHamster R4's web server. By supplying a malformed HTTP request, it is possible to trigger a stack-based buffer overflow when generating a log, which may result in arbitrary code execution under the context of the user.
9bd2fe133907afe8dae3b0872be07135e15c6152fbb081eaf7b8fefe328ad0a3The GreHack 2012 Call For Papers has been announced. It will be held in Grenoble, France on October 19th, 2012.
6e421da4cd6b7010e65487f7a52f69e401e8bb337e0877e8a18abd3df844ccffResEdit version 1.5.11-win32 suffers from a buffer overflow. Proof of concept denial of service exploits included.
b262a9976e97dcbc6e64df36a7f4ee9302668979e3d09d6cc91825b139dcfedeKolkata is a tool for IDS evading web application fingerprinting. It is written in perl and uses LibWhisker.
51799f93b27c4bf9963d9bb0be06a9c97f9292d2a95f88350b3c19c6dc197876This Metasploit module exploits a vulnerability found in Dorn Content Management Script (CMS), version 1.4. By abusing the add_page.php file, the attacker can upload/add a new file (.php) to the /cms/pages/ directory without any authentication, which results in arbitrary code execution.
d9e8467b701cbfb9bbe903c58d26bef4b2a9541424f51ceb8b51542282f6f250The Hacktivity 2012 Call For Papers has been announced. It will be held from October 12th through the 13th, 2012 in Budapest, Hungary.
a163595c09a95340653cd554ab451e60125bc5eac1cd39d4800f8efeb1c8b86fLogAnalyzer version 3.4.2 suffers from cross site scripting, arbitrary file reading, and remote SQL injection vulnerabilities.
20e0cd6da8ae12e950d981ee3947ff25853bdc8fedef7053293f570dfee099d1Pligg CMS version 1.2.1 suffers from cross site scripting and local file inclusion vulnerabilities.
a7d8c229d604afce14ad7a8fb8d44e7b7cc72c937a69259550169bc098531f63pragmaMx version 1.12.1 suffers from a cross site scripting vulnerability.
cff5f8ae37aa417115fc3dcd726341dfa6ed0e74700583b162c5da31739d0fdbUbuntu Security Notice 1453-1 - A flaw was found in the Linux's kernels ext4 file system when mounted with a journal. A local, unprivileged user could exploit this flaw to cause a denial of service. A flaw was found in the Linux kernel's KVM (Kernel Virtual Machine) virtual cpu setup. An unprivileged local user could exploit this flaw to crash the system leading to a denial of service. Steve Grubb reported a flaw with Linux fscaps (file system base capabilities) when used to increase the permissions of a process. For application on which fscaps are in use a local attacker can disable address space randomization to make attacking the process with raised privileges easier. Various other issues were also addressed.
0ce91b7b629cfee8a757c0aaf95f5ab728dc7c0c8392a5ba774db361dc1f15e3
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed