PyroCMS version 2.1.1 suffers from CRLF injection and stored cross site scripting vulnerabilities.
5053cd5681c7e2370439dde2d747575873c3c5195878aafc31db53687d0ef75emod_auth_pubtkt is a simple Web single sign-on (SSO) solution for Apache. It validates authentication tickets provided by the client in a cookie using public-key cryptography (DSA or RSA). Thus, only the login server that generates the tickets needs to possess the private key, while Web servers can verify tickets given only the public key. The implementation of the login server is left to the user, but an example and a library in PHP are provided with the distribution.
8ff3de9c5acc026c6fd74fd8e599c0c2659cd29c51693dbf67a8bf8c609be94eISC Security Advisory - The handling of zero length rdata can cause named to terminate unexpectedly.
fc123558f95ccb6b2d994cac429265085c0cb3db3caf42feccbfa83715e336c5The seventh annual EUSecWest applied technical security conference - where the eminent figures in the international security industry get together share best practices and technology - will be held in downtown Amsterdam near Leidseplein Square on September 19/20, 2012. The most significant new discoveries about computer network hack attacks and defenses, commercial security solutions, and pragmatic real world security experience will be presented in a series of informative tutorials. This is the Call For Papers.
73ac8a41554f9ccb3147b8d66807d54eb71c1fb95d025fa3bfdc12562e584f7bZoph version 0.9pre2 suffers from cross site request forgery, remote file disclosure, and remote blind SQL injection vulnerabilities.
865a2df0f072694ea17b80a8230b7ca7e96ee5bb8f33c6a27d742f75a8af1e29Mnews versions 1.1 and below suffer from a remote SQL injection vulnerability in view.php.
f37e996cf5f9e2018f48d8178c7806bc499bea1a350d778f745b349dbd6e126eDella CMS suffers from a remote SQL injection vulnerability.
c37c58d1b6ea4049a82103f8f17cbb15a2b8207cd0af6227c25d7be8e567e625Sysax versions 5.60 and below suffer from a buffer overflow vulnerability when creating an SSL certificate.
25b09a6e92ff4d9c00a80eaae87713ec5fe32db0a7d9c1c488dd9ed1a7a31810Xtemplate suffers from a shell upload vulnerability.
3fb8a8f1839994c0a90059508ac4a5a8651537183bcc1591a30a6b85dbe58f98Hexamail Server versions 4.4.5 and below suffer from a persistent cross site scripting vulnerability.
160e361b2554abab89535e34bcabe535be38225dbc0d072c307a624af2a5e429Dblog version 1.4.1 suffers from an access bypass vulnerability.
b385b6d7bfd3e487033ccfb40153e6b9b3e9d4761dab6f1dcb1a584ab7a75cd9Msi.com suffers from a cross site scripting vulnerability. The site has not responded to the author's reports regarding the vulnerability.
c9d97b74fc7322f89c01f534cb33e2c2db7bb0dece41a50b13206dcb3db28bb4Webex Eshop Builder suffers from a remote SQL injection vulnerability.
53807b7190bca361ba569db5d63095ff3c4050f49921ae4d601370de5b411cd3IM Storm suffers from a remote SQL injection vulnerability.
23ae844bc361dab22b50b11509895854cf69f2c1305e87c923363e640adb863dIndexu 7 suffers from a remote PHP code injection vulnerability.
816257c2816d75a46511ee3959c91e8516dcbe49e98c8a1eb5afca48485cdc5eCMS Faethon version 1.3.4 suffers from a remote SQL injection vulnerability. This is against a very old version of this software.
459859a75f9b4c84edc8f4f38a5293b2f0696b2ca5646089b7ca33c4948f94d7Secunia Security Advisory - Henry Hoggard has discovered two vulnerabilities in the Poll plugin for Vanilla Forums, which can be exploited by malicious users to conduct script insertion attacks.
955f4a598b0dbb324741b15774fab7683a28ab752b4a66bd131f2dd0c90346afSecunia Security Advisory - Gentoo has issued an update for qt-gui. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library.
76648c6a7cbc4c092edb6928fbf1ff8e6989e39ed29c170b00b6004a32df4e7eSecunia Security Advisory - Multiple vulnerabilities have been reported in Bloxx Web Filtering, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to bypass certain security restrictions and conduct cross-site scripting, cross-site request forgery, and script insertion attacks.
71f3c4b73a247ce9f9147f0dfcb375b83ce587373e1c731d0aef058092c3886dSecunia Security Advisory - Debian has issued an update for nut. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
f9e1c8e982c1bd494df2101c01f85f0ec1df2615ed9aba2c067e2a211359d1efSecunia Security Advisory - A vulnerability has been reported in ISC BIND, which can be exploited by malicious people to disclose potentially sensitive information or cause a DoS (Denial of Service).
fd0981b313ebf39d1d6dabbd2b5b927d698fed95ff2cf89e78890b935e02fa32Secunia Security Advisory - A vulnerability has been reported in Symfony, which can be exploited by malicious people to conduct session fixation attacks.
f81aed8917c112893b0fc804be9d7681a501ba4ec0beba822713cc07a914eeb0Secunia Security Advisory - SUSE has issued an update for the kernel. This fixes two vulnerabilities, which can be exploited by malicious, local users to potentially gain escalated privileges and by malicious people to cause a DoS (Denial of Service).
1a6a31dd8a71880ccec32738a88421ec9bb125591a8c40528def7a277e83e3b1Secunia Security Advisory - Henry Hoggard has discovered a vulnerability in Vanilla Forums, which can be exploited by malicious users to conduct script insertion attacks.
eba0ee21289bcc19a09c7135ca23bbe3ea711278f97cd281d04191752d0bd9dfSecunia Security Advisory - Multiple vulnerabilities have been reported in Piwik, which can be exploited by malicious people to conduct cross-site scripting and cross-site request forgery attacks, disclose potentially sensitive information, and cause a DoS (Denial of Service).
d72bb78b0941fdab165353f10c776f31e743b2212bd6ada1eca2cc6eb218ccb4
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed