Proof of concept crash exploit for Safari on iOS that leverage a denial of service vulnerability.
b7aed7d45d2d8c141f4d038fb1e6bb148bd5d8c687b4740e140f2b04997e86d9
Apache CXF does not verify that elements were signed or encrypted by a particular Supporting Token. This affects all released versions as of 06/08/2012.
c9c7fa7be43cf530477727dcae683b3b6071776b83dccb3e1ab0dc315ec3a472
Apache CXF does not pick up some child policies of WS-SecurityPolicy 1.1 SupportingToken policy assertions on the client side. Apache CXF versions 2.4.5 through 2.4.7, 2.5.1 through 2.5.3, and 2.6.0 are affected.
9192946a363a63b454cdbfe47e3d089546ef6e6058eec8ac012d7080b7e47be8
WordPress Front File Manager plugin version 0.1 suffers from a remote shell upload vulnerability.
25ed8e8b43835ced0555faedf7e4cdf42064f48711671212c46a0e026accc68f
RIPS Scanner version 0.10 suffers from a remote file disclosure vulnerability.
a31a288429214fe9ebd246db2b1d9ce10fb74e38b5f385c987fc71f4da55dded
WordPress WP Easy Gallery plugin version 1.8 suffers from a remote shell upload vulnerability.
8708a0229d8e3a219d0453c71acd6c833c8bd82aad0dd4b8bc7581d531a0648c
ComSndFTP server version 1.3.7 Beta suffers from a format string denial of service vulnerability.
3dd29f6ba19c152cfdc941d25317dd129231fd8200a350bc6ba8338881502fa1
Webspell FIRSTBORN Movie-Addon suffers from a remote blind SQL injection vulnerability.
d9e82b58d312f2415f6308b598bd904aa390f1d6d9e109699cf706f82bcfdb16
vBulletin version 4.1.12 suffers from a MySQL information disclosure vulnerability.
7179a11916ac4740505cb246fc17137a5f1743347b7f111d00161bdb3083a05e
vBulletin version 4.1.12 suffers from a path disclosure vulnerability.
4342f777da9340e5145b9d82eb7888da7bbdec098172cfefa894b1410c414f9c
WordPress wpStoreCart plugin versions 2.5.27 through 2.5.29 suffer from a remote shell upload vulnerability.
2879124f9e34b74a175df0aba3fe9bd4adeece2c2ded06294e0f3929f28853de
WordPress Tinymce Thumbnail Gallery version 1.0.7 suffers from a remote file disclosure vulnerability.
f5e86fd51323af8040fcc35b62397d06624f004674602c26375f6cf0c584342b
WordPress Thinkun Remind plugin version 1.1.3 suffers from a remote file disclosure vulnerability.
dc78d73b9fec5e126b95d77c6366f3aff416631c95901502bc5bcfece07cb249
WordPress Simple Download Button Shortcode plugin version 1.0 suffers from a remote file disclosure vulnerability.
e4ea7bd25d10fdaf89c8e656cdfa5028c177aa91fd04a159e38b67fb23e04e98
WordPress RBX Gallery plugin version 2.1 suffers from a remote shell upload vulnerability.
287b15a719958c8176a8962f821dd7400e22e7113b68033f37ddea0d68915157
WordPress Newsletter plugin version 1.5 suffers from a remote file disclosure vulnerability.
09d7fab221f00944084c7fb1e89aef576fcffdfc40e8d842eea78f20e97f72cd
CMS Wizard suffers from a remote SQL injection vulnerability.
52ed2fed6ce6b85786204c6fe3cef0f6ccfc46db20c8d2c40ab56d6bab8fba04
WordPress Omni Secure Files plugin version 0.1.13 suffers from a remote shell upload vulnerability.
870655a0d4a76934c83f0c91fb1e0aab40e835fa9412dedeee75bc71821431e6
WordPress Front End Upload plugin version 0.5.3 suffers from a remote shell upload vulnerability.
1aff8c8039a09929c3c1d5e827f3e25c269a49a9bb63ea872167497884ad7da3
CiativaWeb suffers from a remote SQL injection vulnerability.
005aadf34edb6627e81b00cdf4a7dda90f10f10ef60a89ec43201b1e1fe83fcf
Secunia Research has discovered two vulnerabilities in Network Instruments Observer, which can be exploited by malicious people to compromise a vulnerable system. A boundary error in the "CSnmp::DecodePacket()" method (NISNMP.DLL) when processing the community string can be exploited to cause a heap-based buffer overflow via a specially crafted SNMP datagram. An error in the "CSnmp::DecodePacket()" method (NISNMP.DLL) when processing an Object Identifier (OID) can be exploited to cause a heap-based buffer overflow via a specially crafted Trap PDU (0xA4) SNMP datagram sent to UDP port 162. Successful exploitation of the vulnerabilities allows execution of arbitrary code, but may require the attacker to enumerate or guess the SNMP port. Observer version 15.1 Build 0007.0000 is affected.
47406405f7fbbaf3904168e2444043931477814738fb138699f2f1cd927dab1d
PHPNet versions 1.8 and below suffer from a remote SQL injection vulnerability in ler.php.
3b8d289681cbe40445b5a1f14631ea0e13b6be7bcf6259ab5074c75b58a6d152
Secunia Research has discovered a vulnerability in Network Instruments Observer, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error in the "CSnmp::ASN1_ReadObjIDValue()" method (NISNMP.DLL) when processing an Object Identifier (OID) within a variable binding list. This can be exploited to cause a limited stack-based buffer overflow and cause a crash only via e.g. a specially crafted SetRequest SNMP datagram. Observer version 15.1 Build 0007.0000 is affected.
4b19996f632b90588e6f9fdda2fe95919af4b0bd7fa7dcf8b09165f3ad0b36c0
WordPress Picturesurf Gallery plugin version 1.2 suffers from a remote shell upload vulnerability.
6e05d0d9a6fcd4eacb2522707f216641b70eeae29ca25fed8fe0d6d5f067f839
WordPress PICA Photo Gallery plugin version 1.0 suffers from a remote file disclosure vulnerability.
ca9dd440e85c6f330d7e19bb85155495d7d6cb8e64317a02d87ba7ae8c134190