Joomla Easy Flash Uploader component version 2.0 suffers from a remote shell upload vulnerability.
3cd37f8b8f1e6a5ed15a3399fafd3d04d6fea0cb869d2c9b9dc452bef9cde268WordPress VideoWhisper Video Conference plugin version 4.51 suffers from a remote shell upload vulnerability.
e5f9a1ad6acf756adea2060e21fd61f9a83c06d977aa326984636e5bfaedfcfdSecunia Security Advisory - Two vulnerabilities have been reported in Xen, which can be exploited by malicious, local users in a guest virtual machine to cause a DoS (Denial of Service) and gain escalated privileges.
de1462ae737501d2aa745b34c07ca5e0093600e5bf3ed4f7b0484eb450f61b30Secunia Security Advisory - Multiple vulnerabilities have been reported in Internet Explorer, which can be exploited by malicious people to disclose sensitive information, conduct cross-site scripting attacks, and compromise a user's system.
88dffe2d8b0c345ca1976d0ac3df021926a27395c6886d334d5adbd44fa21c15Secunia Security Advisory - Multiple vulnerabilities have been reported in Microsoft Lync and Office Communicator, which can be exploited by malicious people to conduct cross-site scripting attacks and compromise a user's system.
7812bf9ceb2f73b33778cf64d0ab73cef2ce3da0dabfbbe325ea4456154599dbSecunia Security Advisory - A vulnerability has been reported in Microsoft Dynamics AX, which can be exploited by malicious people to conduct cross-site scripting attacks.
a3da5313baad46ffce439e9d27fee7dfda837c3356cb6eaa8bb7f91dc072b937DeXSS provides a SAX2 Parser to help protect against cross site scripting (XSS) attacks. DeXSS uses TagSoup to parse potentially malformed input, followed by a SAX2 filter pipeline to remove JavaScript from HTML. You can use the DeXSS parser in place of your existing SAX2 parser, or you can use the DeXSS utility to provide a string-to-string conversion.
6b2ac847ccc68a5a4b369c54df3b011afeef4702562ef4d6304a3355e16ed115Netzob supports the expert in reverse engineering, evaluation, and simulation of communication protocols. Its main goals are to help security evaluators to assess the robustness of proprietary or unknown protocol implementations, simulate realistic communications to test third-party products (IDS, firewalls, etc.), and create an Open Source implementation of a proprietary or unknown protocol. Netzob provides a semi-automatic inferring process, and includes everything necessary to passively learn the vocabulary of a protocol and actively infer its grammar. The learnt protocol can afterward be simulated. Netzob handles text protocols (like HTTP and IRC), fixed field protocols (like IP and TCP), and variable field protocols (like ASN.1-based formats).
91fa98852cc51306077c49e5198bcaa8bc6229c3e02ab6e3a0db9b9a3a273542F5 BIG-IP suffers from a remote root authentication bypass vulnerability. Version 11.1.0 build 1943.0 is affected.
c47245f9200c1bf4bbb5365534f451ad55a2d52e535a8693e694ffc822fc7c9fClanSuite version 2.9 suffers from a remote shell upload vulnerability.
4cddd6e26800a71ebda87657e74dc50f77b7e8201898a675b391e0b6025449b4WordPress Wp-Gpx-Map plugin version 1.1.21 suffers from a remote shell upload vulnerability.
e459c1448787b96715f987b58625e6e391b9f004a09ba27817f9d4c9c454a269WordPress Top Quark Architecture plugin version 2.10 suffers from a remote shell upload vulnerability.
7704ff1b8ea27774b6a9e5baa5618e930a226c296984990a89e25e8c009d9f3dWordPress Custom Content Type Manager version 0.9.5.13-pl suffers from a remote shell upload vulnerability.
c9c30a46a658c4219ab65c3b457e3ed08a7b4869affd4a5832b2d6870f5ffc77WordPress User Meta plugin version 1.1.1 suffers from a remote shell upload vulnerability.
aa269e99e7a2603046d54826cc650b1073718e8b0d173de394036cff1e2584bcHosting Syste-Mar suffers from a remote SQL injection vulnerability.
8eb774517d548c642fe28ac46e0e405b83712022ed82bfe6cd9ec87d013b708fEspejo Design suffers from a remote SQL injection vulnerability.
13c3caed35d158738601e4da8538f1b0f8f156d6c212714d1e8c1cc627c634f2Wisimple suffers from a remote SQL injection vulnerability.
8232fd0fd5264b0082caedefa68913f85cd0efd1eefd8895458bd162bdc61e25XCreativa suffers from a remote SQL injection vulnerability.
fc937f0ea0bfefdb9dffe345bbe5949806ec91cc4c8e0b6286c03e51a7977eebChangomedia suffers from a remote SQL injection vulnerability.
65940475ac8497b49b6a6c121567680790c492f0d41218ac958a514b703b56d6Et-Chat suffers from a remote shell upload vulnerability.
100b8db07a84fe489748fff77bde93e3612fda58e037f468f994d4f3d635662aMandriva Linux Security Advisory 2012-089 - ISC BIND 9.x before 9.7.6-P1, 9.8.x before 9.8.3-P1, 9.9.x before 9.9.1-P1, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P1 does not properly handle resource records with a zero-length RDATA section, which allows remote DNS servers to cause a denial of service (daemon crash or data corruption) or obtain sensitive information from process memory via a crafted record. The updated packages have been upgraded to bind 9.7.6-P1 and 9.8.3-P1 which is not vulnerable to this issue.
a8217cffac821010635bfa2ad29fda43e42e61d06ec1bb8c1c4909f802aa412cUbuntu Security Notice 1467-1 - It was discovered that certain builds of MySQL incorrectly handled password authentication on certain platforms. A remote attacker could use this issue to authenticate with an arbitrary password and establish a connection. MySQL has been updated to 5.5.24 in Ubuntu 12.04 LTS. Ubuntu 10.04 LTS, Ubuntu 11.04 and Ubuntu 11.10 have been updated to MySQL 5.1.63. A patch to fix the issue was backported to the version of MySQL in Ubuntu 8.04 LTS. Various other issues were also addressed.
52928dd0c621971574807252ccbdfb1af768836701965a6ed9bfbf0a6c13a411WordPress Pica Photo Gallery module version 1.0 suffers from a remote shell upload vulnerability.
57b051d2f050635c6d17783725fc883d523c8fc31b23d2857f8037b0ab27ce9cWordPress Drag and Drop File Upload module version 0.1 suffers from a remote shell upload vulnerability.
7f9c980cb49bcbd92488d1580411b61100aee1d28b5cebd20319445db08d7c0dAlphanumeric shellcode is similar to ascii shellcode in that it is used to bypass character filters and evade intrusion-detection during buffer overflow exploitation. This article documents alphanumeric code on multiple architectures, but primarily the 64 bit x86 architecture. Alphanumeric shellcode requires a basic understanding of bitwise math, assembly and shellcode.
58bd7026c178df13e32741aeefd385da0fd61df0dd758c8fe3d294c3c7f8be08
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed