In certain versions of the DM FileManager Wordpress Plugin, the security_file parameter does not correctly check the source of a file before including it, leading to a remote file inclusion vulnerability that can be leveraged to gain remote code execution.
41fbdd0b4c17113fac05e11bebc41175e9551ce9772141ef01a6e7e1db1f5db0
Ubuntu Security Notice 1588-1 - It was discovered that the apt-add-repository tool incorrectly validated PPA GPG keys when importing from a keyserver. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to install altered package repository GPG keys.
d4396190ccfa94588380a58d858289ecb7fc6d60d433cd55f43f525f2db9e5a0
The Open Data Protocol (OData) is an open web based RESTful protocol for querying and updating data. This paper discusses OData penetration testing methodology and techniques.
1b62d466847cec22c497a72fa0fe279d3bd1de562ba4265594efc26f9d86694d
The operating system your smartphone is running may be vulnerable to USSD commands that could wipe your entire phone. Tapping on a link to a cleverly coded web page could order you phone to reset itself to factory settings and disintegrate all your private data with it. Any Android phone running Phone.apk version 4.1 or lower is at risk and that's the broader base of them. Install Bitdefender's USSD Wipe Stopper to protect against such attacks. Now, once you would tap on a exploiting link, Bitdefender will intercept the wipe command and ask you to decide what to do next. You may, if unsure, dismiss the USSD command.
3cd59866b648b42e35402ab278852e5cc8501faa6680e4deda628dc5b5c0a8fc
Switchvox Asterisk version 5.1.2 suffers from multiple cross site scripting vulnerabilities.
094fd6c70d9dd0c3b3250dc778e2e27d80b12eba5727fd6a136e84738296f719
Zabbix version 1.6.2 suffers from a code execution vulnerability.
86f3d883d617a5ae5377c71678d17a1db0b1cf46e8c15b15457abc89b6a8e4b7
CPE17 Autorun Killer ASCII buffer overflow exploit that affects version 1.8.6 Build 1590.
45ab5709f7ce5a9b5b68d340ae0ccc07940d06d214a49b66c1a95d74abcfd8e6
GTA UTM Firewall GB version 6.0.3 suffers from cross site scripting vulnerabilities.
cfa3764e13829a09db71866d8f36db163443a2644ea1d9231b821f9e7b3b542a
OPlayer version 2.0.05 iOS suffers from multiple cross site scripting vulnerabilities.
a277e8545eb337b39b8f14b4916271e1e964d708e2bc6873d75e37a449552c85
Xoops version 2.3.2 suffers from a remote code execution vulnerability in the mydirname parameter.
ea1f08a5a265d8abd6a9171f572dfdaf10a138346ebc32742bbe81fdb47d184e
This archive contains all of the 256 exploits added to Packet Storm in September, 2012.
bbb478a3c8f1410582de4a2959ee31d844a1ddfb760e1ad038787a83ee454040
Mambo versions 4.6.4 and below suffer from a remote file inclusion vulnerability.
826f24c1c50ffe80d1ad1c76f696a214320c9bb95368d20ea004268b6a69fda4
Digital Whisper Electronic Magazine issue 36. Written in Hebrew.
8f5463baf3e63cf782378d23f806a412db589389884f3bc5194d94598c97830a
Secunia Security Advisory - Avaya has acknowledged some vulnerabilities in Avaya Communication Server 1000, which can be exploited by malicious, local users to bypass certain security restrictions or cause a DoS (Denial of Service).
df30eca715d98acd5ef5a2fe74d28ebefb1bd68f997901ea1bfa6ce6b08b567f
Secunia Security Advisory - A vulnerability has been reported in IBM AIX, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
fcf09a4edf487bb7c427619328825409af270fdb926c26ee24f391f9d170783a
Secunia Security Advisory - Symantec has acknowledged multiple vulnerabilities in Symantec Enterprise Vault, which can be exploited to malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system.
c66641f3c7dd9aac9295911b1843c1013e6ac26b548fb76a7e5951bdb433d4ef
Secunia Security Advisory - A vulnerability has been reported in WebSphere Commerce, which can be exploited by malicious people to gain knowledge of sensitive information.
298873eea54230e71ce70c52e9d7be5018500d7cc854f5a85b8697a1de18c502
Secunia Security Advisory - A vulnerability has been reported in DeltaV, which can be exploited by malicious people to cause a DoS (Denial of Service).
5a21c93ce2fa4df9b3735f50c9581d0046281084f98aefdb7b9f8d545084c59c
Secunia Security Advisory - A vulnerability has been reported in cgit, which can be exploited by malicious users to cause a DoS (Denial of Service).
64f32c359e342a788cd5b342a28be3b9209d2d73b530b1aeea11e9840dae0a15
Secunia Security Advisory - A vulnerability has been reported in Tivoli Federated Identity Manager, which can be exploited by malicious people to bypass certain security restrictions.
2b634f34d4f56554bcd80392d56efdd0045c62d4f37af596dd6375274c92ff4a
Secunia Security Advisory - Some vulnerabilities have been reported in Rational Business Developer, which can be exploited by malicious people to conduct spoofing and cross-site scripting attacks and gain knowledge of potentially sensitive information.
7a244e17c114598ed2229d1c63730b2310180c001bf494b4f971380a90bf98a6
Secunia Security Advisory - Oracle has acknowledged a security issue in IMPItool included in Solaris, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
6b96aa992d5d0373b7bdad3fad58aadadd27ed17a7b0198d664e201f2bb4e236
Secunia Security Advisory - A vulnerability has been reported in Rational Team Concert, which can be exploited by malicious people to conduct cross-site request forgery attacks.
32f5550725115bf19be803ecc62d3ede2500f6828ea7b24b4fed84ba154603f2
Secunia Security Advisory - SUSE has issued an update for java-1_6_0-ibm. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to disclose potentially sensitive data and by malicious people to disclose potentially sensitive information, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system.
e68b824faaad639997811417fea6ca0a7c93c708a3033004938ad18186f10769