phpMyChat Plus version 1.94 RC1 suffers from cross site scripting, local file inclusion, remote file inclusion, and remote SQL injection vulnerabilities.
d9626844cb02819f221ed1ea5a274e573e77484d4acae3b0ffe3b8d801141449Secunia Security Advisory - loneferret has discovered a vulnerability in ManageEngine Service Desk Plus, which can be exploited by malicious people to conduct script insertion attacks.
4b576f909e08c470239259f64d977553f3e5fa4e4a72ed165b1d7a788f36a797Ubuntu Security Notice 1493-1 - Stephan Mueller reported a flaw in the Linux kernel's dl2k network driver's handling of ioctls. An unprivileged local user could leverage this flaw to cause a denial of service. Timo Warns reported multiple flaws in the Linux kernel's hfsplus filesystem. An unprivileged local user could exploit these flaws to gain root system privileges.
77525d18fe3903454b40d845ae40d20592c749585227b9b425eaaa4ee7df89b9Ubuntu Security Notice 1492-1 - Stephan Mueller reported a flaw in the Linux kernel's dl2k network driver's handling of ioctls. An unprivileged local user could leverage this flaw to cause a denial of service. Timo Warns reported multiple flaws in the Linux kernel's hfsplus filesystem. An unprivileged local user could exploit these flaws to gain root system privileges.
5c008bad4bf5b5e6f2d1edfe0b628bc54eaa408b4b6b43672c68f300dcd7c96cUbuntu Security Notice 1491-1 - Stephan Mueller reported a flaw in the Linux kernel's dl2k network driver's handling of ioctls. An unprivileged local user could leverage this flaw to cause a denial of service. Timo Warns reported multiple flaws in the Linux kernel's hfsplus filesystem. An unprivileged local user could exploit these flaws to gain root system privileges.
da9199238227f76fc593b9934eb5128793f02fc7a4f1b881de72ef364cf8b2fcUbuntu Security Notice 1490-1 - Stephan Mueller reported a flaw in the Linux kernel's dl2k network driver's handling of ioctls. An unprivileged local user could leverage this flaw to cause a denial of service. Timo Warns reported multiple flaws in the Linux kernel's hfsplus filesystem. An unprivileged local user could exploit these flaws to gain root system privileges. A flaw was discovered in the Linux kernel's NFSv4 (Network file system) handling of ACLs (access control lists). A remote NFS server (attacker) could cause a denial of service (OOPS). Various other issues were also addressed.
8f1a22f35dec0021c950b54a8ef4715f583605a9e928beaab4afd45ba2ffe802Ubuntu Security Notice 1488-1 - Stephan Mueller reported a flaw in the Linux kernel's dl2k network driver's handling of ioctls. An unprivileged local user could leverage this flaw to cause a denial of service. Timo Warns reported multiple flaws in the Linux kernel's hfsplus filesystem. An unprivileged local user could exploit these flaws to gain root system privileges. A flaw was discovered in the Linux kernel's NFSv4 (Network file system) handling of ACLs (access control lists). A remote NFS server (attacker) could cause a denial of service (OOPS). Various other issues were also addressed.
9ff2c344a22dd177a74b4584652f72e70cc7becfc17793c4eb7ac7dc1549d124PC Tools Firewall Plus version 7.0.0.123 suffers from a denial of service vulnerability.
4447ecdb0363561495e738164aa0f707a038ec3388d0a37f183ac75f3c8b355dEdimestre Plus version 2.0 suffers from a remote SQL injection vulnerability.
afd9f46314a3e4b22be45a44bcd35ed48502149cf2ccef3133884a2bcdb6d419InterPont Plus Kft suffers from a remote SQL injection vulnerability.
27c13f4077899c478bef4b0d8799a813ec3a9105d8dcf98789e9bb3d432bf43dMandriva Linux Security Advisory 2012-094 - This is a bugfix release that upgrades clamav to the latest version The TAR file parser in ClamAV 0.96.4 allows remote attackers to bypass malware detection via a TAR archive entry with a length field that exceeds the total TAR file size. The Microsoft CHM file parser in ClamAV 0.96.4 allows remote attackers to bypass malware detection via a crafted reset interval in the LZXC header of a CHM file. The TAR file parser in ClamAV 0.96.4 allows remote attackers to bypass malware detection via a TAR archive entry with a length field corresponding to that entire entry, plus part of the header of the next entry.
9d3c70ef74c52e6171f0b59d36ffcd805402309bc35d4dd9220758ef6d22659bThis Metasploit module exploits a memory corruption flaw in Internet Explorer 8 when handling objects with the same ID property. At the moment this module targets IE8 over Windows XP SP3 through the heap massaging plus heap spray as exploited in the wild.
20f72fec96a5590b5bee38dc7ead6c6f34987bffcedca8f42c8054df4bedc309seoPLUSteam suffers from a remote SQL injection vulnerability.
7adc92ada21b2d5c1d43bcdc906519cabeed22d0562232b3ab0e223444b4ba84Secunia Security Advisory - A weakness and a vulnerability have been discovered in the Google Maps Via Store Locator Plus plugin for WordPress, which can be exploited by malicious people to disclose system information and conduct SQL injection attacks.
8c68474892194fb7925c80512cabd2ea19841d51613387806f1621a6a4b191d8It is an important and little-known property of web browsers that one document can always navigate other, non-same-origin windows to arbitrary URLs. Perhaps more interestingly, you can also navigate third-party documents to resources served with Content-Disposition: attachment, in which case, you get the original contents of the address bar, plus a rogue download prompt attached to an unsuspecting page that never wanted you to download that file. Proof of concept code included.
c8e117983282dd44d231f39a10dc8b0b2bf8c46c42490f1cf78aeb4b75db6be8PRE-CERT Security Advisory - The Linux kernel contains a vulnerability in the driver for HFS plus file systems that may be exploited for code execution or privilege escalation. A specially-crafted HFS plus filesystem can cause a buffer overflow via the memcpy() call of hfs_bnode_read() (in fs/hfsplus/bnode.c).
8a1ff866f8c109707f489791566f77bc54087a39904a2e9018d41836f35c9f85Secunia Security Advisory - Multiple vulnerabilities have been reported in ManageEngine SupportCenter Plus, which can be exploited by malicious users to disclose potentially sensitive information, bypass certain security restrictions, and conduct script insertion and SQL injection attacks and by malicious people to conduct script insertion attacks.
6a21b392667e0de36f47bb1aa876311da90ad44e9ca585b88f0ded6bc3e2c351ManageEngine Support Center Plus versions 7903 and below suffer from backup related, unauthorized access, cross site scripting, and remote SQL injection vulnerabilities.
00f2539984dab23c36d58c4e258af76a9f0554b23a8e7f3047e20d3d1a2fd7a1Register Plus Redux version 3.7.2 for WordPress appears to suffer from additional cross site scripting vulnerabilities.
db3fb962011dd8d10dc7bbbb09fa3e33e1b8850fab7bbad4805726fff8226418Plus.scriptrr.com suffers from a cross site scripting vulnerability.
7a5b5431e1618490d37bbb642b278081e30218db9bea79347697c53a930fae59Whitepaper called Wi-Fi Security with Wi-Fi Protection Plus. Wi-Fi P+ is a new security architecture proposed by the authors.
a1796ef5991f37e305255cca3db5c7cb382fdf8cc9c174e0f73caebf4c6d9270Secunia Security Advisory - Gjoko Krstic has discovered two vulnerabilities in ManageEngine ADManager Plus, which can be exploited by malicious people to conduct cross-site scripting attacks.
5b093d431574ee301d9ca93ea8012a41453502077bde39e24da1c0e790a9bbbdManageEngine ADManager Plus version 5.2 suffers from multiple cross site scripting vulnerabilities.
b0a7776712965ad82934634aa82214e128b7fb5bd571425c4a5e24d1a8a04ad8Register Plus versions 3.5.1 and below for WordPress suffer from code execution, cross site scripting and path disclosure vulnerabilities.
8af0748bb44a2d219bb2dab50499ab80ee471af807d2e71af2be053afca0860dRegister Plus Redux versions 3.7.3.1 and below suffer from cross site scripting, remote SQL injection and code execution vulnerabilities.
17b9d0bec625320c3f3fe806c42459e82b0311c9162527242328071b9eb678d9Secunia Security Advisory - A vulnerability has been reported in PukiWiki Plus!, which can be exploited by malicious people to conduct cross-site scripting attacks.
d3251d2dd93f7148e18669fa0f35664c23a19f47f3f77f5da4bda745d0c660c5
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed