what you don't know can hurt you
Showing 1 - 25 of 100 RSS Feed


Echo Security Advisory 2007.71
Posted Mar 14, 2007
Authored by Echo Security, Dedi Dwianto | Site advisories.echo.or.id

Activist Mobilization Platform (AMP) version 3.2 suffers from a remote file inclusion vulnerability.

tags | exploit, remote, file inclusion
MD5 | 92afb27e69f76ef319f7e6bc9e05101e

Related Files

Cisco Immunet / Cisco AMP For Endpoints Scanning Denial Of Service
Posted Nov 9, 2018
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

A vulnerability in the system scanning component of Cisco Immunet and Cisco Advanced Malware Protection (AMP) for Endpoints running on Microsoft Windows could allow a local attacker to disable the scanning functionality of the product. This could allow executable files to be launched on the system without being analyzed for threats. The vulnerability is due to improper process resource handling. Cisco Immunet versions prior to 6.2.0 and Cisco AMP For Endpoints version 6.2.0 are affected.

tags | exploit, local
systems | cisco, windows
advisories | CVE-2018-15437
MD5 | 7a4ff17f412569211f6751de8fc14501
Hardened-PHP Project Security Advisory 2005-12.60
Posted Aug 5, 2005
Authored by Stefan Esser, Hardened-PHP Project | Site hardened-php.net

UseBB versions 0.5.1 and below suffer from multiple SQL injection and cross site scripting vulnerabilities.

tags | advisory, vulnerability, xss, sql injection
MD5 | 87efe74fcdd09005ec610e4a68e249d4
Hardened-PHP Project Security Advisory 2005-11.59
Posted Jul 22, 2005
Authored by Christopher Kunz, Hardened-PHP Project | Site hardened-php.net

Hardened-PHP Project Security Advisory - Cross site scripting, password hash disclosure, SQL injection, and information disclosure vulnerabilities exist in Contrexx versions below 1.0.5.

tags | exploit, php, vulnerability, xss, sql injection, info disclosure
MD5 | 0e4cd2317cab25d9086f32108f57fedd
KDE Security Advisory 2005-07-21.1
Posted Jul 22, 2005
Authored by KDE Desktop | Site kde.org

KDE Security Advisory: Kopete contains a copy of libgadu that is used if no compatible version is installed in the system. Several input validation errors have been reported in libgadu that can lead to integer overflows and remote DoS or arbitrary code execution. All versions of Kopete as included in KDE 3.3.x up to including 3.4.1 are affected. KDE 3.2.x and older are not affected.

tags | advisory, remote, overflow, arbitrary, code execution
advisories | CVE-2005-1852
MD5 | 6501bb5db4bff1d0c1010613d599b16c
KDE Security Advisory 2005-07-18.1
Posted Jul 19, 2005
Authored by KDE Desktop | Site kde.org

KDE Security Advisory: Kate / Kwrite create a file backup before saving a modified file. These backup files are created with default permissions, even if the original file had more strict permissions set. Depending on the system security settings, backup files might be readable by other users. All maintained versions of Kate and Kwrite as shipped with KDE 3.2.x up to including 3.4.0. KDE 3.1.x and older and KDE 3.4.1 and newer are not affected.

tags | advisory
advisories | CVE-2005-1920
MD5 | f7346e280ce9a768445fd5983b052faf
Posted Jul 12, 2005
Authored by Ilja van Sprundel | Site suresec.org

A race condition vulnerability has been found in the ia32 compatibility execve() systemcall of the Linux kernel. The race condition may lead to heap corruption. Versions up to 2.4.31 and 2.6.6 are affected.

tags | advisory, kernel
systems | linux
advisories | CVE-2005-1768
MD5 | d3d8659f1b53b656ded2430e67270208
Echo Security Advisory 2005.13
Posted Jul 8, 2005
Authored by Echo Security, Dedi Dwianto | Site echo.or.id

MetaCart e-Shop is susceptible to SQL injection and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, sql injection
MD5 | 9591b07503fc02e7a6d7f22e2ce16735
Posted Jul 1, 2005
Authored by Christopher Kunz

Serendipity version 0.8.2 and below suffer from a remote command execution flaw.

tags | advisory, remote
advisories | CVE-2005-1921
MD5 | 57f6aa66cdfb12fcdeca32491121301a
Echo Security Advisory 2005.21
Posted Jun 25, 2005
Authored by Echo Security, the_day | Site theday.echo.or.id

SQL injection and cross site scripting vulnerabilities exist in ActiveBuyAndSell version 6.2.

tags | exploit, vulnerability, xss, sql injection
MD5 | ee5551b4a5153e5d71c800e2d028bb19
Posted Jun 23, 2005
Authored by Wade Alcorn | Site portcullis-security.com

A programming error exists in the function that parses commands in the Asterisk 1.0.7 system. This is used by the manager interface if the user is allowed to submit CLI commands. The coding error can result in the overflow of one of the parameters of the calling function.

tags | advisory, overflow
MD5 | df2b41912f37ecf3899c9cd540b57d35
Echo Security Advisory 2005.19
Posted Jun 23, 2005
Authored by Echo Security, the_day | Site theday.echo.or.id

A huge slew of SQL injection flaws exist in the DUWARE product inline, including but not limited to DUportal Pro, DUamazon Pro, and more.

tags | exploit, sql injection
MD5 | c5fe79c7777b3ae8f5b10525761c8ff8
Echo Security Advisory 2005.18
Posted Jun 21, 2005
Authored by Echo Security, Dedi Dwianto | Site echo.or.id

Multiple SQL injection vulnerabilities exist in Ublog Reload version 1.0.5.

tags | exploit, vulnerability, sql injection
MD5 | 2653ef9ff31d1fb8373b63f08748f37d
Posted Jun 21, 2005
Authored by Stefan Esser | Site hardened-php.net

During an evaluation of Trac, an input validation vulnerability was discovered which can lead to arbitrary uploading and downloading of files with the permission of the web server.

tags | advisory, web, arbitrary
MD5 | 00dba04475bd475b6868aa919975df73
Echo Security Advisory 2005.14
Posted Jun 18, 2005
Authored by Echo Security, Dedi Dwianto | Site theday.echo.or.id

Liberum Help Desk versions greater than 0.97.3 suffer from various cross site scripting and SQL injection flaws.

tags | exploit, xss, sql injection
MD5 | b92dee53f638603d3cf3072d7956e72f
KDE Security Advisory 2005-04-21.1
Posted Jun 1, 2005
Authored by KDE Desktop | Site kde.org

KDE Security Advisory: kimgio contains a PCX image file format reader that does not properly perform input validation. A source code audit performed by the KDE security team discovered several vulnerabilities in the PCX and other image file format readers, some of them exploitable to execute arbitrary code.

tags | advisory, arbitrary, vulnerability
advisories | CVE-2005-1046
MD5 | 7bb96ff48b232106a11fc4577e281669
KDE Security Advisory 2005-04-20.1
Posted Jun 1, 2005
Authored by KDE Desktop | Site kde.org

KDE Security Advisory: Kommander executes without user confirmation data files from possibly untrusted locations. As they contain scripts, the user might accidentally run arbitrary code.

tags | advisory, arbitrary
advisories | CVE-2005-0754
MD5 | abf1b939e8330ae965e85355160a55e7
Posted Mar 29, 2005
Authored by Ilja van Sprundel | Site suresec.org

The Bluetooth code in the Linux kernel has a flaw that allows for local privilege escalation. Versions affected are greater than or equal to 2.4.6, less than or equal to 2.4.30-rc1, and 2.6.x up to

tags | advisory, kernel, local
systems | linux
MD5 | e468254b361406324ed6b350c9a97919
Posted Mar 25, 2005
Authored by Psirac | Site rexotec.com

OpenMosixView versions 1.5 and below are susceptible to multiple race conditions that allow for local filesystem compromise. Exploit provided.

tags | exploit, local
MD5 | eba76616efb2ea4e09947708e43bc2e6
KDE Security Advisory 2005-03-16.1
Posted Mar 22, 2005
Authored by KDE Desktop | Site kde.org

KDE Security Advisory: Sebastian Krahmer of the SUSE LINUX Security Team reported a local denial of service vulnerability in KDE's Desktop Communication Protocol (DCOP) daemon better known as dcopserver. Systems affected: All KDE version prior to KDE 3.4 on systems where multiple users have access.

tags | advisory, denial of service, local, protocol
systems | linux, suse
advisories | CVE-2005-0396
MD5 | 306be3b111f82a63bcc81f34ca6e27d9
Posted Feb 28, 2005
Authored by HaCkZaTaN | Site neossecurity.net

phpBB version 2.0.12 is susceptible a full path disclosure flaw.

tags | advisory
MD5 | 7ff927eed0720c6ca65b73d4124b6eae
Posted Feb 28, 2005
Authored by John Gumbel

Improper handling of several arguments in the moderate.php code in punbb version 1.2.1 allows a malicious moderator to inject arbitrary SQL statements.

tags | exploit, arbitrary, php
MD5 | 0fa245da1da2ee450650915c291a331a
Posted Feb 28, 2005
Authored by John Gumbel

Due to a flaw in punbb version 1.2.1, a remote attacker without an account can set the password of any user on the system to NULL, effectively shutting them out of the system.

tags | exploit, remote
MD5 | 2fca37c706129ea7a3acd4dc2f838553
Posted Feb 28, 2005
Authored by John Gumbel

A remote attacker can cause register.php punbb version 1.2.1 to execute arbitrary SQL statements by supplying malicious values to the language or email parameters.

tags | exploit, remote, arbitrary, php
MD5 | 49e3dec810dbe71cfb281699c1269f7d
KDE Security Advisory 2005-02-15.1
Posted Feb 25, 2005
Authored by KDE Desktop | Site cve.mitre.org

KDE Security Advisory: The fliccd binary, when installed suid root, is susceptible to various stack overflows that allow for privilege escalation.

tags | advisory, overflow, root
MD5 | a87caaad34957e1b96ca131acf1569e1
Posted Feb 18, 2005
Authored by Anton Rager

Advanced Cross-Site-Scripting with Real-time Remote Attacker Control - Some people think XSS attacks are no big deal, but I plan to change that perception with the release of this paper and an accompanying tool called XSS-Proxy which allows XSS attacks to be fully controlled by a remote attacker. This paper describes current XSS attacks and introduces new methods/tool for making XSS attacks interactive, bi-directional, persistent and much more evil. This is not a detailed XSS HowTo, but an explanation of methods for taking XSS attacks much further. Attackers can access sites as the victim or forward specific blind requests to other servers.

tags | paper, remote, web
MD5 | e8745770f3e096cf690dba797b39c2c4
Page 1 of 4

File Archive:

October 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    25 Files
  • 2
    Oct 2nd
    13 Files
  • 3
    Oct 3rd
    1 Files
  • 4
    Oct 4th
    1 Files
  • 5
    Oct 5th
    15 Files
  • 6
    Oct 6th
    15 Files
  • 7
    Oct 7th
    15 Files
  • 8
    Oct 8th
    11 Files
  • 9
    Oct 9th
    3 Files
  • 10
    Oct 10th
    1 Files
  • 11
    Oct 11th
    1 Files
  • 12
    Oct 12th
    8 Files
  • 13
    Oct 13th
    12 Files
  • 14
    Oct 14th
    23 Files
  • 15
    Oct 15th
    4 Files
  • 16
    Oct 16th
    13 Files
  • 17
    Oct 17th
    1 Files
  • 18
    Oct 18th
    1 Files
  • 19
    Oct 19th
    27 Files
  • 20
    Oct 20th
    41 Files
  • 21
    Oct 21st
    15 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2020 Packet Storm. All rights reserved.

Security Services
Hosting By