Invision Power Board versions 2.3.5 and below remote exploit that brute forces, attempts IDS evasion, and more.
7779c993b7397aaec65eef50dc7ff88cbb5936a2ae85c14d56352edc8fc4a524Zero Day Initiative Advisory 12-141 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the .NET Framework. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within Microsoft .NET XAML Browser Application (XBAP) handling of Clipboard object data. It is possible to cause unsafe memory access within System.Windows.Forms.Clipboard, allowing an attacker to control the memory used by an object's native code. This unsafe access allows for control of a function pointer, which can be exploited to remotely execute code. In the case of Internet Explorer, execution of attacker code occurs outside of the Protected Mode sandbox.
8a9c280b793fd5689ee6d1eab372451da1a6ddfa522f51fffe5b3eeaf469a90fThe Joomla Fireboard component suffers from a remote SQL injection vulnerability.
8d0c501fd44b32f026ce7af1a5f8051a166362be2831982e2e13f188b4977cdbPBBoard version 2.1.4 suffers from improper authentication, improper access control, and remote SQL injection vulnerabilities.
98c660124db3dfdff27f3497939655798807cd19db3c0489fbf39341a0590cb1Secunia Security Advisory - High-Tech Bridge has discovered multiple vulnerabilities in PBBoard, which can be exploited by malicious people to conduct cross-site request forgery and SQL injection attacks and bypass certain security restrictions.
3e5245cff4373e675591f071b3ec2cb3e224dbf16678337292e0c91237905f0aPower Bulletin Board versions prior to 2.1.4 authentication bypass and add administrator exploit.
029b52340f5c1e7a0fdaa00422646752976486d49f4a8818ec05d4afbc957dd2Secunia Security Advisory - A vulnerability has been reported in Blackboard Learn, which can be exploited by malicious people to conduct cross-site scripting attacks.
464769021f84062862979d21d00ae879e9ac5d8ca21ef3a42ca54e644ec85b3dURLCrazy is a tool that can generate and test domain typos and variations to detect and perform typo squatting, URL hijacking, phishing, and corporate espionage. It generates 15 types of domain variants, knows over 8000 common misspellings, supports multiple keyboard layouts, can check if a typo is a valid domain, tests if domain typos are in use, and estimates the popularity of a typo.
744bfee0933dc8f1f2432528d5f7c5ce770416146ddc67b984b5117426e99dcdSimple Packet Sender (SPS) is a Linux packet crafting tool. It supports IPv4, IPv6 (but not extension headers yet), and tunneling IPv6 over IPv4. Written in C on Linux with GUI built using GTK+. Both source and binaries are included. Features include packet crafting and sending one, multiple, or flooding packets of type TCP, ICMP, or UDP. All values within ethernet frame can be modified arbitrarily. Supports TCP, ICMP and UDP data as well, with input from either keyboard as UTF-8/ASCII, keyboard as hexadecimal, or from file. Various other features exist as well.
3e2b136f015fae19c61b2b118d1d58402b2d75b2f9c0c22031532788387ffcbeBlackboard Mobile Learn version 3.0 suffers from a persistent cross site scripting vulnerability.
b4e651e38bbb3294f231eb8e3bb086bfc5350b4b6edc00836d34547e9116fdeePBBoard CMS version 2.1.4 suffers from cross site request forgery and cross site scripting vulnerabilities.
3504eeef961d0a59f49c9ee08fb6ee83c790ce14364fa6fe2751a1e2eab9d1a9SMF Board version 2.0.2 suffers from multiple cross site scripting vulnerabilities.
c9ae40521ca14dc1b3769503b4731284c9910f6abe411ca09d1b0b085880e22cElite Bulletin Board version 2.1.19 suffers from a remote SQL injection vulnerability.
38ceedd2da888919b9e4f13ce5a14bd3fb372a6bf5708329aa373a96263aba8fSecunia Security Advisory - A vulnerability has been reported in IP.Board, which can be exploited by malicious people to conduct cross-site scripting attacks.
ab703828007c80693a45cdbf59a4d3cb9f2eef87b0631bdcd60b4d6471f987a6Secunia Security Advisory - A vulnerability has been reported in YY Board, which can be exploited by malicious people to conduct cross-site scripting attacks.
2bece58370110e0f9f7d950a2b180a4d24943c499c14b311d87230b49e8f61d1Secunia Security Advisory - A vulnerability has been reported in IP.Board, which can be exploited by malicious people to conduct cross-site scripting attacks.
cda6881bbf77aed21b0441e84b1dc5287ad4cd6d8a7a3e42df2f803ebc863c03HP Security Bulletin HPSBMU02776 SSRT100852 - Potential security vulnerabilities have been identified with HP Onboard Administrator (OA). The vulnerabilities could be exploited remotely resulting in unauthorized access to data, unauthorized disclosure of information, and Denial of Service (DoS). Revision 1 of this advisory.
81bc660490835ba3e0d0c8bb863ac4728f1c3963fde22d565671ac239b46f148Secunia Security Advisory - Multiple vulnerabilities have been reported in HP Onboard Administrator, which can be exploited by malicious people to disclose potentially sensitive information, cause a DoS (Denial of Service), and potentially compromise a vulnerable system.
8d1911634e157101a1ad0325ae2c325e52fea6bdd9480e4028992ef0bc5c0a91This Metasploit module exploits multiple cross site request forgery (CSRF) vulnerabilities in admin.php in PBBoard 2.1.4 to allow for arbitrary file upload / command execution.
f39d87cd2d0ecdc33b13e8ce46c0cbdb325accad08219c2178ea9f86295312c7PBBoard version 2.1.4 suffers from multiple remote SQL injection vulnerabilities.
7fe5b20927aaffae29776bb564eeb8a96670bea62bb6fcb45a4fd730c7f8b817PBBoard version 2.1.4 suffers from a local file inclusion vulnerability.
840dd61912dca2230c93d865025205fb5ad12c9b2ead84a1ac7013ffa24ea103This proof of concept code demonstrates a Microsoft Windows XP keyboard layouts pool corruption vulnerability, post MS12-034. The vulnerability exists in the function win32k!ReadLayoutFile() that parses keyboard layout file data.
54effee805a222747d3e4ec5807005657d3668ba3d5cbbdb7f184fa0ed2f64c3Secunia Security Advisory - A weakness has been reported in OpenStack Dashboard (Horizon), which can be exploited by malicious users to conduct session fixation attacks.
d3044d91166f37ce85dbf9a0770fb1b7e30f0500b02a307bf0f186aa0a42ac80Secunia Security Advisory - HP has acknowledged a vulnerability in HP Onboard Administrator, which can be exploited by malicious people to cause a DoS (Denial of Service).
ce2b8e1b2430e1b4b59d862065181ad43a9d63156427d33ddb29b0773691ba46HP Security Bulletin HPSBMU02766 SSRT100624 - A potential security vulnerability has been identified with HP Onboard Administrator (OA). The vulnerability could be exploited remotely resulting in a Denial of Service (DoS). Revision 1 of this advisory.
2e9ccfbbee1de3ca1818aa7517b75f495f859618c8c98560ebcdeea64acb9a42Siche Search version 0.5 Zerboard suffers from cross site scripting and remote SQL injection vulnerabilities.
067f41d3f889cb1910ea7d72e1827d4b03e904a5be02db9511345fb8fb53a510
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed