Left 4 Dead Stats version 1.1 suffers from a remote SQL injection vulnerability.
076ec161ec82a883a608b91bf7256e0eb085831f187a4a279e95c6412604efbe
Cura is a mobile phone application bundle of remote systems administration tools. It provides a personalized terminal emulator, a syslog module that allows for reading logs directly from a server, a SysMonitor module that visually graphs CPU and RAM usage percentages, access to Nmap, and Server Stats will offer general server information like its Vitals, Hardware information, Memory information, processes, and so on. A security feature will be implemented that allows users to have Cura's database completely wiped upon them sending the compromised phone a secret pattern of their choosing (e.g. send an SMS message containing "phone has been stolen!" to your Android phone to wipe Cura's database, and receive the location of the compromised phone as an SMS to your emergency phone number or as an email to your emergency email address).
1701fc58dc21a0ecb6c45f4836abb5e380f5e8214af1f3d389ec0e35ee46a019
Cura is a mobile phone application bundle of remote systems administration tools. It provides a personalized terminal emulator, a syslog module that allows for reading logs directly from a server, a SysMonitor module that visually graphs CPU and RAM usage percentages, access to Nmap, and Server Stats will offer general server information like its Vitals, Hardware information, Memory information, processes, and so on. A security feature will be implemented that allows users to have Cura's database completely wiped upon them sending the compromised phone a secret pattern of their choosing (e.g. send an SMS message containing "phone has been stolen!" to your Android phone to wipe Cura's database, and receive the location of the compromised phone as an SMS to your emergency phone number or as an email to your emergency email address).
79fd0da76674b5e455a947a43496357a83abbd086c7bf141c80764ec54afd32c
Cura is a mobile phone application bundle of remote systems administration tools. It provides a personalized terminal emulator, a syslog module that allows for reading logs directly from a server, a SysMonitor module that visually graphs CPU and RAM usage percentages, access to Nmap, and Server Stats will offer general server information like its Vitals, Hardware information, Memory information, processes, and so on. A security feature will be implemented that allows users to have Cura's database completely wiped upon them sending the compromised phone a secret pattern of their choosing (e.g. send an SMS message containing "phone has been stolen!" to your Android phone to wipe Cura's database, and receive the location of the compromised phone as an SMS to your emergency phone number or as an email to your emergency email address).
11557623033f83fd59c047df77732ae8b78ffc6326f727c0c1aea355a332f580
Cura is a mobile phone application bundle of remote systems administration tools. It provides a personalized terminal emulator, a syslog module that allows for reading logs directly from a server, a SysMonitor module that visually graphs CPU and RAM usage percentages, access to Nmap, and Server Stats will offer general server information like its Vitals, Hardware information, Memory information, processes, and so on. A security feature will be implemented that allows users to have Cura's database completely wiped upon them sending the compromised phone a secret pattern of their choosing (e.g. send an SMS message containing "phone has been stolen!" to your Android phone to wipe Cura's database, and receive the location of the compromised phone as an SMS to your emergency phone number or as an email to your emergency email address).
7535e3c956995ec088e0036a3ecb227af85f7e7498611ed214ba05bc70a26996
Torrent-Stats suffers from a denial of service vulnerability in httpd.c.
800bc0f63fdba947738b01388e1c4834532ab1fc95c5b2912e467da4293d8011
Secunia Security Advisory - A vulnerability has been discovered in DotA OpenStats, which can be exploited by malicious people to conduct SQL injection attacks.
3d8de16680e62fdd4a2a4d6d3a3863a127e87493d1bd58674ce190e8752fd07d
DotA OpenStats versions 1.3.9 and below suffer from a remote SQL injection vulnerability.
f9e47482cdb11bda2bc5cf30a5bfe67a56d61882988a88ca7ff3b8afaf761d6f
Ubuntu Security Notice 1294-1 - Peter Huewe discovered an information leak in the handling of reading security-related TPM data. A local, unprivileged user could read the results of a previous TPM command. Vasiliy Kulikov discovered that taskstats did not enforce access restrictions. A local attacker could exploit this to read certain information, leading to a loss of privacy. Qianfeng Zhang discovered that the bridge networking interface incorrectly handled certain network packets. A remote attacker could exploit this to crash the system, leading to a denial of service. Various other issues were also addressed.
acab8d51e69e89ac69916bfde79578d48d20a5c740ed8334923ba6a32afe7023
Ubuntu Security Notice 1285-1 - Andrea Righi discovered a race condition in the KSM memory merging support. If KSM was being used, a local attacker could exploit this to crash the system, leading to a denial of service. Vasily Averin discovered that the NFS Lock Manager (NLM) incorrectly handled unlock requests. A local attacker could exploit this to cause a denial of service. Vasiliy Kulikov discovered that taskstats did not enforce access restrictions. A local attacker could exploit this to read certain information, leading to a loss of privacy. Various other issues were also addressed.
6758df4905be75681d391dbdf0a22a6c0d585b02d7ae0b95ce6c9f405177ab7d
Ubuntu Security Notice 1279-1 - Andrea Righi discovered a race condition in the KSM memory merging support. If KSM was being used, a local attacker could exploit this to crash the system, leading to a denial of service. Vasily Averin discovered that the NFS Lock Manager (NLM) incorrectly handled unlock requests. A local attacker could exploit this to cause a denial of service. Vasiliy Kulikov discovered that taskstats did not enforce access restrictions. A local attacker could exploit this to read certain information, leading to a loss of privacy. Various other issues were also addressed.
a57a6a4677aad213b5b06f27421d5abb8eefa70db03930de1545039b4bd62c37
Ubuntu Security Notice 1275-1 - Vasiliy Kulikov discovered that taskstats did not enforce access restrictions. A local attacker could exploit this to read certain information, leading to a loss of privacy.
d80ad01354876eab576255c2bcf356baa28e1b46fd819624cd2d2de9c1971dd2
Ubuntu Security Notice 1260-1 - Vasiliy Kulikov discovered that taskstats did not enforce access restrictions. A local attacker could exploit this to read certain information, leading to a loss of privacy.
40cd6d7f9146c1c43ee131b46b98a2d9c89006e4772e5e974f49db0f54f12901
Secunia Security Advisory - Ben Schmidt has discovered a vulnerability in the WP Easy Stats plugin for WordPress, which can be exploited by malicious people to compromise a vulnerable system.
3d358b676cb6bacfd873e5f6d79a36eecff6d05e43d1252a2df41ff66908ec73
Secunia Security Advisory - MustLive has discovered two vulnerabilities in AWStats, which can be exploited by malicious people to conduct cross-site scripting attacks.
0cd7ab8ce6bbe825d65dbf994d9382ac1ae47cfa2a2821c4c8b40cec27083a15
Ubuntu Security Notice 1243-1 - It was discovered that the security fix for CVE-2010-4250 introduced a regression. A remote attacker could exploit this to crash the system, leading to a denial of service. Vasiliy Kulikov discovered that taskstats did not enforce access restrictions. A local attacker could exploit this to read certain information, leading to a loss of privacy. Vasiliy Kulikov discovered that /proc/PID/io did not enforce access restrictions. A local attacker could exploit this to read certain information, leading to a loss of privacy. Various other issues were also addressed.
17f248b3931a988aad14812534c1789db9fb19d3669e1520b000fb81fd5b0df9
Ubuntu Security Notice 1242-1 - It was discovered that the security fix for CVE-2010-4250 introduced a regression. A remote attacker could exploit this to crash the system, leading to a denial of service. Vasiliy Kulikov discovered that taskstats did not enforce access restrictions. A local attacker could exploit this to read certain information, leading to a loss of privacy. Vasiliy Kulikov discovered that /proc/PID/io did not enforce access restrictions. A local attacker could exploit this to read certain information, leading to a loss of privacy. Various other issues were also addressed.
544731c1bb12667fa7a9b5b5b16ac0871a169440d284556042daf2acc1e9a8f4
Secunia Security Advisory - Fedora has issued an update for awstats. This fixes two vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks.
107657305e39f19b9876be06455f1050533e854529c845f0282de55b44afd0f8
AWStats versions 6.0 and 7.0 suffers from CRLF injection, cross site scripting, HTTP response splitting, and remote SQL injection vulnerabilities.
59557071b1987b2fde0f1594bff019d2392bfda8e3b64f00a2219e1a52209747
WordPress WPEasyStats plugin version 1.8 suffers from a remote file inclusion vulnerability.
d3f013a760a7b4563260188e45ab4a66c858aef58be11b3225d2ee692195009e
WP-Stats-Dashboard version 2.6.5.1 suffers from a cross site scripting vulnerability.
267125d33a18c0bf9147f49eb589e14b9f0d600aebee93eaf437a0302e071f90
Secunia Security Advisory - High-Tech Bridge SA has discovered a vulnerability in the WP-Stats-Dashboard plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.
7d8641f40e5fe99d1010c6d44f9439ac6812daab187998bc771dae379e703c63
Secunia Security Advisory - High-Tech Bridge SA has discovered multiple vulnerabilities in the WP-Stats-Dashboard plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.
cd37d0e9e2ccaddcf38597d8e42e7743cc86a7c242a7a113d904a038ed3cdf4e
This Metasploit module exploits an arbitrary command execution vulnerability in the AWStats Totals PHP script. AWStats Totals version v1.0 - v1.14 are vulnerable.
5a5ef1d851e7541e28de7b53546932d0881adc18c9f19c4d8ea20156248a6ea5
SmarterStats version 6.0 suffers from cross site scripting, denial of service, command execution, and directory traversal vulnerabilities.
0836c7412eeb88d123a674b23d5f7ccaf25ad59b6cf315b294ccc95936d268b5
tplSoccerStats suffers from a remote SQL injection vulnerability.
29bbbb06aace402b7764cbb1e8d6af83f7550140b179cd35397141cd903ba14e