Drupal versions prior to 7.16 suffer from arbitrary PHP code execution and information disclosure vulnerabilities. Version 6 is not affected.
18cb2c87e74ebbfd4c998ad47021b871b9bb38f412c18a7d8590840eac09cfc8OpenSSL versions below 0.9.7l and 0.9.8d SSLv2 client crash exploit.
cf2fa661fdd682ff85746a1fe91439e437ab9c13ea764a9f88fba19f2b8c43daThe Google Crawler could be leveraged as an anonymizer for launching remote file inclusion attacks.
1d9ac034caee1ce402b242faeef52d03b033b705d33d2a8ceee4d07f61800070There is a log manipulation vulnerability in Microsoft ISA Server 2004, which when exploited will enable a malicious user to manipulate the Destination Host parameter of the log file.
180e0b54cd958067ade383676e274a12124bedb9b441eba0612cd5038901f83aSiteman versions 1.1.10 and below remote administrative account addition exploit.
b877cfac097f68de3a9f7a2e28a40d53104a37f15d43fac11d8a0e3616a63bd3HelpBox version 3.0.1 is susceptible to multiple SQL injection attacks, including ones that do not require the attack to be logged in.
87e8a6e2016aa8666af63bb99a95022d6d845f836d4c59fa675d2a2e1c2496bdInternet Software Sciences's Web+Center version 4.0.1 suffers from a lack of sanity checking when parsing Cookie data and due to this is susceptible to a SQL injection attack. Full exploit provided.
e6fd7850e36b99da49d2e48ed56430740774adcc0722a02517238528e4f9634fPolar HelpDesk version 3.0 does not adequately verify whether the user logged onto the system has proper administrative access when performing administrative duties.
369c74af2bef236f285af211302fea6a714d58aababbfc74cde8cf5225e29562Serena Software's TeamTrack version 6.1.1 is susceptible to a sensitive content disclosure vulnerability that can be exploited without having valid login credentials. Full exploit provided.
4191339b894cafd37ff68e0c11cad6e7bb1acf9ff0f9dd3451335ff761ce077bNetSupport DNA Helpdesk 1.x is susceptible to a SQL injection vulnerability. Full exploit provided.
a38e02e674a7c12a4b1a0261fe4698c50758836182a131d2a0e1148be2617f39Leigh Business Enterprises's (LBE) Web HelpDesk versions 4.0.80 and below suffer from a SQL injection attack vulnerability. Full exploit included.
bd45f9f6fbfdd6f65136f34c999c7e00d14f2bed97b355a02acac0c7104f7e0aProof of concept exploit code for the Samba 3.x swat preauthentication buffer overflow vulnerability.
4158f15155b3674337e624ebd8a866125068f737a7539d02866f5178e49c89abA vulnerability in the Firebird Database's way of handling database names allows an unauthenticated user to cause the server to crash and overwrite a critical section of the stack used by the database. Version 1.0 is affected.
c4240f2e5fca1c1e74d84909a2142bb24a8cd2e298ffca0177b22046c5fb6e9eZaep AntiSpam 2.0 is susceptible to cross site scripting vulnerabilities.
3e7e4f123c4943e9bd523542e9c492ae9d9114fb2b02ef17bbd39fbb62c40969Outlook Express version 5.50 and 6.0 contains a security vulnerability in the handling of S/MIME certificates which allows arbitrary code execution when inspecting a S/MIME signed message.
bc9a16df800c23057348b4928f436978cd5a07b073ace82b10988bb236ad0dc1Outlook Express allows users to bypass many SMTP content protection programs by enabling the 'message fragmentation and re-assembly' feature. Vulnerable filters include GFI, Symantec, Trend Micro, and more.
f4e74ad446badf4dfeb8df4ef5e09926ea7b4179e2a15b6eeb976e5f55953a98iDEFENSE Security Advisory 08.28.2002 - Webmin v0.92 and below contains remote vulnerabilities which allow any file to be read from or written to as root. Perl exploit code included.
af31beb487c3d22656202899a2265acf6154205773815b6ae81b751d5177ca36
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed