WikiNi 0.4.2 and below suffer from many XSS vectors.
230968c56c45c213bee5243bb454aa497a22046c9bce1630fb385c66a98ca5d5Foing Remote File Inclusion exploit
8adf654ddfa4b83fb8ae69dce42667b1db02ee59d1a04c55067c99c741d74c5bThe XSS vulnerabilities reported for UBBThreads 5.x,6.x will allow you to inject javascript and steal MD5 Hashes.
ea438861e9a77db23c4228e3e4e7186021706986c8938a24662f2f7508af5bddKAPDA #45: geeklog-1.4.0sr2 and prior versions suffer from Path Disclosure, XSS, SQL Injection vulnerabilities.
6b09738702a9e181800066e1ac01c9be8d1600e54090d79447b053ffedcf227bPhotoalbum B&W v1.3 suffers from XSS
e385c2855de0b358a5a38995f34d4b9d0e91aae65bf377a57caa92e601011f58Variomat CMS suffers from multiple SQL injection vulnerabilities.
9cf28c26ea590954e6b822a8484381835d5fd3f9c414eed9bc013d877938b180It is possible to DOS Java Apache Mail Enterprise Server (a.k.a. Apache James) by sending it a long SMTP argument. POC included.
cc3c20662b0fb8e4281f134d233ad98aa520497d76563802964f2c8ccd5e4b28EzUpload Pro v2.10 suffers from multiple remote file inclusion vulnerabilities.
d2a95cf5390c4ea2c1527008b3f7efa69b8246ec41d87a7a9e1701ae49382dffvCard 2.9 suffers from multiple XSS vulnerabilities.
d5033ecb3845a2fa8ef14f42569d39067ea42c534f7025a3e555703db22b80c7Multiple XSS vulnerabilities have been discovered in coolphp magazine.
a91d0e39a7dd45e96ee4f8ec06bd6010c8ce466f14ed72e225830fa24b7310acUbuntu Security Notice 288-1: postgresql-7.4/-8.0, postgresql, psycopg, python-pgsql vulnerabilities
9a506340043a3f542a00ae29e9117b73ceef922392f9234115347f088b9b5279Ubuntu Security Notice 287-1: The nagios CGI scripts did not sufficiently check the validity of the HTTP Content-Length attribute. By sending a specially crafted HTTP request with an invalidly large Content-Length value to the Nagios server, a remote attacker could exploit this to execute arbitrary code with web server privileges.
5e9eb73c9f438b4ecefd6e012aa971dade80f066d3fc35d41cedded74a6c9539Debian Security Advisory 1082-1: Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code.
b2c2ec10a7f438c348a95d77fa8aa09d897af538b1d2250b260bc7c2283a5dc5Debian Security Advisory 1081-1: Luigi Auriemma discovered a buffer overflow in the processing of ASF files in libextractor, a library to extract arbitrary meta-data from files., which can lead to the execution of arbitrary code.
b63bda0e6f0bee9216c35e85b9e84d03272ea93f7fbb2854ca9f397799c3dae1Debian Security Advisory 1080-1: A problem has been discovered in the IMAP component of Dovecot, a secure mail server that supports mbox and maildir mailboxes, which can lead to information disclosure via directory traversal by authenticated users.
27fad67d0b9f97104f55ecba2ad0a241d17c74ba358d35ed0ea75f0d15529bbeThe reporting function in Jiwa Financials 6.4.14 allows execution of arbitrary reports as SQL user with full SELECT, INSERT, UPDATE, DELETE SQL permissions.
ffe8d4a8b44066cc603685aa27447d14660b26131db8ab89620c95ae20d898cfThe Blend Portal for phpBB 2.x versions 1.2.0 and prior suffer from a remote file inclusion vulnerability in blend_data/blend_common.php.
26043a75c8ca03f053ab536808ac441b94295cc9ec102915ca11921fcab71565UBBThreads 5.x and 6.x suffer from multiple remote file inclusion vulnerabilities.
5750dd11ea621c8d492d5d53c12ed32c350b7b8fa50d38fe19c0fb5bb5f8afb1ASPSitem 2.0 and prior suffer from SQL injection in Anket.asp
8f53283f2325c0986b8c5ac47d3c5c776f310532f8afe0f0ef8746c54d14c7e5the Activity MOD Plus for phpBB 2.x suffers from a remote file inclusion vulnerability.
f6c704381020d028b6f30cbe59577a467aef3318dc375db14bb6852eed6ec5ccphpBB 2.x suffers from a remote file inclusion vulnerability in admin/admin_hacks_list.php.
fd7b5cd3fa1a5cb3e5341c0f01035e5db29142536f8360a53b33ce5688efd45dEggblog versions less than or equal to 3.x suffer from multiple SQL injection vulnerabilities.
de9b10bb7ba99c00efc9c0d8777a52e92b506c14966fc7129efe55f07fbe2dc5F@cile Interactive Web versions less than or equal to 0.8x suffer from multiple file inclusion vulnerabilities.
9b30e47e8e859e8257da24878a4ee9f5921c5a006df0e3aa62a1b879c095353dEnigma Haber versions less than or equal to 4.3 suffer from multiple SQL injection vulnerabilities.
6a42cbb6c33032e0870bfd953d93aec44ac1962300a25f2f658c9b797ea71a9ctinyBB versions less than or equal to 0.3 suffer from remote include vulnerabilities, SQL injection and XSS.
a392ae565fdbc080ee2c3ee64c1e30b738a227199d70bc3b4df45fc0e68d2710
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed