The Joomla Banner Component suffers from a SQL injection vulnerability.
5d219470b0f136f54dda15b90c21e0f257d6f85c482165a44502d5f0ba06d81fphpstak suffers from a remote file inclusion vulnerability.
323f164649dd4e8186dc751947b8f7a3dae1656c0e6f63c5748b289314b291c5wwwthreads 5.4.2 and prior suffer from multiple cross site scripting vulnerabilities.
b1ef28726e07dc33340c8f3569cc4da231bb64cc5c52893a7b61da9838adb4d9Kietu suffers from a local file inclusion vulnerability.
b9c033c3b0ec356b27dbafe07437d2f5302e9b28be1d8726190148cc057decd1PhotoStore suffers from multiple cross site scripting vulnerabilities.
e8597abd8eec3302faf3bce96bafc0ba96f43ea3472ceff15b78495aeb1f97e2Opial Audio/Video Download Management suffers from cross site scripting in index.php
325ddc04dd64f00aca912e982c6e54efd4992fb06eab091933e32ced03edf610toendaCMS suffers from a local file inclusion vulnerability.
cfa27594dce544149069606ee96212e6d3e43fd1b0ea6d67437daf4954d66b15ZoomStats suffers from a remote file inclusion vulnerability.
bd26ca36d15c1ddce78d401c9761bdb70376f9fb7faff06eed5ee90699321428MyPhotos 0.1.3b suffers from a remote file inclusion vulnerability.
b88a42d84f924be8248be66d29b5a5705892c0412c271e728423e876d1506a46RISE-2006002: There exists a vulnerability within a architecture dependent function of the FreeBSD kernel (FreeBSD 5.2-RELEASE through FreeBSD 5.5-RELEASE), which when properly exploited can lead to local compromise of the vulnerable system. This vulnerability was fixed in FreeBSD 6.0-RELEASE, but production (legacy) releases 5.2 through 5.5 are still vulnerable.
94ae7ebd3c47291aab33892e9d461968249c807d5246b761a801423c4e3cd32eWebNews suffers from a remote file inclusion vulnerability.
41f69a57cb07ccee040b09640853db06f309883a0343e5bf9c74880324c63db7FlushCMS suffers from a remote file inclusion vulnerability.
2b0606d734c45bd395d9f889953d68f22ebb8b8157a92361f802561e66cf02d4Mandriva Linux Security Advisory MDKSA-2006:169: A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Thunderbird program, version 1.5.0.7.
f33758df224b00509a71f9625a4e2c13401139dc010b8ab80ed346ac90633989Mandriva Linux Security Advisory MDKSA-2006-170: Webmin before 1.296 and Usermin before 1.226 does not properly handle a URL with a null ("%00") character, which allows remote attackers to conduct cross-site scripting (XSS), read CGI program source code, list directories, and possibly execute programs.
fcc70de1f0b8fb80bc654cefe2ac26bf287436e8af4d86d1327518633d1cb206SUSE Security Announcement SUSE-SA:2006:055: If an RSA key with exponent 3 is used it may be possible to forge a PKCS verify the certificate if they are not checking for excess data in the RSA exponentiation result of the signature.
8d222b929117b6ffaf793e8d87050c7a1e45882b6558aa5a8d06d705379ca1f6jevoncms (.inc) suffers from a path disclosure vulnerability.
04942ab2ced107cc8835e6631092fbdcfa1f8c6ee0483a8add86a62e2ae08cf9Plesk 7.5 and prior and 7.6 for windows suffer from an information disclosure vulnerability in the file manager.
bdd23e84ef0b4ca5190c3113a7d720f79eb92f19f1d7035510920a849629b192Trustix Secure Linux Security Advisory #2006-0052: multiple vulnerabilities in freetype, gnutls, gzip.
6d17ca94e55cae192ff3f2b2ca75395ab1547e816885e972b964868c6fe9dac2The Google Mini appliance 4.4.102.M.36 and below suffers from an information disclosure vulnerability.
f4f6c11bf54f8d829a99af3d79cb2f36eb0984d1145da99cfa6975774016da6bMySource Matrix versions 3.8 and below and MySource 2.x may be used as an unauthorized HTTP proxy.
9e44da0c3056acc315f38f8bf87e5f99cd7b2cc75d4f87e766cb0933ad2bbf9eContentKeeper 123.25 and below suffers from a design flaw in the user administration interface which reveals account passwords inside the HTML source code. Any authenticated user with appropriate access to the user administration page may use this information to compromise the accounts on other systems.
7fadf9fa09f5f30be956b15ebca46178ed641e6a8ee2f3737f361a88553df408Eskolar CMS Remote sql injection exploit.
7e3037cce7998d8e729b39e149e43917ceb853b54872abd62145e400e5dd36d7E-Vision CMS suffers from SQL injection and file upload vulnerabilities.
03e7d62a1db296fa531b2e17c7f4c010de7d181d51ca2b161889cdb6283bdc91Zachary McGrew has discovered and reported that the FiWin SS28S WiFi VoIP SIP/Skype Phone with firmware version 01_02_07 has VxWorks Telnet open with a hardcoded user/pass of 1/1. Various debug commands enable viewing SIP credentials, WEP keys, etc. on the phone.
138cdacc373d3af2dbbd24f6e8d71941abf2c06921c5be017a9267824cfd6155Woltlab Burning Board 2.3.X SQL Injection Vulnerability
1a2d647f855fcf4342296872c4932b18906bfefcb550fe99ba24dfba76f998d0
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed