Team Johnlong RaidenTunes version 2.1.1 suffers from a cross site scripting vulnerability.
4199949d35c67667cd038d30a7f4e8a72521e296137d729dadf966fb082dfe7aDebian Linux Security Advisory 2085-1 - It was discovered that in lftp, a command-line HTTP/FTP client, there is no proper validation of the filename provided by the server through the Content-Disposition header; attackers can use this flaw by suggesting a filename they wish to overwrite on the client machine, and then possibly execute arbitrary code (for instance if the attacker elects to write a dotfile in a home directory).
c76579430fa5793f3b4707cde60f2c667c32c62026a9e2e75fe189140a1e8eb5This Metasploit module exploits a vulnerability in the handling of Windows Shortcut files (.LNK) that contain an icon resource pointing to a malicious DLL. This Metasploit module creates a WebDAV service that can be used to run an arbitrary payload when accessed as a UNC path.
9da276a24a186e88eecee809f9c847b33c7567cfb9d16ca26be2ac512e489408This Metasploit module exploits a stack overflow in Amlib's Amlibweb Library Management System (NetOpacs). The webquery.dll API is available through IIS requests. By specifying an overly long string to the 'app' parameter, SeH can be reliably overwritten allowing for arbitrary remote code execution. In addition, it is possible to overwrite EIP by specifying an arbitrary parameter name with an '=' terminator.
fe4b9c6660b9a78cd1ca60a3af4c9505711a0207a3d593097dec278c1746ef04Core Security Technologies Advisory - There is a buffer overflow vulnerability in the webappmon.exe CGI application included with HP OpenView NNM. This bug can be exploited by sending a cookie header with a maliciously crafted 'OvJavaLocale' value. Code execution is likely achievable in a reliable way.
48e7d6969af75120e25212535b0e4de84aa95958a93d04dd51c78c5ec17eb64fTwitter suffers from an open redirection vulnerability.
5507adcb3c469e7dd89849210b860d50b91f1043e843eb041746613c38584b74FuseTalk Forums version 4.0 suffers from cross site scripting vulnerabilities.
5ee584db26751a109875b62fc70560e5650c91e0f64ad17531e082f02cd68801iptables is built on top of netfilter, the packet alteration framework for Linux 2.4.x and 2.6.x. It is a major rewrite of its predecessor ipchains, and is used to control packet filtering, Network Address Translation (masquerading, portforwarding, transparent proxying), and special effects such as packet mangling.
1ac719d6265cf64220c80c0974ed9d35febdac2986bb96eeaa9c8c7959a1d306Secunia Security Advisory - Some vulnerabilities have been reported in Cisco ASA (Adaptive Security Appliance) 5500 Series, which can be exploited by malicious people to cause a DoS (Denial of Service).
0869d86e4e0d1927f18d50abc6307864fd633d09d3e8273f7915332c66f54193Secunia Security Advisory - A weakness has been reported in the Personal Classifieds plugin for JomSocial, which can be exploited by malicious, local users to manipulate certain data and potentially gain escalated privileges.
47699167dad65c933ddff49e080f9c2a9cc4e7aa8ef6d7ae0b4b4bbe5784383dSecunia Security Advisory - Some vulnerabilities have been discovered in PHPFinance, which can be exploited by malicious users to compromise a vulnerable system and by malicious people to conduct cross-site scripting and cross-site request forgery attacks.
959cc27f416b347ef04f9f999b1b7495ca5f5f3215752db79572f334815e61f7Secunia Security Advisory - Secunia Research has discovered a vulnerability in MantisBT, which can be exploited by malicious users to conduct script insertion attacks.
be3edea9c975512a0005dbb22ea850f6ee1875dad4558333776408f8ef27d997Secunia Security Advisory - A vulnerability has been reported in Invensys Wonderware ConfigurationAccessComponent ActiveX Control, which can be exploited by malicious people to potentially compromise a user's system.
ff5b0096026ff9745a03931bdf75df85ca364c2a76801cafedaaffca332e746dSecunia Security Advisory - Debian has issued an update for wget. This fixes a weakness, which can be exploited by malicious people to bypass certain security features.
1f64e011a5e20c955feca234ac0a5eba7b3a78340f703ffa1f8f1e91d6451301Secunia Security Advisory - A security issue has been reported in LVM2, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
35cb86f9de8e5361050341a07c819c5dd707049aba325e41b91bbdbb8bd366f0Secunia Security Advisory - IBM has acknowledged multiple vulnerabilities in IBM Java, where some have an unknown impact and others can be exploited by malicious people to bypass certain security restrictions, manipulate certain data, disclose potentially sensitive information, cause a DoS (Denial of Service), or compromise a vulnerable system.
38b2e32017d16649de314c1af40964af7198683c4dfdb94cebeec952a71c9dddSecunia Security Advisory - IBM has acknowledged a vulnerability in IBM Java, which can be exploited by malicious people to compromise a user's system.
4f1089bf08a381b6841573457529a82fa19cbcdebd43ee17dd3e9674c23ef1b8Secunia Security Advisory - A vulnerability has been discovered in UPlusFtp Server, which can be exploited by malicious users to compromise a vulnerable system.
a6ca1efdbe66af93b9a6da4a2eec40e2eb0bbf4143f8c37b50da113b6ed80bdeSecunia Security Advisory - A vulnerability has been reported in Piwik, which can be exploited by malicious people to disclose potentially sensitive information.
de6f0e82de7ae2c710116e99d254f6e95146f547f85add1ce0fb95990eff32b5Secunia Security Advisory - A weakness has been reported in the Kaltura module for Drupal, which may expose potentially sensitive information.
b026a197dae6656a58d7514e129f4602c7b0cd8795f4a19e1fb35801457560e8Secunia Security Advisory - Multiple vulnerabilities and security issues have been reported in TYPO3, which can be exploited by malicious users to conduct SQL injection attacks, manipulate certain data, and compromise a vulnerable system and by malicious people to conduct cross-site scripting attacks, HTTP redirect attacks, HTTP response splitting attacks, session fixation attacks, bypass certain security restrictions, and disclose potentially sensitive information.
fdf5f4f3a15c56cb30dd2b352a01de4582713e4eb915a9ac18e74aa4d91aa9f3Secunia Security Advisory - A vulnerability has been reported in the Dashboard module for Drupal, which can be exploited by malicious users to conduct script insertion attacks.
ab619c69bb8c3a875c173b4d87bcbee6a38e36640dbd6dbe76e083c86a7f465aSecunia Security Advisory - dotsafe.fr has discovered a vulnerability in SPIP, which can be exploited by malicious people to conduct cross-site scripting attacks.
041b39ee55f70119d405cfa3552691cfa407a634219ec9fb6cee0cb4c37bf64bSecunia Security Advisory - A security issue has been reported in the Sage Pay Direct Payment Gateway for Ubercart module for Drupal, which can be exploited by malicious people to disclose potentially sensitive information.
b9d4b2c9f136bd9f2fea320e0a5abcb081051d5fe27bb3d94e59438410a27ca0Secunia Security Advisory - Salvatore Fresta has discovered two vulnerabilities in the PhotoMap Gallery component for Joomla, which can be exploited by malicious users and malicious people to conduct SQL injection attacks.
27220400c4e87102060b560f16d372951b46b8f69d33a0a4ee3fc4d82cdaaa5d
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed