Peel SHOPPING versions 2.8 and 2.9 suffer from cross site scripting and remote SQL injection vulnerabilities.
17013c953a7f95786dfb2ecad6a020c83079109d6d36eb30367f8a13d03dee28RSA has announced security fixes to address an environmental variable disclosure vulnerability in RSA enVision 4.x.
97f7dbd3b90747a39a85bb786df93e20edc32f71fe20d64447b9568be6609ee7EMC NetWorker Server 7.5.x and 7.6.x contain a buffer overflow vulnerability which may possibly be exploited to cause a denial of service or, possibly, arbitrary code execution.
0c2f16df9895b9a9de4b10982e56916be916e3bb0dc120e8232b516c0554f882xClick Cart versions 1.0.1 and 1.0.2 suffer from a cross site scripting vulnerability.
bcdba6e1a2a10dc5c0b8b5f306c9a121c7949bd1b52de3780b73383a3a2e6c07Register Plus versions 3.5.1 and below for WordPress suffer from code execution, cross site scripting and path disclosure vulnerabilities.
8af0748bb44a2d219bb2dab50499ab80ee471af807d2e71af2be053afca0860dThis Metasploit module exploits a stack buffer overflow in the create folder function in Sysax Multi Server 5.50. This issue was fixed in 5.52. You must have valid credentials to trigger the vulnerability. Your credentials must also have the create folder permission and the HTTP option has to be enabled. This Metasploit module will log into the server, get your a SID token and then proceed to exploit the server. Successful exploits result in LOCALSYSTEM access. This exploit works on XP and 2003.
9c89a9721eaaf34e5b28601af5c5497ccf1f5855860d05b1399eb663bcde037cCisco Security Advisory - Cisco IronPort Email Security Appliances (ESA) and Cisco IronPort Security Management Appliances (SMA) contain a vulnerability that may allow a remote, unauthenticated attacker to execute arbitrary code with elevated privileges. Workarounds that mitigate this vulnerability are available.
4864f4e17fe47b8f6178a603e1cc20bb9f967ec80c223712f14bfa2e367c5c8cUbuntu Security Notice 1349-1 - It was discovered that the X wrapper incorrectly checked certain console permissions when launched by unprivileged users. An attacker connected remotely could use this flaw to start X, bypassing the console permissions check.
1c42f23752a398bf3b5d5ac117d5bd2075e69736a4ce1f6e67c0f2e952f6da84PHPList version 2.10.9 suffers from cross site request forgery and cross site scripting vulnerabilities.
156406175499db29e968856e912ccff0b2c4c1aa66ff94fd3a2977ec74379288VR GPub version 4.0 suffers from a cross site request forgery vulnerability.
5c3013cdb2082412cf2d8ba5b3215c6f53bd60379f3fd0b3342da270893d0d0dUbuntu Security Notice 1348-1 - It was discovered that ICU did not properly handle invalid locale data during Unicode conversion. If an application using ICU processed crafted data, an attacker could cause it to crash or potentially execute arbitrary code with the privileges of the user invoking the program.
ed1d39bd80eff20f1ebd24a942fc58795fee0111ae68d13afad8db1b3fdbc5a0Multiple etsi.org subdomains suffer from cross site scripting vulnerabilities.
ccc5522089f8ee652b28dc209c73262d2f2707419c2bcb070a8903acfe080c52The WordPress Slideshow Gallery 2 plugin suffers from a cross site scripting vulnerability.
95f81ff5d5319986839d3984fe04c5f19ec6e9cb57da1a036a73eb93c22cc4caUbuntu Security Notice 1342-1 - J. Aedla discovered that the kernel incorrectly handled /proc/<pid>/mem permissions. A local attacker could exploit this and gain root privileges.
e45dfdf1bd3525fa9a4dec53277bd6a8765bd88fef7c83ac37ee4a2fc90d56f4The Joomla Products component suffers from multiple remote SQL injection vulnerabilities.
16fe7260bde5adf260a7e400d2c3e713031e4353fb1630b08f7999376850f6bfThe Joomla Motor component suffers from a remote SQL injection vulnerability.
0cd5df780696abbfce7cdc3eb9913c71bd63775e64a0968a4cdab979e3ccb3fcSecunia Security Advisory - Two vulnerabilities have been reported in the Drupal Commerce module for Drupal, which can be exploited by malicious users to conduct script insertion attacks.
84f13aeb9b96c5ef7d4414b5e5fd62d16096c973d6300e2ec56a7f46e8fa0472Secunia Security Advisory - A vulnerability has been reported in NX Web Companion, which can be exploited by malicious people to compromise a user's system.
2ff84c38143ee06b479145f52641125156d40038be92cd854053915671838d35Secunia Security Advisory - A vulnerability with unknown impact has been reported in the JE Story Submit component for Joomla!.
c9afe7cb21ec2c9afa2e9a1d2b73a392dbcab83a364e32047abe8a8abb0e9da7Secunia Security Advisory - Parvez Anwar has discovered a vulnerability in Caminova DjVu Browser Plug-in, which can be exploited by malicious people to compromise a user's system.
5611a913694324190faf161dbff038e9a0376bfe350fe2eb36a15a697044d0c9
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed