HP Security Bulletin HPSBMU02792 SSRT100820 - A potential security vulnerability has been identified with HP Business Service Management (BSM) . The vulnerability could be remotely exploited to allow unauthorized disclosure of information, unauthorized modification, and Denial of Service (DoS) Revision 1 of this advisory.
87ee6408887b1f21eec68ff57a37c58194ab7d3e4fb41b1a14c42d30bb20334b
With Windows 2000 Microsoft introduced the inheritance of access rights and new Win32-API functions like SetNamedSecurityInfo() which handle the inheritance. SetNamedSecurityInfo() but has a serious bug: it applies inheritable ACEs from a PARENT object to a target object even if it must not do so, indicated by the flags SE_DACL_PROTECTED and/or SE_SACL_PROTECTED in the security descriptor of the target object.
5d8b14a5d15a03df25e643a38f6f8f932a1379ba54d10e6864267f7ae5de12f3
HP Security Bulletin HPSBUX02791 SSRT100856 - Potential security vulnerabilities have been identified with HP-UX Apache Web Server running PHP. These vulnerabilities could be exploited remotely to execute arbitrary code, elevate privileges, or create a Denial of Service (DoS). PHP is contained in the HP-UX Apache Web Server Suite. Revision 1 of this advisory.
82242c858879c5590d3cc4aa2be0779747605eb91aaebb7622591ecb8aca1651
HP Security Bulletin HPSBUX02789 SSRT100824 - Potential security vulnerabilities have been identified with HP-UX CIFS-Server (Samba). The vulnerabilities could be exploited remotely to execute arbitrary code or elevate privileges. Revision 1 of this advisory.
18a75793c99460c649e856173de1d4e2b746ae5d8223c6908af7703f3b5ab684
iBoutique eCommerce version 4.0 suffers from cross site scripting and remote SQL injection vulnerabilities.
b9d8020c62cfd37895538cb2c3dbd4915df7a982bcdb8a2598c05df919c7bcd0
The SolarWinds Orion Network Performance Monitor 9.1 and prior contains a blind SQL injection flaw on the 'Login.asp' page. An attacker can leverage this flaw to execute arbitrary SQL commands and extract sensitive information from the backend database using standard blind SQL injection exploitation techniques.
f4297d4df9c7cacbca1f10534a0d4c968fff5b9b90fe6f1cbd3316b6cc0ac1d1
e107 Tap plugin version 2.0 suffers from a remote shell upload vulnerability.
16d450b6820569c25505641914654435ddd38724cabde859aebdd200c217525b
e107 Radio Plan plugin version 2.06 suffers from a remote shell upload vulnerability.
5220d8a9f509f1a911a75ce3797603c70b92f27bd86d8e23024038f88f0290ca
e107 Hupsi Share plugin version 1.00 suffers from a remote shell upload vulnerability.
01edcafd988a763a0655922e61b5d35515bc3ba601616b9aca3fb8f4ed687449
e107 Image Gallery plugin version 0.9.7.1 suffers from a remote file disclosure vulnerability.
1f7d952a66337a9793777b6c5584a8fced88cabd97560d6834e5f3fd3fb3029e
e107 Hupsi Media Gallery plugin version 1.0 suffers from a remote shell upload vulnerability.
cf798872e71c9fa0094aa28aab7cb5fe4bb92f07513ffad6e92a20748e2682d9
e107 Hupsi Fancybox plugin version 1.0.4 suffers from a remote shell upload vulnerability.
727a4c7d0667d51fdc6d9063229dfbd1e7e1bb30b5ff957fb971eb33023c1113
e107 Filemanager plugin version 1.0 suffers from a remote shell upload vulnerability.
1d93b23a1ed5130b4f2f0502a0ad4874fa5922b73334e7298c15b985733e50fe
e107 FileDownload plugin version 1.1 suffers from shell upload and file disclosure vulnerabilities.
4c9eeefd5a414c20c21f82970080248e3086771b1fd32ec3268620ead5403a56
AdaptCMS version 2.0.2 suffers from cross site scripting vulnerabilities.
97186847792218b50bd50c087ed631bbd8f1b4936aac301043dad7bf2fffd224
BlogX suffers from a database disclosure vulnerability.
27a6d02fb7e97c66b9bee72cb598a630daeceede8130f4b684117e42a22e9493
CMS Balitbang suffers from cross site request forgery and cross site scripting vulnerabilities.
9ba47dbd951a49309c5fffb500e8f83f059551fb85d0488afb275d9e89d33102
WHCMS version 5.0.3 suffers from a remote file inclusion vulnerability.
532e03e38b10d3f50c3d381338ca5d1080316250f117137d65fe8c59a7e2d019
Sana Net suffers from a remote SQL injection vulnerability.
d491a5a72f433e70dc437aad5c7566578adb0b5c61241911fd93e1130630f84f
Fireshop suffers from a remote SQL injection vulnerability.
36d870fb070fb835a26adc1353be0922620e046bd24f7e31f4e19c3ade9e55cd
Sonna suffers from a remote SQL injection vulnerability.
3e384e602123e1e3714cb3a6de449d3115f1eb9f1d640ccfb070cff8cf0d70aa
ASP Content Management suffers from a remote database disclosure vulnerability.
ed2c1c995ba55abc3d684e158935240fbf5549efa2590b99e3a007e08eb041b7
Pro Clan Manager version 0.4.2 suffer from administrative bypass and shell upload vulnerabilities.
91de8e3281c1f4f38ec58022b3f86bbd3170212247a3c4bcacc892b75a42aa35
Secunia Security Advisory - A vulnerability has been reported in IBM Lotus Notes, which can be exploited by malicious people to compromise a user's system.
2398debb3b62cc926248c46f13de29c17ce2da8c7d1812f056caffa86086a8fc
Secunia Security Advisory - A security issue has been reported in ZTE Score M, which can be exploited by malicious people to bypass certain security restrictions.
7fbb21bd561c829dca3d80b5d64b04cd2992333eb875600c3dc1b3f41448aa6d