what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 37 RSS Feed

Files Date: 2012-09-20

Red Hat Security Advisory 2012-1301-01
Posted Sep 20, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1301-01 - JBoss Enterprise Data Services Platform extends JBoss Enterprise SOA Platform to provide services for data virtualization, federation, and integration. This roll up patch serves as a cumulative upgrade for JBoss Enterprise Data Services Platform 5.3.0. It includes various bug fixes. The following security issue is also fixed with this release: It was found that the Teiid JDBC socket did not encrypt client log in messages by default. A man-in-the-middle attacker could use this flaw to obtain log in credentials and other JDBC traffic.

tags | advisory
systems | linux, redhat
advisories | CVE-2012-3431
SHA-256 | 976828574cc4e5269fed9ccf1341603216ebcf3d4163434b127cdd26adfb2e1c
Ubuntu Security Notice USN-1576-1
Posted Sep 20, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1576-1 - Sebastian Krahmer discovered that DBus incorrectly handled environment variables when running with elevated privileges. A local attacker could possibly exploit this flaw with a setuid binary and gain root privileges.

tags | advisory, local, root
systems | linux, ubuntu
advisories | CVE-2012-3524
SHA-256 | 6677312994a7727ec824bb41d1b1e25edee2fe8e4e1215d98961896838ab394b
Apache CXF SOAP Action Spoofing Attacks
Posted Sep 20, 2012
Authored by Colm O hEigeartaigh | Site cxf.apache.org

Apache CXF is vulnerable to SOAP Action spoofing attacks on Document Literal web services.

tags | advisory, web, spoof
advisories | CVE-2012-3451
SHA-256 | 265093c0400de4893cfcfb8c5d295612e2d9b4b4da83727f2ebd03463249a7fa
AShop 5.3.4 Cross Site Scripting
Posted Sep 20, 2012
Authored by HTTPCS

AShop version 5.3.4 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | e114296722d5b9386af3d0ae867f6b315a48827ab5cae7b0e9dbcb2dd47ab6de
Tariq Rauf SQL Injection
Posted Sep 20, 2012
Authored by Net.W0lf, Hack Center Security Team

Sites designed by Tariq Rauf suffer from a remote SQL injection vulnerability. Note that this finding houses site-specific data.

tags | exploit, remote, sql injection
SHA-256 | 7f69bcbac087f7d2eb2c9bbe5e558abc40f8e4d6ba58e72c1eab5ef148508290
NW7Design SQL Injection
Posted Sep 20, 2012
Authored by Net.W0lf, Hack Center Security Team

Sites designed by NW7Design suffer from a remote SQL injection vulnerability. Note that this finding houses site-specific data.

tags | exploit, remote, sql injection
SHA-256 | 1741c7cc4663936c92ed81e48db5f7d5fbaa616878c46671bb5935b14255bc05
Jessica Rhaye Design Cross Site Scripting
Posted Sep 20, 2012
Authored by Net.W0lf, Hack Center Security Team

Sites designed by Jessica Rhaye Design suffer from a cross site scripting vulnerability. Note that this finding houses site-specific data.

tags | exploit, xss
SHA-256 | 9ba9599a6296e28cb80944110f4b66a8911d8eefa416456d686fc5b3fcde79c7
Rocket Web Consulting SQL Injection
Posted Sep 20, 2012
Authored by Net.W0lf, Hack Center Security Team

Sites created by Rocket Web Consulting suffer from a remote SQL injection vulnerability. Note that this finding houses site-specific data.

tags | exploit, remote, web, sql injection
SHA-256 | f1633e127d2e86771f46f830dcd4cd4ad264e6079fe7e2a49f6f26b6e9184dca
Manhali 1.8 Local File Inclusion
Posted Sep 20, 2012
Authored by L0n3ly-H34rT

Manhali version 1.8 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | fb675c0676009be8eb4ecf2097e1a030dc723dc83cd5b08c32ef444b4fde2c85
Olojin SQL Injection
Posted Sep 20, 2012
Authored by Net.W0lf

Sites created by Olojin appear to suffer from a remote SQL injection vulnerability. Note that this finding houses site-specific data.

tags | exploit, remote, sql injection
SHA-256 | 4293f951d698479ee57d65d50d660180e8865b880df1866ec1782769acc96a86
Secunia Security Advisory 50664
Posted Sep 20, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Apache CXF, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
SHA-256 | ea32b4d37cdd7320b2911ed0e1ff82e28aceff77ce56680a7d226aaf465da091
Secunia Security Advisory 50672
Posted Sep 20, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in the PRH Search module for Drupal, which can be exploited by malicious people to conduct script insertion attacks.

tags | advisory
SHA-256 | 2b0a543a54015409166b0ca33668a56588bdbeb6f16fc68d5c7c3ed143eaac3c
cgCraft LLC SQL Injection
Posted Sep 20, 2012
Authored by Net.W0lf, Hack Center Security Team

Sites designed by cgCraft LLC suffers from multiple remote SQL injection vulnerabilities. Note that this finding houses site-specific data.

tags | exploit, remote, vulnerability, sql injection
SHA-256 | 96bd7ce98834913b9501e149372ef2a2ea2421a1b4b96ccfd3a08f0011631f6a
Cisco Security Advisory 20120620-ac-2
Posted Sep 20, 2012
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - The Cisco AnyConnect Secure Mobility Client is affected by multiple vulnerabilities including code execution. Cisco has released free software updates that address these vulnerabilities. Workarounds that mitigate these vulnerabilities are available. Revision 2.0 of this advisory corrects an inadvertent omission in the original advisory, which failed to list that the fixes also address a vulnerability in Cisco Secure Desktop, described by CVE-2012-4655.

tags | advisory, vulnerability, code execution
systems | cisco
advisories | CVE-2012-4655
SHA-256 | a52f6d5d083fc974978078f9cbd107d63b02f06d64a888f00c4f24dcfdc3931d
Microcart 1.0 Cross Site Scripting
Posted Sep 20, 2012
Authored by Joseph Sheridan, Chris Cooper | Site reactionpenetrationtesting.co.uk

The administrative directory of Microcart version 1.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2012-4241
SHA-256 | b822f2ee3606abdec8e3d8c1169fd994859e77baee7e7c7873b395f74a283d68
Drupal FileField Sources 6.x / 7.x Cross Site Scripting
Posted Sep 20, 2012
Site drupal.org

Drupal FileField Sources third party module versions 6.x and 7.x suffer from a cross site scripting vulnerability.

tags | advisory, xss
SHA-256 | 0646e1fe21f62ed1d52ec65355c19564768e53a5661aaf10d969102bf843370e
Thomson Wireless VoIP Cable Modem Authentication Bypass
Posted Sep 20, 2012
Authored by Glafkos Charalambous, George Nicolaou

This exploit leverages authentication bypass vulnerabilities in the Thomson wireless VoIP cable modem. It affects the TWG850-4 model.

tags | exploit, vulnerability, bypass
SHA-256 | cea6a6e04ceba1664ef59c383e65c0570aaf9427e085e40ab86134400cb990c6
Drupal Simplenews Scheduler 6.x PHP Code Execution
Posted Sep 20, 2012
Authored by Sascha Grossenbacher, Joachim Noreiko | Site drupal.org

Drupal Simplenews Scheduler third party module version 6.x suffers from an arbitrary PHP code execution vulnerability.

tags | advisory, arbitrary, php, code execution
SHA-256 | 0338d0b9bf77e2858fe599964e5a15cf1472907d48b30ce3c4aab742e9008852
ClubHACK Magazine Issue 32
Posted Sep 20, 2012
Authored by clubhack | Site chmag.in

ClubHACK Magazine Issue 32 - Topics covered include The Compliance Storm on the Horizon, Digital Signature in Mom's Guide, Cracking WPA/WPA2, and more.

tags | magazine
SHA-256 | f36a9193f36da3f25ab7557c3b5aa4ba5e931eabb00fb4e594476f86a1827ed5
WordPress Wp-TopBar 4.02 CSRF / XSS
Posted Sep 20, 2012
Authored by Blake Entrekin

WordPress Wp-TopBar plugin version 4.02 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
SHA-256 | f966999557b843cccaf4b51c843257fd06e60d41409a20425be67bfd7ca3d93b
Drupal Imagemenu 6.x Cross Site Scripting
Posted Sep 20, 2012
Authored by David Houlder | Site drupal.org

Drupal Imagemenu third party module version 6.x suffers from a cross site scripting vulnerability.

tags | advisory, xss
SHA-256 | 00bdc38ddc2cfd5c4ecd3d6f70bdbe27cc949e489992983268c51cccc1f85512
Microcart 1.0 Checkout Cross Site Scripting
Posted Sep 20, 2012
Authored by Joseph Sheridan, Chris Cooper | Site reactionpenetrationtesting.co.uk

Microcart version 1.0 Checkout suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2012-4241
SHA-256 | 10e01b1c87c017a984b968431a262fdf7f0d5932bc6408833c10e6cd532d4310
WordPress MF Gig Calendar 0.9.2 Cross Site Scripting
Posted Sep 20, 2012
Authored by Joseph Sheridan, Chris Cooper | Site reactionpenetrationtesting.co.uk

WordPress MF Gig Calendar plugin version 0.9.2 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2012-4242
SHA-256 | c0e1143e484b74d6ece34e62ebffd227079faf6c38d75dd73c87dd12b2bf6c21
Palestinian Wordlist
Posted Sep 20, 2012

This was submitted anonymously as a Palestine wordlist for cracking purposes. It has proper names of middle eastern figures, cities, and more.

tags | cracker
SHA-256 | 29e4632ecf61c4e7013b0a1252e46f45e85b190d38482d5cd6b7b5b89269f5e1
Joomla 2.5.6 Cross Site Scripting
Posted Sep 20, 2012
Authored by Stefan Schurtz

Joomla version 2.5.6 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | d76bba197769c768a7c9a47c8d81b2aa6931c6c4947bd69daf703f656280e914
Page 1 of 2
Back12Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close