Mandriva Linux Security Advisory 2010-067 - This update provides a fix to the correction of CVE-2010-0307, which resulted in crashes when running i586 applications on x86_64.
e9d686b2d681d0ee44d0417d320df55d5acfa852e1925e0e3a344a72ec49947b
Open Web Analytics version 1.2.3 suffers from local and remote file inclusion vulnerabilities.
775a437a1765611d92661c4f7f41697e6982a9be40a452df1d2606795d4f83ff
MyOWNspace version 8.2 suffers from a local file inclusion vulnerability.
99b273050c30d320039d8e6b271527212f756ba0af887334d740f936b8d8dc0d
Whitepaper called File Traverse Fopen.
604e557f4ebab611f3a8d12f17fe7ddd68bbb849d7488f6f072ea1c3779428c6
Mini-Stream RM-MP3 Converter version 3.0.0.7 universal stack buffer overflow exploit that creates a malicious .pls file.
51ff695b5697d6c23b1235c10369f39c2c77956f7c56cdb643bc362cf5d2ec82
RuxCon 2010 Call For Papers - Ruxcon is the premiere technical computer security conference within Australia. Ruxcon aspires to bring together the individual talents of the best and the brightest security folk within the Aus-Pacific region, through live presentations, activities, and demonstrations. It will take place from December 4th through the 5th, 2010.
9d7f05b6d2811522e41478d287282f2a113e9554be09018c9212af013bc8542b
Easy Enterprise DMS suffers from cross site scripting, content injection, unauthorized file access and unauthorized manipulation of data vulnerabilities.
ffc5c8f644091d1f1953cb239720151c7c942d4d91d6630cc360fbfa5f7ea20c
Discuz! versions 7.2 and below suffer from a cross site scripting vulnerability.
560fd8e6e25b0619a343d5bc06be086fdb9c6e5d155e79da07ce5a7f44f0426e
Mandriva Linux Security Advisory 2010-068 - The xmlrpc extension in PHP 5.3.1 does not properly handle a missing methodName element in the first argument to the xmlrpc_decode_request function, which allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) and possibly have unspecified other impact via a crafted argument. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct this issue.
8cb11eca6a5ad875af5e8cda45b7935b9e5a430d25bdc9b630d474f2187ae6eb
Simple Machines Forum versions 1.1.8 and below avatar related remote php file execution proof of concept exploit.
09e4df12e53fb340adec42ac903bce0b62e886ec69532d49ef0e2fe8a071bd00
Uebimiau Webmail versions 2.7.2 and below suffer from cross site scripting and path disclosure vulnerabilities.
f1b74e0447a08833ad7d3eab8a211bd6d7014e53dc4ae9c14bb2ca3e470e2f74
Whitepaper documenting the recent Pwn2Own 2010 Windows 7 Internet Explorer compromise.
98aa82f07d8894e65cff840e18ab39473886dee9071e52d31cb111db7f4a2fb8
The Joomla Solution component suffers from a remote SQL injection vulnerability.
b0424ad6d47cc0883b213cf09205c060b9dc29eb3f38c42d96f5fabbdaec6a96
The Joomla dcsFlashGames component version 2.0RC1 suffers from a remote SQL injection vulnerability.
aadffee05e834ddbdcfb44aa8d3938ccbe3953bf8efd464cec07c9d01f31e603
New CMS version 1.12 suffers from a local file inclusion vulnerability.
a5a69a99d7ddcab39b2f72e3f99df7bff2412bdcbe8c708255a6631fa5bc7143
12 bytes small Win32/XP RU WinExec+ExitProcess cmd shellcode.
811a360edecd49358f880f4c15cadead20ec002b3a90bca090bcf1bbb789c84b
Flirt Matching SMS System remote SQL injection exploit.
0af35329ddc2f9b3010c8f384f5bbe42fe33b27767b06a8bdb0a50c5af95ea18
DaFun Spirit version 2.2.5 suffers from remote file inclusion vulnerabilities.
4f947e4b0c84b80eb20270a192c216953323276624f4794a1eb1a8b423cba10a
The openscap project is a set of open source libraries that support the SCAP (Security Content Automation Protocol) set of standards from NIST. It supports CPE, CCE, CVE, and CVSS.
37935b800db9738513bf22b7c04d8f921b08814a34d543cd679fe9585c88c9b2
CMSFaethon version 2.2.0 Ultimate suffers from local and remote file inclusion vulnerabilities.
dac9f071ea33ed633654c06c3ec99b229576feb1b3c89c1ae8955aca18341d5b
Leaftec CMS suffers from cross site scripting and remote SQL injection vulnerabilities.
ebef89b76b066a19e30c14e158edc850044a06ba3653a7a5faa72d5aba2c34be
Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.
eac3c87a53ef8be8a49e6b33dbbfb2c839d678ceec6ca9581908f75f23675a94
CyberCMS suffers from a remote SQL injection vulnerability.
f4bde0ec1b32390c6b34e672e86a66a72927cb3757d700cd1fe65ec706b51561
BPTutors Tutoring Site Script version 1.0 suffers from a cross site request forgery vulnerability.
1d6970eaecfb87a3cca8839be642a2cccc14ce34f27baba3867cfcd8c81ac0b1
The Kasseler CMS version 1.4.x Lite Jokes module SQL injection exploit.
21436a2be435f965084245d45d9eaaa3a3106f4812e90a5051064bdc261c9dfa