Debian Security Advisory 1639-1 - It was discovered that twiki, a web based collaboration platform, didn't properly sanitize the image parameter in its configuration script. This could allow remote users to execute arbitrary commands upon the system, or read any files which were readable by the webserver user.
4e2eed41a5bac9f4c26e182d756b5b7c160bf03229a18455bd91ec97c0f95264Secunia Security Advisory - K-159 has reported some vulnerabilities in Attachmax, which can be exploited by malicious people to disclose sensitive information, conduct SQL injection attacks, and compromise a vulnerable system.
662d320ab124250d10de30be4d5f3e276a6827ed0ee9a309eb983ead93264c82E-PHP Shopping Cart suffers from a SQL injection vulnerability in search_results.php.
188a552f1b52c0e9de94d1c3fabc6f17e0aeabc8c56661cc0d229f9293dc81c3PHP Pro Bid version 6.04 suffers from a SQL injection vulnerability.
d7bfe11e044986b436ac1d527cee84778e7f25987c56eb411bf9c8e995752202LooYu Web IM only provides client-side input validation, allowing for anyone to commit cross site scripting attacks against anyone else using the service.
543fbeba13378ec901a733e5e1da6d70b5a0a7f7ee0a38bc32fe93addf197367Secunia Security Advisory - Multiple vulnerabilities have been reported in Kantan WEB Server, which can be exploited by malicious people to conduct cross-site scripting attacks and to disclose sensitive information.
f582d0af2e3e704d7677e7ec24075f0c62991ead541f6b1c938597a1ad33647bSecunia Security Advisory - r45c4l has reported a vulnerability in HyperStop Web Host Directory, which can be exploited by malicious people to bypass certain security restrictions.
431749307950dbf30396627c0c3371ee95c7b449c39b1e73c22ca3b31c895d0aSecunia Security Advisory - Neo Anderson & Jackh4xor have discovered a vulnerability in Assetman, which can be exploited by malicious users to conduct SQL injection attacks.
72b5faeb11fbf6395dc4937e6045e04afe5726c479712a22a2c7ebbbcd6b0b34fhttpd version 0.4.2 un64() remote denial of service exploit.
d09bcd8e1769b38b778c16e14702a86664a723794d9ae55f53d822929025a0ecE-PHP B2B Trading Portal is susceptible to a remote SQL injection vulnerability in listings.php.
ea5c79423b95b00172db58aea90758aa38555938db79d95dfa97bf94d60407f5strongSwan is a complete IPsec and IKEv1 implementation for Linux 2.4 and 2.6 kernels. It interoperates with most other IPsec-based VPN products. It is a descendant of the discontinued FreeS/WAN project. The focus of the strongSwan project is on strong authentication mechanisms using X.509 public key certificates and optional secure storage of private keys on smartcards through a standardized PKCS#11 interface. A unique feature is the use of X.509 attribute certificates to implement advanced access control schemes based on group memberships.
0633b8db265214764606a03a854d41de7633f79c8387da4ea34fe98a09a22a00VMware Security Advisory - Updated ESXi and ESX 3.5 packages address critical security issues in opewsman, where two remote buffer overflows exist in the decoding of HTTP basic authentication headers.
17ffbbf6fa819c6f0740dc4bc77f22a453a6abde32725e9cde6525deffff2c0fG DATA AntiVirus/InternetSecurity/TotalCare 2008 all suffer from a memory corruption vulnerability related to the GDTdiIcpt.sys kernel driver that can allow for a denial of service condition or execution of arbitrary code.
6d92c76ada4c68d5b45a89c21afae36573de23ed66acadc6850c9a05d6520ce8Pluck version 4.5.3 remote file corruption exploit that makes use of update.php.
08a973a7725737d6089afc71c023980bd3ad784fc33f7d02f8c85151f679fb4eNuMedia Soft NMS DVD Burning SDK Active-X related exploit that leverages NMSDVDX.dll.
459e5e8446f2c8327415352b54b04eeec7a14c46c05dcd6e8bb0d8516865811aSecunia Security Advisory - A vulnerability has been reported in Denora IRC Stats, which potentially can be exploited by malicious people to cause a DoS (Denial of Service).
0570657751d39121ba703562ffee44c22983b9c9e38365c0a49d07b2bcae4bebSecunia Security Advisory - StAker has discovered a vulnerability in WebPortal CMS, which can be exploited by malicious people to conduct SQL injection attacks.
d3999833c097b4f41687838a2cc54edd673d978d098fdf64dc30dc042d6e3dafSecunia Security Advisory - Eric BEAULIEU has reported a vulnerability in Accellion File Transfer Appliance, which can be exploited by malicious people to bypass certain security restrictions.
bbe5a9389e94212ea42896251cd0cc38cbc02d8c0ac1605bc4f181a3f8786801Secunia Security Advisory - A vulnerability has been reported in Gallery, which can be exploited by malicious users to conduct script insertion attacks.
0484b8e5439023f32f9f110dfcbd82b24d9e30bf4923431697487612af0824a7Secunia Security Advisory - A vulnerability has been reported in the Mailhandler module for Drupal, which can be exploited by malicious users to conduct SQL injection attacks.
bbb576a140e79682a4b1a756ad07f9c6eb012fa031911358e5b73c4b91213a21Secunia Security Advisory - rPath has issued an update for wireshark. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service).
0e461c3e7bc590031ca43e444b6b6763bb9b5a9cd5f4f9c24b3322ba50058467Secunia Security Advisory - A vulnerability has been reported in the Mailsave module for Drupal, which can be exploited by malicious users to conduct script insertion attacks.
e5772e732c1bcdd1facb423790c7d1724747bd6ec32ec7fc3c705d41fbf9377aSecunia Security Advisory - Tan Chew Keong has reported some vulnerabilities in Data Dynamics ActiveReports, which can be exploited by malicious people to overwrite arbitrary files and compromise a user's system.
7605bc82ca10661cd7e5369f04194d11cd32b570305476562fa2935a111bc446Secunia Security Advisory - A vulnerability has been reported in Sun Solaris, which can be exploited by malicious, local users to gain escalated privileges.
8d7b57d7bd8648d47d0e67edf7d3ddcd9d02c53d4d457eb11da9555674d87cc5Secunia Security Advisory - Brian Dowling has reported a vulnerability in FlexNET Connect, which can be exploited by malicious people to compromise a vulnerable system.
a2b13cf2bd35d6382b3b90cbb9b91b4c74364c951a0d4ee25b4ee7cd0e2127f2
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed