PHP-Fusion Team Structure Infusion suffers from a remote SQL injection vulnerability.
fe56cc3ad8cf8d69a82f6cfc1199c45c4a0f776e96da2f877885d15711d94004Debian Linux Security Advisory 2147-1 - Vincent Bernat discovered that pimd, a multicast routing daemon, creates files with predictable names upon the receipt of particular signals.
f232aace9a175937aa7f7f0c7ff2bea7f06c18880cc84f7db587dcd6d9b1d740Gentoo Linux Security Advisory 201101-7 - Due to a world-readable file, a local attacker can obtain the SQL database password used by Prewikka. The permissions of the prewikka.conf file are set world readable. Versions less than 0.9.14-r2 are affected.
20ca472eb6392c3a1ba2807199457a60fd65ad8ef00655f2a78408aea01a33ccSmoothWall Express version 3.0 suffers from cross site request forgery and cross site scripting vulnerabilities.
d61d1d4552d432caed489253b2758e1a41631dd9f5cbb82a97948fc26cf07602Gentoo Linux Security Advisory 201101-6 - An error in the hostname matching of IO::Socket::SSL might enable remote attackers to conduct man-in-the-middle attacks. The vendor reported that IO::Socket::SSL does not properly handle Common Name (CN) fields. Versions less than 1.26 are affected.
f2c98c9c78e0188c0ee5171ed3e46864b2a8198da4a45d9f7d72a335c18ad998Gentoo Linux Security Advisory 201101-5 - The cache manager of OpenAFS contains several bugs resulting in remote execution of arbitrary code. Versions less than 1.4.9 are affected.
9d87a7f902252e76bacdfa5d0e92da4a8229407644d9ad6441121493e1f5af12Attachmax Dolphin versions 2.1.0 and below suffer from remote file inclusion, information disclosure, and remote SQL injection vulnerabilities.
742ecc2ca9a40e8b5f9cc418dae1e8260fa65eb9c65347e223a0f1c863062b45Debian Linux Security Advisory 2146-1 - D. Fabian and L. Weichselbaum discovered a directory traversal vulnerability in MyDMS, a open-source document management system based on PHP and MySQL.
4b16d4bda7aa36476d5d4db1bf3af856ae66f6c98e5eec71b50bf5c706e059fdMandriva Linux Security Advisory 2011-011 - Multiple stack-based buffer overflows in libopensc in OpenSC 0.11.13 and earlier allow physically proximate attackers to execute arbitrary code via a long serial-number field on a smart card, related to card-starcos.c.
32f011a0e79d9f1674678ce07f5a9b3176f00a1e3488e3e311d5918e95c0136aDebian Linux Security Advisory 2145-1 - Andres Lopez Luksenberg discovered a buffer overflow in the OID parser of libsmi, a library to access SMI MIB data.
e78816eee8da8bbb98bc8e6fabaa42e0607c5711df3495d32c45fab2f9fb44dcMC Content Manager version 10.1.1 suffers from cross site scripting and path disclosure vulnerabilities.
3cc9cbcfa2a59681c7b07190cac097d52e9166477e4d4ce4697cfecf828bc3acMandriva Linux Security Advisory 2011-010 - Multiple vulnerabilities has been found and corrected in xfig. Stack-based buffer overflow in the read_1_3_textobject function in f_readold.c in Xfig 3.2.5b and earlier, and in the read_textobject function in read1_3.c in fig2dev in Transfig 3.2.5a and earlier, allows remote attackers to execute arbitrary code via a long string some of these details are obtained from third party information. Stack consumption vulnerability in u_bound.c in Xfig 3.2.5b and earlier allows remote attackers to cause a denial of service (application crash) via a long string in a malformed.fig file that uses the 1.3 file format, possibly related to the readfp_fig function in f_read.c. Stack-based buffer overflow in Xfig 3.2.4 and 3.2.5 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a FIG image with a crafted color definition.
09d1fc018db224e0d18827daac38a09a99348bd9d33232ed27421afb056fd732Gentoo Linux Security Advisory 201101-4 - A directory traversal vulnerability has been found in aria2. A directory traversal vulnerability was discovered in aria2. Versions less than 1.9.3 are affected.
a96901374636a32dd6142fbe6f125dd03eac614478c3edac6f8bbeb64e9759a9WiRouter KeyRec is a powerful and platform independent piece of software that recovers the default WPA passphrases of the supported router's models (Telecom Italia Alice AGPF, Fastweb Pirelli, Fastweb Tesley).
a56eb4b141af2d150c59a58ef916eeaf440c3055e0d00be55e231ee87b419174ActiveX UserManager version 2.03 suffers from a buffer overflow vulnerability.
7344c9a560abd42a22a4cc35be99d1c995f3ce762e33c795af7e937e54679814Kingsoft AntiVirus 2011 SP5.2 KisKrnl.sys versions 2011.1.13.89 and below local kernel mode denial of service exploit.
1e25fc7a0416c984cca57aa50d30eec88a510d4ffb20b26d651889869528a98cJoomla People component version 1.0.0 suffers from a local file inclusion vulnerability.
ab08fd75d8d415a6c216137580a2a19102269404e5ad7a3b27b8efc49ef2b45fBetMore Site Suite version 4 suffers from a remote blind SQL injection vulnerability.
304337d27de031a364622f3d3f5d13ade3922bcba8851c298145163878f7aa36MeshCMS version 3.5 suffers from a remote code execution vulnerability.
754efa8ec8b57198d5ac326904d5e0ec20309c53331a21e5bd3b19b286e37deeThis is a mini PHP shell backdoor.
ce3727dee0bfe24748ff55a754c2baf9af611303b49bad0a39c00e4cafd407c3
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed