PHP-X-Links suffers from a remote SQL injection vulnerability.
471c6627ceb3b865126edd11e6db101be7ca8cc213380000c36458ee3e614839
WSN Links script suffers from a remote SQL injection vulnerability in report.php.
8df011c7700d0ac768739c6debb1d00b0a82f9032418f9dc0d9b6a7f14ebe125
Complete comprehensive archive of all 3,873 exploits added to Packet Storm in 2011.
d289b09b2825205652e7ba4a0699cb0f5cdf2934b07df28338628241fc0d2c82
This archive contains all of the 211 exploits added to Packet Storm in December, 2011.
9fd24271730a78dbe8efaf705cb5a777ad7e1b07dc3cb7e27645b61ce080a1d6
Mandriva Linux Security Advisory 2011-198 - Multiple vulnerabilities has been found and corrected in phpmyadmin. Importing a specially-crafted XML file which contains an XML entity injection permits to retrieve a local file (limited by the privileges of the user running the web server). Using crafted database names, it was possible to produce XSS in the Database Synchronize and Database rename panels. Using an invalid and crafted SQL query, it was possible to produce XSS when editing a query on a table overview panel or when using the view creation dialog. Using a crafted column type, it was possible to produce XSS in the table search and create index dialogs. Crafted values entered in the setup interface can produce XSS; also, if the config directory exists and is writeable, the XSS payload can be saved to this directory. Using crafted url parameters, it was possible to produce XSS on the export panels in the server, database and table sections. This upgrade provides the latest phpmyadmin version to address these vulnerabilities.
849717620dc582e004cf04bfa3adddb6224bed65bd3093ac4c8205f2f134c230
Siena CMS version 1.242 suffers from a cross site scripting vulnerability.
a64759cd57b5e55696506eeda6f87bec78f3bf067939ad5841341dc56d1584a8
PHP 5.3.x hash collision denial of service proof of concept exploit.
4fedb48a322a5c1cc6a37e6e8d60e449a09a49c804537bef9e115dec5fade8b1
KBeast (Kernel Beast) 2012 is a Linux rootkit that hides the loadable kernel module, hides files and directories, hides processes, hides sockets and connections, performs keystroke logging, has anti-kill functionality and more.
63f6b4bc4339137a2e0815584ec2c392125bf6d3a2e797f3285be98719fd091b
jPORTAL version 2 suffers from a remote SQL injection vulnerability in comment.php.
efe333d0450c8e81702edfcdab372e51985d72c7a70fc7c87ed614810710f3f2
Jin Ware International version 1.2 suffers from a remote SQL injection vulnerability.
bd5f24e201a78392cff78e52639296472b6556c8f5718ef04d66dad422f9fc78
Readmore Systems suffers from a remote SQL injection vulnerability.
cf51c3e8ea81e500b799f8d6e5ea9899957bc7aa0ec560f06631910a469177c1
The WordPress LivePHP plugin suffers from a cross site scripting vulnerability.
3b0a6afe33657d2edff34bc2640000098c713937a181f6e468c84cd80b1e031c
WebSAT suffers from a remote blind SQL injection vulnerability.
fbad0add64eb1d6e2ff9a3afd95d68c86af09eaa1b3ec48d357767e6aefc8ac2
PHPB2B suffers from a cross site scripting vulnerability.
7de1ab8235d102b1c66110b132a9cf3c60f0eed781a87fbe5609eb418249a7a2
Lixar suffers from a remote SQL injection vulnerability.
c38756998752f6b74f15f91bdd60cb7959ebf595d0f6bfe9bb87460099174c67
Linux/x86 polymorphic shellcode that escalates uid/gid and adds user iph to /etc/passwd without a password.
c76ec179be82bd66c6ce5163485d57eea3d44050cf6f706dcc2af9eaea0200dd
ITMiddle suffers from a remote SQL injection vulnerability.
62bb1699dc62f67a9e50d9270822ef3e43806044d0cc99dc0ac0300ce9e1b6a9
wsCMS suffers from cross site scripting and remote SQL injection vulnerabilities.
34ae74bb916e433aa618f8b86d9a2583d3ad685697f6112e621c2e57725cae61
Debian Linux Security Advisory 2376-2 - It was discovered that OpenIPMI, the Intelligent Platform Management Interface library and tools, used too wide permissions PID file, which allows local users to kill arbitrary processes by writing to this file.
1f6cfd1dbcceedfde1aa46a1380d5bbcc45286102e4084bf6b7ccbcc281ee09a
IBM Lotus Notes/Domino server suffers from a remote denial of service vulnerability that can be triggered by a malformed TCP packet. Versions 8.5.2 FP3 and earlier, 8.5.1, 8.5 and 8.0.x are affected.
d16ac8bae9357e03ce32188da32c40d2f0354c626f5fe6e353dc33c6272859ae
All versions of Charybdis are vulnerable to a remotely-triggered crash bug caused by code originating from ircd-ratbox 2.0.
f1950463ae3bf4a8ac9d15c62208dc1561daa1cfe6ba3bf7ef6225851c71a752