Baby Gekko CMS version 1.1.5c suffers from multiple stored cross site scripting vulnerabilities.
a5fcee0693b218f40f4f7c0aa125ca42007c1ffa22f03debf065e8b9580c5c8aHP Security Bulletin HPSBMU02772 SSRT100603 - Potential security vulnerabilities have been identified with HP System Health Application and Command Line Utilities for Linux. The vulnerabilities could be exploited remotely resulting in execution of arbitrary code. Revision 1 of this advisory.
a11cec1f54e2ccb6940e0cf1e7cde2c13cec9a796ade7a2fbe12582e12bf5e42Drupal cctags third party module versions 6.x and 7.x suffer from a cross site scripting vulnerability.
11ecbee9842079b4c09e2b8895b9e82e8b925e6afe795af24ad7e05b1025e56cDrupal Glossify Internal Links Auto SEO third party module version 6.x suffers from a cross site scripting vulnerability.
23a814bf3a31bf4c83ad7c8f343361d4794c4001adf51ccff631fe79bc2f5025Mountain Internet CMS suffers from a cross site scripting vulnerability.
a0ebdd1897f480406d77bf3d27e6512ca37018a17a42b8dd88abe90dae8c9c1dDrupal Taxonomy Grid third party module version 6.x suffers from a cross site scripting vulnerability.
fbff5b269285635ebdc10ce14a8c7ce6b2926823f90e0bfe9d1188ccd2221fdfPluXml version 5.1.5 suffers from a local file inclusion vulnerability.
26c5a372be4cf48f468c1c17e864bc22d6cec2cad46f16e902f320e117bb19d4HP Security Bulletin HPSBMU02771 SSRT100558 - Potential security vulnerabilities have been identified with HP SNMP Agents for Linux. The vulnerabilities could be exploited remotely resulting in cross site scripting (XSS) and URL redirection. Revision 1 of this advisory.
15d58aa5dd1c33de68bbee8deda84faaca26f4efdfc34427ec0cedb0a0bf98e9Drupal Addressbook third party module version 6.x suffers from cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities.
7994d736cf2e91b7252f62a8db4cd765bb6acd7196b0616a1b30cfe7d01070c4Drupal Node Gallery third party module version 6.x suffers from a cross site request forgery vulnerability.
8da028cf40bb77bea6c4ba79b38b8ffd73eb6ca126bfae05eed9608c401f9f8fHP Security Bulletin HPSBMU02770 SSRT100848 - Potential security vulnerabilities have been identified with HP Insight Management Agents for Windows Server. The vulnerabilities could be exploited remotely resulting in cross site request forgery (CSRF), cross site scripting (XSS), URL redirection, unauthorized modification, and Denial of Service (DoS). Revision 1 of this advisory.
1a187ac2c37a3636dcd170dae015d6bfd3eadef2a9c915970b3725a3b7906c3eRedTeam Pentesting discovered a cross site scripting vulnerability in the PHP markup parser Decoda. This allows attackers that should be restricted to the markup supported by Decoda to specify a JavaScript event handler for an iframe tag. Depending on the usage of Decoda, this allows attackers to execute JavaScript code in the context of other users in a web application that uses Decoda. php-decoda versions 3.x prior to 3.3.3 are affected.
0809902db089eb0df1163122682d8bc8ca2488799ded80ca16a612d297dc5dbeiGuard Security Access Control System suffers from a cross site scripting vulnerability.
24b9c8cc1d940131259d279e7193df2a302d03fcd5506ba23c31b32384f56d59ExoPHPDesk version 1.2.1 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
bc686aa635201f14247dc246ac28bf215ac17cb4d6b29a73397658378a20ab02Microsoft Windows XP Win32k.sys local kernel denial of service exploit.
5939e46389ff26a365dfe48334d589afc7e6280a2ffb67f3d76e85c7aebbee84Debian Linux Security Advisory 2463-1 - Ivano Cristofolini discovered that insufficient security checks in Samba's handling of LSA RPC calls could lead to privilege escalation by gaining the "take ownership" privilege.
65c8de9a46a2e00007a474ced85b5cba1598c033fe88ece3b0f770eacd08ccf7Ubuntu Security Notice 1436-1 - Matthew Hall discovered that Libtasn1 incorrectly handled certain large values. An attacker could exploit this with a specially crafted ASN.1 structure and cause a denial of service, or possibly execute arbitrary code.
cacfb0513c2cb7eaf9dfbfe2340bef9d7ab9785a3259c68abb05b1c3ff3884cbOpenConf versions 4.11 and below suffer from a remote blind SQL injection vulnerability.
c5f3f19deddb42342d8deb8e48d175329bb1255f6a39dd164fe1fb4bb1d6da10oclHashcat+ Advanced GPU hash cracking utility that includes the World's fastest md5crypt and phpass crackers and has the first GPGPU-based rule engine. Focuses on highly iterated modern hashes, single dictionary-based attacks, and more. 32-bit version.
619a15cfcb80ab0c595c05dd9771cef8edb986716110df6007e589fb9313db05oclHashcat+ Advanced GPU hash cracking utility that includes the World's fastest md5crypt and phpass crackers and has the first GPGPU-based rule engine. Focuses on highly iterated modern hashes, single dictionary-based attacks, and more. 64-bit version.
216e918ae767ffdc89f9582d7d8b22672195a20158c9d05a9d674edb52ea5325This archive contains all of the 310 exploits added to Packet Storm in April, 2012.
0778b4690ac03dc41af7421cff62de5b9c7dc634628983345be2df57bb00b38eMandriva Linux Security Advisory 2012-067 - A vulnerability has been found and corrected in Samba. Security checks were incorrectly applied to the Local Security Authority CreateAccount, OpenAccount, AddAccountRights and RemoveAccountRights allowing any authenticated user to modify the privileges database. The updated packages have been patched to correct this issue.
5f9ef2fb4ce07337eae1fc8802fa79e87131f41b978c0ac1c5f1935f596f3235Symantec pcAnywhere versions 12.5 and below are vulnerable to a remote code execution vulnerability. A flaw exists in the authentication component listening on TCP port 5631 which does not sufficiently validate user-submitted data.
534ae58b85b416fd3014155bc1e9ede4be561699212190b743baf7a76964e41fSymantec pcAnywhere suffers from an insecure file permissions vulnerability that allows for local privilege escalation.
33997bb51755dd9bf99f53ef0cdc9918dbf0a6168c5c6e325055dca848b578f7Whitepaper called Reverse Engineering Malware Part 1.
36dd2e02c332eee7ad1b0a13487a9cc66d5bcca061c99f0a07d0ec1b39863a5f
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed