Netkamp Emlak Scripti is susceptible to a SQL injection vulnerability.
89b14bb41b6db98788e40f03d8fc3047cb99245f794eb3fa30c9bc6b2b7db1bf
Ohesa Emlak Portal is susceptible to a SQL injection vulnerability.
a3f8a7412f9eb1c696cf443bddce0e3b995c95732615ddf57512fd11f0343788
Ubuntu Security Notice 522-1 - It was discovered that OpenSSL did not correctly perform Montgomery multiplications. Local attackers might be able to reconstruct RSA private keys by examining another user's OpenSSL processes. Moritz Jodeit discovered that OpenSSL's SSL_get_shared_ciphers function did not correctly check the size of the buffer it was writing to. A remote attacker could exploit this to write one NULL byte past the end of an application's cipher list buffer, possibly leading to arbitrary code execution or a denial of service.
07593e231df1e5dc0f594139f370e808bd38529d8959b1b5b701f3d15f5be2e0
Debian Security Advisory 1378-2 - Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code.
0605e3e63d0b2b1a9ed33c2af397d4bac98e7c643acc8edde998a2b4b02aa190
This script can be used to steal G-Mail's keychained password by injecting javascript into Safari. When executed it opens G-Mail's login page, reads the saved password and sends it to a logging server by creating an hidden iframe into G-Mail's page.
20de0e897ec70cae2d19020dbc28f0afb395ff11a21cf566e2d898f6373105e1
This script can be used to steal G-Mail's keychained password by injecting javascript into Safari. When executed it opens G-Mail's login page, reads the saved password and prompts it into an alert box.
d1666deab432edbc9e59a484712e616f3e4b12ccc20689e06d1d5c0bc471f7ea
Tor versions below 0.1.2.16 ControlPort remote rewrite exploit.
60b86debafefb6d4092a83ca2af33ae8129a47368aa7ce9d92ec93a733810284
mxBB module mx_glance version 2.3.3 suffers from a remote file inclusion vulnerability.
2452ced34c50af4690d62b6fe58791ab3b0d2ded240e907461225e7342a0a5da
Mambo component Mambads versions 1.5 and below suffer from a remote SQL injection vulnerability.
bc2e66c74f97bc49fce32b0cc68da588ed69741137f1b8c385c35065f452beb1
MDPro version 1.0.76 remote SQL injection exploit.
64eaf5d131bd08a7e3e3c5b3b5c444e628ed3dcb7fa505197104b5c034e53233
Zomplog versions 3.8.1 and below suffer form an arbitrary file upload vulnerability.
51229d2b0d699b76e2f2d85f2160f5d3f9583f5d8bec1e486329a2849f66fd41
Public Media Manager versions 1.3 and below suffer from a remote file inclusion vulnerability.
73c24490fa872998ce87aa181b956bc916cdd6b48ba86c301e654ff1fd49ae10
PhFiTo version 1.3.0 suffers from a remote file inclusion vulnerability.
6f201de717e60b3590a98f42735faca4702aa76c08b947c8b723f015079fc7ae
Nmap Log Stripper is a Bash script intended to be a way to condense all, or some, of the IPs of a "random" (-iR) Nmap scan into a file for later usage. Common uses are to be able to feed the file back into nmap with the -iL switch, or feeding it into another port or vulnerability scanner of your choice. Stripper supports stripping the Nmap log of all but the IPs of hosts running a certain service, a version of a service, or even an arbitrary banner, and writing them to a file.
1a67ab5aaf2d8f6c3040cead6ca0ae4fd6fe5fee712ed7f7bd4f06ca75842110
Mandriva Linux Security Advisory - A vulnerability was discovered in KDM by Kees Huijgen where under certain circumstances and in particular configurations, KDM could be tricked into allowing users to login without a password.
282e85a63e64b85c7cc421aee20e564b2296562cd10fd53bc8702125c618ef7f
Ubuntu Security Notice 521-1 - Luigi Auriemma discovered that libmodplug did not properly sanitize its input. A specially crafted AMF file could be used to exploit this situation to cause buffer overflows and possibly execute arbitrary code as the user.
fedcc331c95208511c21b229acf97430edf70aba3923ab9b666e62fad87f864e
A vulnerability results from the Net::HTTPS library from Ruby versions 1.8.5 and 1.8.6 failing to validate the name on the SSL certificate against the DNS name requested by the user. By not validating the name, the library allows an attacker to present a cryptographically valid certificate with an invalid CN.
30fcafc5523a3be23deee577529d910574c4482ca24286ec62b4815b2b3dcf84