BtiTracker versions 1.3.x and 1.4.x remote SQL injection exploit.
a303a466d545ad7babc5017b9a7cf61d60efa7e8a6989247c1371704ea996b7ePHP Property Rental Script suffers from cross site scripting and remote SQL injection vulnerabilities.
2778bdd7de6a5d418c8710dfa25599359591847abf02536c1ad0e1bda7c2c2daMcAfee UTM Firewall firmware versions 3.0.0 through 4.0.6 suffer from a cross site scripting vulnerability.
d74a18c2c94d3ec9137055c30cb90322d16fe5992676d7772281967380bf88d1iDefense Security Advisory 06.07.10 - Remote exploitation of a memory corruption vulnerability in WebKit, as included with multiple vendors' browsers, could allow an attacker to execute arbitrary code with the privileges of the current user. Google Chrome browsers to parse and render web content. The vulnerability occurs when the a certain property of an HTML element with a caption is reset via JavaScript code. When this occurs, a C++ object is incorrectly accessed after it has been freed. This results in an attacker controlled value being used as a C++ VTABLE, which leads to the execution of arbitrary code.
7f0b35ab69f037cbb614d26e6d3fd5861195f53934838f0c776b12a6277459d6Yamamah version 1.0 suffers from remote SQL injection and source disclosure vulnerabilities.
7f381d2cc40c9842b0225b81726832eeee216ec8cd1487ebee72cd25b9ffb632Debian Linux Security Advisory 2058-1 - Several vulnerabilities have been discovered in the GNU C Library (aka glibc) and its derivatives.
a3e6451fc8bc3981f5bacfe1586c02bc17698e70155ea54426f4c30b9fb42d4bPHP Real Estate Script suffers from a remote SQL injection vulnerability.
28349e30822914438945263354e3de54e9a9f947e885f0b70c351fec8b2c3e53Joomla JNewsletter suffers from a remote SQL injection vulnerability.
b848d2bb41577997d4d1ec3564338c80285031964c6c534815031d2c8b0eabfbThe Joomla JStore component suffers from a remote SQL injection vulnerability.
1b9fed18bd513cdc4c6185ed547fa899ad82bcb2e7a51b9b74a14d6af94230e0The Joomla JTickets component suffers from a remote SQL injection vulnerability.
a71cf13b034150413e519368e74314020ff72ba7efc30fc560d4b8df6ff8e761The Joomla JCommunity component suffers from a remote SQL injection vulnerability.
1a276d21df410305399143ce5742e69b6f4590c7da8fdd599f5ca31157f347ebThe Joomla JMarket suffers from a remote SQL injection vulnerability.
13e5a1dae13927397421f69cd4fffb2a19bb2e32b8e6b5ce407db0449d3c7f8dThe Joomla JSubscription component suffers from a remote SQL injection vulnerability.
7c07a046b6f5e733b04f067f8f79b46a3928a509463666277d65e20022721affScience Fair In A Box version 2.0.6 suffers from cross site scripting and remote SQL injection vulnerabilities.
a6ac0ad3442bf669997888dfb000a0e9f6d03b3e60a02158a924fe613d830204DMXReady Online Notebook Manager suffers from a remote SQL injection vulnerability.
b75e7d5e73e295710249003c316af1b8094680c2f8b2cacfb4ab6f9c457cc4b1CA Technologies support is alerting users to multiple security risks with the PSFormX and WebScan ActiveX controls previously available from the CA Global Security Advisor site. Multiple vulnerabilities exist that can potentially allow a remote attacker to execute arbitrary code.
0b049ea0898a69371cc5cc8a26e73e66c53c04571db9692f5331ddf978382a43This vulnerability allows local attackers to execute arbitrary code in kernel space on vulnerable installations of Sophos Anti-Virus. Local access to the system is required to leverage the vulnerability. The specific flaw exists in the handling of the system call NtQueryAttributesFile by the filter driver savonaccessfilter.sys. Due to improper handling of parameters to the function pool corruption can occur in kernel space. A local attacker can leverage this to execute arbitrary code in ring 0.
fdbd68ea6a72bd82b979a735c87645b3df846a705d606712fa1d183fd49b65d4The Joomla 1.5 Jreservation component suffers from cross site scripting and remote SQL injection vulnerabilities.
e3fa6ab5056fb381d1c8aceaf5e673147516db269fd31a1d06aa71c9308a1762Cisco Security Advisory - The Cisco Application Extension Platform contains a privilege escalation vulnerability in the tech support diagnostic shell that may allow an authenticated user to obtain administrative access to a vulnerable Cisco Application Extension Platform module. Cisco has released free software updates that address this vulnerability. There is no workaround for this vulnerability.
0e31b5cced53f1606ef7a92a5481936228c7e744a4ff55482fc5dc8a106d5009Cisco Security Advisory - Cisco Unified Contact Center Express (UCCX or Unified CCX) contains a denial of service (DoS) vulnerability and a directory traversal vulnerability. These vulnerabilities are independent of each other. Exploitation of these vulnerabilities could result in a DoS condition or an information disclosure.
2e9d26de5de13da08777e85886bdc51ea7f29ecc7d2b7b247e063e9adc32cbbaSecunia Research has discovered a vulnerability in Creative Software AutoUpdate Engine 2 ActiveX control, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by a boundary error in a callback function used when handling the "BrowseFolder()" method. This can be exploited to cause a stack-based buffer overflow via an overly long string argument. Successful exploitation allows execution of arbitrary code.
1a040ae272823bb9fc4aa52549e6a4a529563663d6e0d78a153410b3c765b0cfWhitepaper called Windows 7 x86's !nt scandown method on ring 0 (kernel ASLR bypass).
994892439593cb52c2e03c9f0a5f96250c600c86d4129d2a387921796c135522Virtual Real Estate Manager version 3.5 suffers from a remote SQL injection vulnerability.
0cc7bee4aff7a875e63724cc4e2071c4f3ad42fcdfd45f4f3ed31f449d272afaWeb Wiz Forums version 9.68 suffers from a remote SQL injection vulnerability.
cb61077a58fef8247302f432dd5e1a91eb8decb730a9c226300942856fb69a8fPlume CMS version 1.2.4 suffers from a cross site request forgery vulnerability.
57994f64a7a355285726e29a4a40b8c3c4bd364fda9396d7dd2f94b2537489c2
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed