Gentoo Linux Security Advisory GLSA 200506-04 - Due to a lack of input validation, WordPress is vulnerable to SQL injection and XSS attacks. Versions less than 1.5.1.2 are affected.
f61dbef032c5de4d5067c727b8afd50ce72afc17eea903818ac81b5ab69e3936Gentoo Linux Security Advisory GLSA 200506-03 - Dzip is vulnerable to a directory traversal attack when extracting archives. Versions less than 2.9-r1 are affected.
2a247cf29c4e54401ad4c729e24d498c4420f757128f578b66f2be70e3b848b0Gentoo Linux Security Advisory GLSA 200506-02 - When GNU Mailutils is built with the mysql or postgres USE flag, the sql_escape_string function of the authentication module fails to properly escape the \ character, rendering it vulnerable to a SQL command injection. Versions less than 0.6-r1 are affected.
f143e45c52e133f525f50540e69f3125288b44eaaa9550dcbd43b1eb08643661LSS Security Advisory #LSS-2005-06-06 - Crob FTP server versions 3.6.1 and below suffer from various remote buffer overflows.
c87f455adf3a1de29ab1bbd59e257815a8b6261cf9e1c2be3b87a1d648f5b816LSS Security Advisory #LSS-2005-06-07 - Popper webmail is susceptible to a remote code inclusion bug in childwindow.inc.php that allows for remote command execution.
df5832afc053b6a437f0df4c9905733d31fb35594d529c89550ba0a5fb3cc1c2everybuddy versions 0.4.3 and below suffer from an insecure file creation vulnerability that allows for symlink attacks.
46adc67a1df5282b44714898566130942229e761b77d09b090172e0d9eb8a519LutelWall versions 0.97 and below suffer from an insecure file creation vulnerability that allows for symlink attacks.
419e4a6a72caaab54526ba5f7a714b611c277c831e9ef0d7195ebfcf33fc155bGIPTables Firewall versions 1.1 and below suffer from an insecure file creation vulnerability that allows for symlink attacks.
916ac1b2eb458387fa4004ef64b4ae9968c40a51fdd18dd87f5c944c4e66394aProof of concept exploit for a memory disclosure vulnerability that exists in FUSE versions below 2.3.0.
27cf06b929a25397727de580abced4cfcb5c502cb14f5b370aa41eedcc0983c8A memory disclosure vulnerability exists in FUSE versions below 2.3.0.
1617e02791e8e6f8f643c263484eb5e3ba6de5bf570af2a803a1c4ed05c3e96aLpanel versions 1.59 and below allows any logged in user to view any client invoice information.
ba72abecae267d0da639b879a342303d8add8096a27471231fc9f1eed84b92d1Lpanel versions 1.59 and below suffer from a cross site scripting flaw in viewticket.php.
5e4c07390eccf0934d7ca80e4ea095e742a6c852bdce2142063703df9a77a602Proof of concept exploit for the denial of service flaws discovered in Raknet network library versions 2.33 and below.
a793421ef9f819fbc81c31a54f6e79b4e215a1e8a246bddccaa9b325b54e133aRaknet network library versions 2.33 and below suffer from a server termination and endless loop denial of service vulnerability.
ab1b55c29cc8be2d8e9de8e4afc7515cbea37aa1837a30299faceb2c13727839Debian Security Advisory DSA 732-1 - infamous41md discovered several vulnerabilities in the GNU mailutils package which contains utilities for handling mail. These problems can lead to a denial of service or the execution of arbitrary code.
1005b0538ef9725d5772e9e17747592bfda51d019fd5077e00a9b28c52168511The Drupal Security Team has found that the privilege system of Drupal can be circumvented in a very special case because an input check is not implemented properly.
f0dbedb768968931ebac535ca37bc4a6e5fc685740db2480bbd31599b8709b22phpBB 2.0.14 and below suffers from a lack of input filtering on the bbcode url.
c9646fa66fee2116417472c1e236a11c202a287351764d1e185085496bda775aSimple html parsing tool that extracts all form related information and generates reports of the data. Allows for quick analyzing of data.
775fd1d04e6784cb43827f6833c3d84a21025eb24ec1d5d74d99f835e403ad60Exhibit Engine versions 1.22 and 1.54 RC4 are susceptible to SQL injection attacks.
0b665515ebf1a6d3f4ff65d163f00b8fc85eee73097a27635ba3efec9a549be8phpCMS 1.2.x suffers from an arbitrary file inclusion vulnerability.
04dd406024d58d3359604a12f1527b764eefa5071d43fc216473bbf1a65ecd0aLiberum Help Desk versions greater than 0.97.3 suffer from various cross site scripting and SQL injection flaws.
ae3bd0ffd9766b0ca2785b8a44477de717a158204014b0c3bca4a54a2df68d73Providing an attacker already has administrative access to CuteNews, they can further execute commands on the underlying filesystem due to a failure in sanitizing user input.
6a5ed6ba76c3e63a7ea028579605a3aee91cac0e914caae19f6608597b9a0f0cA backdoor exists in Fortinet's Fortigate firewall that allows for maintainer access.
7fbdd9343d15ed0177efb0134d8a05943dd2017b9ff8e661245d341fda81301bOllyDbg Heap Vis plugin that adds the Heap option under the View menu for Windows variants that do not have this functionality.
5454bf969a30b0d8be00ffc046fc55cb6e55002d02e964ec486f55dcdc3eeaacMultiple buffer overflow vulnerabilities exist in the HP Radia Notify daemon. Versions tested were 3.1.2.0 and 3.1.0.0. Detailed exploitation provided.
c57710ce4ce013e2bdbf66952de94185cf52b770928514767314d2bc8ad42192
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed