Both the bcoos and E-xoops DevTracker modules are susceptible to cross site scripting vulnerabilities. This affects bcoos versions 1.1.11 and below and E-xoops versions 1.0.8 and below.
56a4017c3ed128a7c52f8d1156b3dbe6dfd8db53e3a8f49bc12d1f2bc0a0032fThe Astrosoft HelpDesk suffers from multiple cross site scripting vulnerabilities.
00aaa7003b5c87c0f4cfeb8ed2f7c57eb1e3b09425bf786fa2a121fa15dd964dThe VHD Web Pack version 2.0 suffers from a local file inclusion vulnerability.
107242477b6b45e261592199e221ddc424dec6d7d5de2b30d2a4db308bea3c5aXOOPS version 2.0.18 suffers from local file inclusion and URL redirection vulnerabilities.
8f42f84a90e90b1cae89742c4acbc0a7a2ba57af29dc3d16398f81bae0c7f29eTxp CMS version 4.0.5 suffers from denial of service and cross site scripting vulnerabilities.
2fdd84f0f08dccc171b4b663b4751aba2d0763cf7b9d357f90d9a9c425e23b32Secunia Security Advisory - Crackers_Child has reported a vulnerability in Domain Trader, which can be exploited by malicious people to conduct cross-site scripting attacks.
8c7fa91464b57e6e3ba54aa31a4c8218a0e2259fcbc75b449257a440503d9302iDefense Security Advisory 01.31.08 - Local exploitation of a file creation vulnerability in IBM Corp.'s Informix Dynamic Server allows attackers to elevate privileges to root. The set-uid root "onedcu" command requires six parameters to be specified when it is executed. The second parameter is a "Trace" file that this program will open and write to with elevated privileges.
08217f2a8fc5c50d43f66264243c431eefac2ede9e8e0b4d147be9d0edb86f3eiDefense Security Advisory 01.31.08 - Local exploitation of a file creation vulnerability in IBM Corp.'s Informix Dynamic Server allows attackers to elevate privileges to root. When the SQLIDEBUG environment variable is set, several set-uid binaries will log debugging information to the specified file. iDefense confirmed the existence of this vulnerability in IBM Corp.'s Informix Dynamic Server version 10.00 UC6TL installed on a Linux system. Other versions are also suspected as vulnerable. Versions for other supported Unix systems should also be considered vulnerable.
f2864fc19e93a164fbc79f6bd51e58cf26ac30861f82d244ac1f12a20cee48e9Core Security Technologies Advisory - The MPlayer package is vulnerable to a buffer overflow attack, which can be exploited by malicious remote attackers. The vulnerability is due to MPlayer not properly sanitizing certain tags on a FLAC file before using them to index an array on the stack. This can be exploited to execute arbitrary commands by opening a specially crafted file.
4f26f825d9d87a14dfee920c490ae23831e4808a1935ecb75aa6972cd2fc2274Core Security Technologies Advisory - The MPlayer package is vulnerable to an arbitrary pointer dereference vulnerability, which can be exploited by malicious remote attackers to compromise a user's system. The vulnerability is caused by the MPlayer libmpdemux ('demux_mov.c') library not properly sanitizing certain tags on a MOV file before using them to index an array on the heap. This can be exploited to execute arbitrary commands by opening a specially crafted file.
c3dbdf2e8f7ae8c5db2507b176551c4a741b53e50ee9905fe4920754fdc7507cOpenads versions prior to 2.4.3 suffer from a PHP code injection and execution vulnerability.
3b8e9656dab62e6fe6a16d9ba5b32ecb9895b49a521e943ff12d6cf3cda618eeUbuntu Security Notice 574-1 - A massive slew of vulnerabilities relating to the linux-source-2.6.17/20/22 packages have been addressed.
4791c2975b392758be35d2399e875fa6e7ae9cf6c243dde7c9208ac6888d87f0MicroTik RouterOS version 3.2 and below SNMPd denial of service exploit.
deec328f872606cc602045ba08ceea2a7516fe053d90c1dd3fc9c4a1277392b7The Joomla component Marketplace version 1.1.1 suffers from a remote SQL injection vulnerability.
686e153b1578666e4ba4af4dc09291614b3d05f889cbacf274d242fa406e195bA-Blog version 0.2 remote SQL injection exploit along with cross site scripting vulnerability details.
922bf4173c518085e823debf3ad84ecc57159438ae9398e2bfb398d029a0ecf5The Joomla component mosDirectory version 2.3.2 suffers from a remote SQL injection vulnerability.
37805967da811e0b19ed66de77c8ef31a9ffa943fc3031da2bd7eb9e9e2ee1abBlogPHP version 0.2 remote SQL injection exploit along with cross site scripting vulnerability details.
95f01f12bf124722fa39346748ea9142c02379baafd96611ad611cb561b4cae6Sejoong Namo ActiveSquare 6 ActiveX buffer overflow exploit that makes use of NamoInstaller.dll.
8d978eb225a560ed7d9d1214029afb86ffb9d024fb978d9e284bad1e86281c9fFaceBook PhotoUploader buffer overflow exploit that takes advantage of ImageUploader4.ocx version 4.5.57.0.
42fb0f9d6161ea73e9064b8284554afa3a1f7b7af22a5e77cc3700b89c59e5d0The Joomla com_shambo2 component suffers from a remote SQL injection vulnerability.
590177924d3973249ad8107726e4d6ca7fbdf62705925cfaa758523751436454The Joomla com_awesom component versions 0.3.2 and below suffer from a remote SQL injection vulnerability.
f45385b0c5578f27e13d5afbf0a351c33bfab07412bbfd70e88c30094bcc9544ITechBids version 5.0 suffers from a remote SQL injection vulnerability in bidhistory.php.
6f26a364d06a34a357aa9df1201e1a64c3ce83fcb9b8f8c644de381ae7f1038fAnon Proxy Server version 0.102 and below suffer from a remote buffer overflow vulnerability.
97fd7c6664457be72eb3c3a669e934a94f42cf05ec105a6f48c9e3c174e07f54PHPShop version 0.8.1 suffers from a bypass vulnerability that allows for SQL injection attacks.
7309c78610fd7fd6493e7bed3f885c7a2c18a9b5f66070b89fabdf279a7aa29cYahoo! Music Jukebox AddButton() ActiveX buffer overflow exploit.
a3419039c882d33450d5327b6f52f73c0e91ae33be3c254256fa434a0d6d2d77
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed