I-Rater Basic suffers from a remote SQL injection vulnerability in messages.php.
f44d02801233ab4da9be2c297e974ff8733001a42f220d261f2134ba08f7f66b
Injader CMS versions 2.1.1 and below suffer from a remote SQL injection vulnerability.
6f746f14cd77dd76c645a78e171cbe64969d6dffc65ff4330f051ae73e04c6d7
Calendar Script version 1.1 suffers from an insecure cookie handling vulnerability.
f6d5f922b49a0d67a88b3262aad7cc20a28e7d0e1b8a898d01f0ab9e039d9932
This vulnerability was originally reported to the Apache Software Foundation as a Tomcat vulnerability. Investigations quickly identified that the root cause was an issue with the UTF-8 charset implementation within the JVM. The issue existed in multiple JVMs including current versions from Sun, HP, IBM, Apple and Apache. It was decided to continue to report this as a Tomcat vulnerability until such time as the JVM vendors had released fixed versions.
e900270f78788247830b00a35c41b325144bc065b616b71c79bd1ef3ec0ed86b
2532|Gigs version 1.2.2 Stable remote command execution exploit.
fa507c5f0a6702fdea43c9fdbb7c6d97de817d690a4c40efad1278c99431ec90
2532|Gigs version 1.2.2 Stable suffers from a remote login bypass vulnerability.
b92ec05691fb7744af74baaf967dbd0f4466361097ed62af77aef12cd8311c26
2532|Gigs version 1.2 Stable suffers from file upload and local file inclusion vulnerabilities.
d688d779c939c82a7773e68bd0a2bddfbc496db9d1ed2b3c0eaa7e19352d8d08
Wordpress version 2.7 password hash attack tool.
30d6307236524b8d061f1e23c91bfcbdbb9a483afabb89d74266758f3be6f94f
E-Smart Cart suffers from a remote file upload vulnerability.
2ff28932cfa6530d4666dbddcb94ca50c9cafc75391839f75c0819f2c45c47dc
E-Learning Portal suffers from a remote file upload vulnerability.
609154c940f4bb4bf338ad2f70a946a0fa0d92fde680b41ac37696ea261a9ddd
Sun Solaris suffers from a SIOCGTUNPARAM IOCTL kernel null pointer vulnerability.
a891f595f6f13435a2f5b8eb4f88c409b8f3d63c0a46587d1d8311e4fb22ed15
EasySiteNetwork suffers from a remote SQL injection vulnerability in joke.php.
db8af0d393b805d4f9c3258d7ab0a043c8e62000fde5de1d878914e0f5dd91fb
JASniff is a small handy graphical Windows TCP/UDP/ICMP packet sniffer. This tool will be embedded in the MSF-XB exploits development platform soon.Full source and a binary is included.
6b72a88cfe89a5313587d5fba7cc23c2b8067328f13b9efe6198926a12e185e5
Mini File Host version 1.x suffers an arbitrary php file upload vulnerability.
5a8e464621c704590941b30390c8a4f5bb92779dbc65d524f377ff4ff6a52920
QuickerSite Easy CMS suffers from a remote database disclosure vulnerability.
82034aa234a2d6b85c8be84b138d50bf1d40c22abcb6ebcce8b351e72923416d
TinyMCE version 2.0.1 suffers from a remote SQL injection vulnerability in index.php.
bda6d2af696f540ec0f9fd474555d489de9daf79fd1934ddc2b39f66d440b152
The Joomla Tech Article component version 1.x suffers from a remote SQL injection vulnerability.
74a9b7ed27c83f47b6ba4fa73482cff27e6bf2450f91c5c18e0cfa0113bccace
Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.
501c715144fbfe9b3cd17ab20de171782c8bdf2823ddadb991cb1bc4a252bbaa
Lizardware CMS versions 0.6.0 and below blind SQL injection exploit.
b189ae58bf078dce2b8316b9eca3b50f29d138a3017092b935e9934de369e28b
r.cms version 2 suffers from multiple SQL injection vulnerabilities.
dd1b2f42181c15daf01651d6862ed52aabee2271bfb2fcd43a19affde8cf42b4
sqlmap is an automatic SQL injection tool developed in Python. Its goal is to detect and take advantage of SQL injection vulnerabilities on web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specific DBMS tables/columns, run his own SQL SELECT statement, read specific files on the file system and much more.
fd47be9ac455b207a54a975f54d8a5e80fbc48844992b666e5c976e55a1f96d7
Mandriva Linux Security Advisory 2008-245 - Security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox 3.x, version 3.0.5. This update provides the latest Mozilla Firefox 3.x to correct these issues.
8e8a124d3442c7f7e103e33992e5c8bfc960102e2339c8903eed555f5a12867d
Ubuntu Security Notice USN-695-1 - Paul Szabo discovered a race condition in login. While setting up tty permissions, login did not correctly handle symlinks. If a local attacker were able to gain control of the system utmp file, they could cause login to change the ownership and permissions on arbitrary files, leading to a root privilege escalation.
24c7617bdfd0890f4289a1db8b2fa6d9dddddd879bc7d8f43b46de458e0d9f93
Ubuntu Security Notice USN-694-1 - It was discovered that libvirt did not mark certain operations as read-only. A local attacker may be able to perform privileged actions such as migrating virtual machines, adjusting autostart flags, or accessing privileged data in the virtual machine memory and disks.
fde4991571a0af53b9e549fc4264b639d09bf22a7da9e0cba9e83a0705496305
Ubuntu Security Notice USN-690-3 - Several flaws were discovered in the firefox browser engine.
7cd6de3e24fa478d5f29d6ca1ebe9883eeea6fd0f297d074dcac90ac0ee11ef6