BannerManager version 0.81 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
aea6aa4dbb8994ea8477bf08ddab55051770c51d15f5af0d6918a996054dab87The Drupal Taxonomy Theme version 5.x-1.1 suffers from a cross site scripting vulnerability.
910abd62192a62f24e88bd8e0a24cfaaf8cb8214622ef3b378fdbaa2fffeb0a0B2C StoreBuilder Designer version 2.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
fa51b4993bde6586ddefb27d30d2cd895ad052d6a9e1abee9c1f110fa42f1964C2C Reverse Auction Creator version 2.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
26c54383f3359cebee5e2a313b183a67c9c3492997e2950912c749a5d0eb6e88Great Shop Creator suffers from a remote SQL injection vulnerability that allows for authentication bypass.
6de3dc3153d6f24cdc6ecf4a7979b0c6593849cd36cde3061b7abe03eeafc077B2B Reverse Auction Creator version 2.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
c9558805f2dd77dba028f5f7daaa98860b465cbfb2edcc949b959c0bd7674d9dB2B Forward Auction Creator version 2.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
4b22cd31fed84cc02f65397e8d44416253922aeb8e0be99aa45ea61a76764129B2B Horizontal Marketplace Creator version 2.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
4c9c43857cd8efdf4b5f9c0984291c17ab0ca9db33e62441a170cf4fd1e7a6e5Webstore Creator version 5.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
2725201b30dbf4082166f382ee2431a341093a1ed963482217f7be8b26e1c2ceShop Creator version 4.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
8058e49c016031a8374c47e76138711ac489a9f67b3e9de6aae19fbb385366d5The APC PowerChute Network Shutdown's web interface suffers from http response splitting and cross site scripting vulnerabilities.
0fe9b1c32be53fbaec5ec4b23eed1349673ecc3e1904b1eaa4ab65dae5480510BitDefender Internet Security 2009 suffers from a cross site scripting vulnerability.
cbc5a5ad08caad0126f74533bccd87cddb09e4964c446d6f9c7869926c30f560Coppermine Photo Gallery versions 1.4.20 and below privilege escalation exploit.
664c5dbfa4fa3bb018a571cf6aa4af6da853a09391cc118249632075e558ea51RFIDIOt is a python library for exploring RFID devices. It currently drives a couple of RFID readers made by ACG, called the HF Dual ISO and the LFX. Includes sample programs to read/write tags and the beginnings of library routines to handle the data structures of specific tags like MIFARE(r). This is the Windows version.
f022497c909f2ecac7423f7e947e171efec4ffa07a298f4c3eddecf1e1e2cb43RFIDIOt is a python library for exploring RFID devices. It currently drives a couple of RFID readers made by ACG, called the HF Dual ISO and the LFX. Includes sample programs to read/write tags and the beginnings of library routines to handle the data structures of specific tags like MIFARE(r).
2f24e716a3537b25670060337942d8a338ff5a70db034af44bd55233278f4d96HP Security Bulletin - A potential security vulnerability has been identified with HP Virtual Rooms client running on Windows. The vulnerability could be exploited to allow remote execution of arbitrary code.
979deb610b559b21b38e2f1d0a764abeda421ae76be77098a02df1d85d2d96a5Coppermine Photo Gallery versions 1.4.20 and below suffer from a privilege escalation vulnerability.
739ecd858f579860104ca119c8d8c4fc99f31707ac5a0d4f398f0440af9cc82cUbuntu Security Notice USN-724-1 - Joshua Morin, Mikko Varpiola and Jukka Taimisto discovered that Squid did not properly validate the HTTP version when processing requests. A remote attacker could exploit this to cause a denial of service (assertion failure).
17db4ecbf1f662f3b953bbbe5fc7c8cca2d92354678e2c89d0dc93dba754e149This whitepaper describes a new technique for generating large WPA-PSK tables to be used for cracking wireless networks. The concept involves injecting malicious Javascript code to a large websites and forcing user browsers to fetch data from attacker's server, compute PBKDF2 hash and send it back. In some conditions this can lead to creation of a large, parasitic, distributed network used for effective hash computing.
99ac0d2cf309c8a7602c8208cff58c080f4c970d27b9330ea7289fcbb966d844DesignerfreeSolutions Newsletter Manager Pro suffers from a remote SQL injection vulnerability that allows for authentication bypass.
e4723a76542ee109cb1e2f7517e975257e8b71b0ee468dd3957e3d26cce42ca1Mandriva Linux Security Advisory 2009-026-1 - phpMyAdmin suffered from cross site scripting, cross site request forgery, and SQL injection vulnerabilities. This update provide the fix for these security issues. The previous update packages wasn't signed, this time they are.
cb03b4a7f45f173639487a0d4ba5713cd6777f5c6fad1c3fcf62282aa78368caMandriva Linux Security Advisory 2009-057 - Untrusted search path vulnerability in valgrind before 3.4.0 allows local users to execute arbitrary programs via a Trojan horse .valgrindrc file in the current working directory, as demonstrated using a malicious --db-command options. NOTE: the severity of this issue has been disputed, but CVE is including this issue because execution of a program from an untrusted directory is a common scenario. The updated packages have been patched to prevent this.
84053efc1d16fb6b179a05f51bb8abc2f8d65bdafb3b9bdbbdd207d526c49cccThe Drupal Viewfield module suffers from a cross site scripting vulnerability.
9267d6616d0fc1302d9d181ec6b74ad8e01e9cabecd66991e29d3020498227ffDebian Security Advisory DSA 1727-1 - Two SQL injection vulnerabilities have been found in proftpd, a virtual-hosting FTP daemon.
47abce559e797db348b4d30522fc51cbae738bb95901abb7c97f0871b5df8ee3Golabi CMS suffers from a remote file inclusion vulnerability.
4a8cf76b26d3c596d2e6a349ff1c9c509a40e4132df27d520db5f2b9b43dc755
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed