Small write-up discussing various issues with T-Mobile's site and security.
c85f78d5b785a5673ec6319cd4e213024eb515189ce4bd1e9c0abf0e8a0c23cc
Bensi Okul Portal suffers from a cross site scripting vulnerability.
7cdde2c9a60c31799fd1e32a97d1c480dc8ecc288ae29cd5a7616b5154cac007
Escort Agency Script suffers from a remote SQL injection vulnerability.
53d6a77e808c03ffe1dd7998c91200771d2b95d712ba2774b7e23c53635e0eed
Import address table (IAT) hooking is a well documented technique for intercepting calls to imported functions. However, most methods rely on suspicious API functions and leave several easy to identify artifacts. This paper explores different ways IAT hooking can be employed while circumventing common detection mechanisms.
7fc4f73e8ce5a00253ddb8deff3d09da7612ebbcf819c8a3ae17075fced2702e
Adium versions 1.4.2 and below suffer from a cross site scripting vulnerability.
0bc772b94e276215873af7b4736035264927370480ad0412051e68b6bc0c92b5
The accounts.zynga.com site suffers from a cross site scripting vulnerability.
cb844ad91bec5e440dbecccfc1b6571b8785726efc82a33375e8e1d1399bd7c6
A 3rd party application may exploit Android's Browser URL loading process in order to inject JavaScript code into an arbitrary domain thus break Android's sandboxing. Versions 2.3.4 and 3.1 have been found vulnerable.
e69e53a920a455ea417e80477c2fab5c49deede7cf7c53b2cbeaf6c9493d8670
Gilnet News suffers from a remote SQL injection vulnerability.
5dd5489ea9083aa1805d804f552978306d2eaf6a5ceb229ff73190eb77b27988
MyBB MyTabs suffers from a remote SQL injection vulnerability.
f18c152cd26a147af425278fc655c37acf5fca20b7b0c6bd2224a57c6c268e2b
The Joomla Astra component suffers from a remote SQL injection vulnerability.
e1d0a46ab500ffbefc85f2574a3ea101bf3f764f8c9331dbfe352339c9f3b35a
mt LinkDatenbank suffers from a cross site scripting vulnerability.
966d22be00b25225059e4442ff11ea8de508b66d1b93161ddd97eda0f3312cae
MC LinkList version 1.3 suffers from a cross site scripting vulnerability.
194edb048e10601bd4c9699a255c55ae73d21849cc46f428fc9a8e1a8194b00e
Byethost Cpanel suffers from a cross site request forgery vulnerability.
ab7232e1a064b6353a804d935d08d59ec6886f0915f9232a0c789f414704a465
This Metasploit module exploits an information disclosure vulnerability in the CA Arcserve D2D r15 web server. The information disclosure can be triggered by sending a specially crafted RPC request to the homepage servlet. This causes CA Arcserve to disclosure the username and password in cleartext used for authentication. This username and password pair are Windows credentials with Administrator access.
7c8e30e3bf5a9fd18f843efebdc225b819266ca4ca82d428c51238a4afa9d1c6
Title Web Solutions suffers from a remote blind SQL injection vulnerability.
a992096f062e8e0ccc87053211f712fd805a4a1c1d10c912fc6dcde93822ecb9
phPhotoGallery suffers from a remote SQL injection vulnerability that allows for login bypass.
d92b28488cc5a06f734a33138136af2d15351d6492877ff0ff78dab88cd9435a
Ataccan E-Ticaret Scripti suffers from a remote SQL injection vulnerability in index.php.
62d7f7f57209ed9e6c3e4369c35e627bc5d1d887b563e5db301d369057e4432c
Online Yemek Siparis Sistemi suffers from a cross site scripting vulnerability.
03542a9082391b7ff5ad91f0d2087f11c93bf10e0399a7c1bba9bd2695f0ea76
Powered By Website It 2009 suffers from a remote SQL injection vulnerability.
af8a04a7e9b4a3368dd5b608444e9c45f90f63560206460c85fe3f47ab84d30c
Secunia Security Advisory - SUSE has issued an update for libapr1. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service).
06036105b03f88048c039ab831d8192719d882c8c74d9b6f57c5dd5187b8ed18
Secunia Security Advisory - Rosinei Muniz has discovered a weakness and a vulnerability in Crafty Syntax Live Help, which can be exploited by malicious people to conduct spoofing and cross-site scripting attacks.
bde05a8bf9506fcc2f15537ad465d7cdf93257025d70c5d9260e2aac68916dc8
Secunia Security Advisory - Fedora has issued an update for mapserver. This fixes some vulnerabilities, which can be exploited by malicious people to conduct SQL injection attacks and potentially compromise a vulnerable system.
56272282c668afe6e2117b5ab559cff45bb7f2f799de003825e9b14fad6d0c16
Secunia Security Advisory - A vulnerability has been discovered in the MyTabs plugin for MyBB, which can be exploited by malicious people to conduct SQL injection attacks.
2ba1d7b9bf6e32054965d02c8d3fba42bf51328eb78e8e2da9e5f9c25f6c5cf3
Secunia Security Advisory - Luigi Auriemma has discovered a vulnerability in Novell ZENworks Handheld Management, which can be exploited by malicious people to compromise a vulnerable system.
9cafab65ee75396a929446fadcd4bdfa05fd8c60edfee47831160a8a8842f9c4
Secunia Security Advisory - SUSE has issued an update for the kernel. This fixes multiple weaknesses and vulnerabilities, which can be exploited by malicious, local users to disclose certain system information, bypass certain security restrictions, cause a DoS (Denial of Service), conduct session hijack attacks, and potentially gain escalated privileges, by malicious people to cause a DoS and potentially compromise a vulnerable system, and by malicious people with physical access to potentially compromise a vulnerable system.
ad4f76f2ffc6813765043639b53d110cfad9d60a0d1d93e492536557cb1632b4