3Com's iMC (Intelligent Management Centre) provides professional management of 3Com and third party network devices, the IMC is normally accessed using a web browser over port 8080. Various IMC pages are vulnerable to a reflective XSS attack, including the login page. Various pages also disclose information including the SQL sa account password which might be used to assist in carrying out further attacks.
14a0d934e67f92397613f7bba706a6ee6f5fb1c8d47058c1d6c0df0cd0fa51c23Com's iMC (Intelligent Management Centre) provides professional management of 3Com and third party network devices, the IMC is normally accessed using a web browser over port 8080. Procheckup has discovered that the IMC management console is vulnerable to an unauthenticated directory traversal attack within the reporting functionality.
6192a54caa6b9d2367e3f0145e14d891d023f72d8b43f7842e66482213d45191Spaw Editor versions 1.0 and 2.0 suffer from a shell upload vulnerability.
fd6851adc58463e2980f670e9152c7c1b3e285c27b0ef5da21ab4cc795487ee6Powder Blue Design suffers from a remote SQL injection vulnerability.
f88ad80d3b070ef32931f38792513fd459725bf11a7a196ec8e9e1e406eb9d4bUbuntu Security Notice 941-1 - It was discovered that MoinMoin incorrectly handled hierarchical access control lists. Users could bypass intended access controls under certain circumstances.
6fdc45ac83af063848eda9c9ba09c5494730f9723d6d3a644067f70e1019e4adDrupal version 6.16 with Ctools version 6.x-1.3 suffers from php code execution and cross site request forgery vulnerabilities.
02708ebc4a7031d1ab08b6893f5465c38bd939d369d6a4680693dddb7adbde18Renista CMS suffers from a remote SQL injection vulnerability.
5c0e0a9db04856d472a28b3b60d607011c1961348dbdc0f01f281cf1b8ef058eThe Joomla Horses component suffers from a remote SQL injection vulnerability.
297be885ffaf55e695b37dbcc4fce95e6baebf6c5f60e0a6de827852fd0991cdThe Joomla Toppinnovators component suffers from a remote SQL injection vulnerability.
5b357b8fd6a426932273c44b3d2feebe1f767641874897a17b5908145ab16333Yupana version 0.1rc1 suffers from local file inclusion and remote file inclusion vulnerabilities.
2a0c2bd1cdcdd93c2981605aa954d519e58b7064d432d6ff0661a3f3be8a318fThe Joomla State component suffers from a remote SQL injection vulnerability.
b92967cd5dbd911e7d3f770181c77813cf0270b3a03c12e3d55b2b6f318b0730The Joomla Table component suffers from a remote SQL injection vulnerability.
c228e769497e5f04c16276733f11f3f1fa1d4c8f2bb1a18c9924f7614f2e71d7webYourPhotos versions 6.05 and below suffer from a remote file inclusion vulnerability.
4f9b7b866bc3408d6fb4524ad7102bf6212ab20527a69c3a4e581a2cb5e62749Smart Douran CMS suffers from a remote file disclosure vulnerability.
bd0c8d16f0db26a6b515c42ce23cbfd05aabc23a18d8c23f90acdc5f9fb76a23Linux Mint 8 mintUpdate suffers from an insecure temporary file creation vulnerability.
35b1d7d42f1f78667bd097954ea4a8843de4e2fd5a8e6f5dcb9d5d0f7e05b58aAdobe Flash Player 10.0 allows local users to cause a denial of service (memory consumption and system crash).
6e2c47492df2b9bb6aec5b94b53dc412e6f5033b54ae426ce87658e1919aa69836 bytes small halt shellcode for Solaris/x86.
d5d6fd10681025e774acb6a47fdef2f21bd6b7ef2f94390eb37de881d98f7e97ComponentOne VSFlexGrid versions 7 and 8 Archive() method remote buffer overflow exploit.
a3f2c4d99a0f021f99d8f739fdc7ced80d7435e468a61de729349316ebfe9c2c
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed