what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 41 RSS Feed

Files Date: 2012-04-20

Kaseya 6.2.0.0 Cross Site Scripting
Posted Apr 20, 2012
Authored by Mark Lachniet | Site foofus.net

Kaseya version 6.2.0.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 94d46d5b3ff9db9a3a7f354e7050e4cc448060e16567639091a8d43d990d8735
HP Security Bulletin HPSBMU02764 SSRT100827 2
Posted Apr 20, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU02764 SSRT100827 2 - Potential security vulnerabilities have been identified with HP System Management Homepage (SMH) running on Linux and Windows. The vulnerabilities could be exploited remotely and locally resulting in cross site request forgery (CSRF), Denial of Service (DoS), execution of arbitrary code, and other vulnerabilities. Revision 2 of this advisory.

tags | advisory, denial of service, arbitrary, vulnerability, csrf
systems | linux, windows
advisories | CVE-2009-0037, CVE-2010-0734, CVE-2010-1452, CVE-2010-1623, CVE-2010-2068, CVE-2010-2791, CVE-2010-3436, CVE-2010-4409, CVE-2010-4645, CVE-2011-0014, CVE-2011-0195, CVE-2011-0419, CVE-2011-1148, CVE-2011-1153, CVE-2011-1464, CVE-2011-1467, CVE-2011-1468, CVE-2011-1470, CVE-2011-1471, CVE-2011-1928, CVE-2011-1938, CVE-2011-1945, CVE-2011-2192, CVE-2011-2202, CVE-2011-2483, CVE-2011-3182, CVE-2011-3189, CVE-2011-3192
SHA-256 | 309e442bfe4de81d1da4a903beb9bb3ce130e05b0ec3c99ada2e50debacf94af
MiPagina CMS Cross Site Scripting
Posted Apr 20, 2012
Authored by the_cyber_nuxbie

MiPagina CMS suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 9d02b5fadff60d5759cdfde9e6ed0b64cf47938e2d8a58757a12df221c5e7f03
Script-KS CMS 4.0.2 Cross Site Scripting / SQL Injection
Posted Apr 20, 2012
Authored by the_cyber_nuxbie

Script-KS CMS version 4.0.2 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | d486076affece3df4f59f5938f415775d25833b0d77deadbab0379fc53080d46
JA-Programacao CMS Cross Site Scripting / SQL Injection
Posted Apr 20, 2012
Authored by the_cyber_nuxbie

JA-Programacao CMS suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | 30075956396468eb5fde71170a88235f03609972eceff0ec3138e93c29c746f5
Trend Joinery SQL Injection
Posted Apr 20, 2012
Authored by the_cyber_nuxbie

Trend Joinery suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | a23643f86107ed4aa0e0abc338fff70496818785b962346a4e4027797827fc0a
Waylu CMS Cross Site Scripting / SQL Injection
Posted Apr 20, 2012
Authored by the_cyber_nuxbie

Waylu CMS suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | d27e4b5658eeaa6cb130c03ce140d393a29ff040c8f573e35a7cb95d41b34aa9
Liferay JSON Request Control Takeover
Posted Apr 20, 2012
Authored by Jelmer Kuperus

Liferay Portal suffers from a takeover vulnerability due to a single HTTP request allowing an attacker to reconfigure which memcached to use. Proof of concept code included. Version 6.1 ce is confirmed vulnerable.

tags | exploit, web, proof of concept
systems | linux
SHA-256 | 52363e44fb0da67d9da2ef19c482ca115b0e60ea50da8776e953b5d028b5ea91
Owncloud Account Overtake / File Upload Code Execution
Posted Apr 20, 2012
Authored by Lukas Kupczyk | Site metasploit.com

This Metasploit module exploits several vulnerabilities in Owncloud 3.0.1 and earlier in order to achieve code execution.

tags | exploit, vulnerability, code execution
SHA-256 | 87b1af29e5351deb33c45527fe16c1c06e1dec6811c24b89956b28dfd2e2b93b
Ubuntu Security Notice USN-1400-5
Posted Apr 20, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1400-5 - USN-1400-1 fixed vulnerabilities in Firefox. Firefox 11 started using GSettings to access the system proxy settings. If there is a GSettings proxy settings schema, Firefox will consume it. The GSettings proxy settings schema that was shipped by default was unused by other applications and broke Firefox's ability to use system proxy settings. This update removes the unused schema. Various other issues were also addressed.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2012-0455, CVE-2012-0457, CVE-2012-0456, CVE-2012-0451, CVE-2012-0458, CVE-2012-0459, CVE-2012-0460, CVE-2012-0462, CVE-2012-0464
SHA-256 | 07e1cf6fd8987b086263aacb60563d76b5fd0d0116bf4c2083136d6fc4896fd2
Debian Security Advisory 2455-1
Posted Apr 20, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2455-1 - Helmut Hummel of the typo3 security team discovered that typo3, a web content management system, is not properly sanitizing output of the exception handler. This allows an attacker to conduct cross-site scripting attacks if either third-party extensions are installed that do not sanitize this output on their own or in the presence of extensions using the extbase MVC framework which accept objects to controller actions.

tags | advisory, web, xss
systems | linux, debian
advisories | CVE-2012-2112
SHA-256 | 47c42962916e4199be3819f88b30e724d5de0dc112811ab11be528a7445fd133
Debian Security Advisory 2454-1
Posted Apr 20, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2454-1 - Multiple vulnerabilities have been found in OpenSSL. Ivan Nestlerode discovered a weakness in the CMS and PKCS #7 implementations that could allow an attacker to decrypt data via a Million Message Attack (MMA). It was discovered that a NULL pointer could be dereferenced when parsing certain S/MIME messages, leading to denial of service. Tavis Ormandy, Google Security Team, discovered a vulnerability in the way DER-encoded ASN.1 data is parsed that can result in a heap overflow.

tags | advisory, denial of service, overflow, vulnerability
systems | linux, debian
advisories | CVE-2012-0884, CVE-2012-1165, CVE-2012-2110
SHA-256 | 825c0a8ae8ea8fbf2a20faf45cd58f27b84d9a4a1fa4c787cb05063d8a84342e
Vermont Web Design SQL Injection
Posted Apr 20, 2012
Authored by Th4 MasK

Vermont Web Design suffers from a remote SQL injection vulnerability.

tags | exploit, remote, web, sql injection
SHA-256 | df0a4f4d910164bf6222aaea80a1419b254f1e39809f15338b5af3c612bceef1
Secunia Security Advisory 48927
Posted Apr 20, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in the Download Manager plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | 21c5c47de8c72653177f65ab6af5cc82467a8b1be235930dff2d4911ca3bb43c
Secunia Security Advisory 48904
Posted Apr 20, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in ReadyDesk, which can be exploited by malicious people to conduct script insertion attacks.

tags | advisory, vulnerability
SHA-256 | db69da7634774c7d34b6d0f9da83a9ad4c9d93e03f550b057209111e2ea4a086
Secunia Security Advisory 48856
Posted Apr 20, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - luks has discovered a vulnerability in ownCloud, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
SHA-256 | 4be4fd05355b9bb508b48d89562fb04ac2962ce4d4025a666662151a53965451
Secunia Security Advisory 48857
Posted Apr 20, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Oracle BI Publisher, which can be exploited by malicious people to manipulate certain data.

tags | advisory
SHA-256 | 8cf1bcb5d2730d1a3057ee5066232ff2f2605a89ea1190e31f481827cfdd6269
Secunia Security Advisory 48882
Posted Apr 20, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Oracle PeopleSoft Enterprise PeopleTools, which can be exploited by malicious, local users to gain escalated privileges, by malicious users to disclose potentially sensitive information, manipulate certain data, and compromise a vulnerable system, and by malicious people to manipulate certain data.

tags | advisory, local, vulnerability
SHA-256 | ea141f72621fcdfedbdd4989709343ddfce2384857ccaa15c89fb90ce3c00efb
Secunia Security Advisory 48877
Posted Apr 20, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Oracle PeopleSoft Human Capital Management, which can be exploited by malicious users to disclose potentially sensitive information.

tags | advisory
SHA-256 | 8a6a90a23ae76e2eb39075f0588093d23a80a72cb05cea6b6cbef06e7af83c5c
Secunia Security Advisory 48858
Posted Apr 20, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Oracle Identity Manager Connector for Database User Management, which can be exploited by malicious users to manipulate certain data.

tags | advisory
SHA-256 | 5d4de1b8bdc2499c7b5da4f6ca7e8e1bd88337b6b5bc4484cffdd204af8ee9a3
Secunia Security Advisory 48826
Posted Apr 20, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in Oracle Grid Engine, which can be exploited by malicious, local users to gain escalated privileges and by malicious users to compromise a vulnerable system.

tags | advisory, local, vulnerability
SHA-256 | 9876c7286369b683052754c182e524ef1469ad87f1cbed3c1a7af87e306f915b
Gilbert Life SQL Injection
Posted Apr 20, 2012
Authored by Th4 MasK

Gilbert Life suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 185a8845c7068f68e5c9a9498777f28fb2f62d57b17786b5199b27566a8701fa
Park Road SQL Injection
Posted Apr 20, 2012
Authored by Th4 MasK

Park Road suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 30cbce2f949fe51664142fd4f95a2c1a0e3769f1081c52f9b25692a7b0c5afe0
OpenSSL Toolkit 1.0.1a
Posted Apr 20, 2012
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: Overflow in asn1_d2i_read_bio has been addressed. Various other updates.
tags | encryption, protocol
systems | unix
advisories | CVE-2012-2110
SHA-256 | d3487e09d891c772cf946273a3bb0ca47479e7941be6d822274320e7cfcc361b
OpenSSL ASN1 BIO Vulnerability
Posted Apr 20, 2012
Site openssl.org

A potentially exploitable vulnerability has been discovered in the OpenSSL function asn1_d2i_read_bio. Affected users should upgrade to OpenSSL 1.0.1a, 1.0.0i or 0.9.8v.

tags | advisory
advisories | CVE-2012-2110
SHA-256 | 19a189a52d6c63bf422db1606db5993ec020026350a0b59f7242e863b2d619ba
Page 1 of 2
Back12Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close