|
|
Prev week |
Colapse all |
Post message
LFI Vulnerability in 1024cms Admin Control Panel v1.1.0 Beta (Master-cPanel Package) 2011-04-07 by_argos hotmail com XSS Vulnerability in 1024cms Admin Control Panel v1.1.0 Beta (Master-cPanel Package) 2011-04-07 by_argos hotmail com ======================================================================== ==================================== 1024cms Admin Control Panel v1.1.0 Beta (Master-cPanel Package) - Cross-Site Scripting Vulnerability ======================================================================== =============== [ more ] [ reply ] Directory Traversal Vulnerability in 1024cms Admin Control Panel v1.1.0 Beta (Complete-Modules Package) 2011-04-07 by_argos hotmail com ======================================================================== ===================================== 1024cms Admin Control Panel v1.1.0 Beta (Complete-Modules Package) - Directory Traversal Vulnerability ======================================================================== ============ [ more ] [ reply ] LFI Vulnerability in 024cms Admin Control Panel v1.1.0 Beta (Complete-Modules Package) 2011-04-07 by_argos hotmail com ======================================================================== ===================================== 1024cms Admin Control Panel v1.1.0 Beta (Complete-Modules Package) - Local File Include Vulnerability ======================================================================== ============= [ more ] [ reply ] XSS Vulnerabilities in 1024cms Admin Control Panel v1.1.0 Beta 2011-04-07 by_argos hotmail com ======================================================================== ======================================== 1024cms Admin Control Panel v1.1.0 Beta (Complete-Modules Package) - Cross-Site Scripting Vulnerability ======================================================================== ======== [ more ] [ reply ] phplist: cross site request forgery (CSRF), CVE-2011-0748 2011-04-07 Hanno Böck (hanno hboeck de) phplist: cross site request forgery (CSRF), CVE-2011-0748 References http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2748 http://int21.de/cve/CVE-2011-0748-phplist.html Description phplist is a mailing list software written in PHP. Up to version 2.10.12, it provided no protection against [ more ] [ reply ] O2 classic router: persistent cross site scripting (XSS) and cross site request forgery (CSRF) 2011-04-07 Hanno Böck (hanno hboeck de) O2 classic router: persistent cross site scripting (XSS) and cross site request forgery (CSRF) References http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1482 http://int21.de/cve/CVE-2011-0746-o2-router.html Description The default DSL router shipped by the german company O2 is completely [ more ] [ reply ] HTB22916: XSRF (CSRF) in phpCollab 2011-04-07 advisory htbridge ch Vulnerability ID: HTB22916 Reference: http://www.htbridge.ch/advisory/xsrf_csrf_in_phpcollab.html Product: phpCollab Vendor: phpCollab Team ( http://www.php-collab.org/ ) Vulnerable Version: 2.5 and probably prior versions Vendor Notification: 24 March 2011 Vulnerability Type: CSRF (Cross-Site Req [ more ] [ reply ] HTB22917: XSS vulnerabilities in phpCollab 2011-04-07 advisory htbridge ch Vulnerability ID: HTB22917 Reference: http://www.htbridge.ch/advisory/xss_vulnerabilities_in_phpcollab.html Product: phpCollab Vendor: phpCollab Team ( http://www.php-collab.org/ ) Vulnerable Version: 2.5 and probably prior versions Vendor Notification: 24 March 2011 Vulnerability Type: Stored XSS [ more ] [ reply ] HTB22920: Path disclosure in Viscacha 2011-04-07 advisory htbridge ch Vulnerability ID: HTB22920 Reference: http://www.htbridge.ch/advisory/path_disclosure_in_viscacha.html Product: Viscacha Vendor: MaMo Net ( http://www.viscacha.org ) Vulnerable Version: 0.8.1 Vendor Notification: 24 March 2011 Vulnerability Type: Path disclosure Risk level: Low Credit: High-Tech [ more ] [ reply ] HTB22915: Path disclosure in Joomla 2011-04-07 advisory htbridge ch Vulnerability ID: HTB22915 Reference: http://www.htbridge.ch/advisory/path_disclosure_in_joomla.html Product: Joomla Vendor: http://www.joomla.org/ ( http://www.joomla.org/ ) Vulnerable Version: 1.6.1 Vendor Notification: 24 March 2011 Vulnerability Type: Path disclosure Risk level: Low Credit: H [ more ] [ reply ] HTB22919: Multiple XSS in Viscacha 2011-04-07 advisory htbridge ch Vulnerability ID: HTB22919 Reference: http://www.htbridge.ch/advisory/multiple_xss_in_viscacha.html Product: Viscacha Vendor: MaMo Net ( http://www.viscacha.org ) Vulnerable Version: 0.8.1 Vendor Notification: 24 March 2011 Vulnerability Type: XSS (Cross Site Scripting) Risk level: Medium Credit: [ more ] [ reply ] HTB22921: SQL Injection in Viscacha 2011-04-07 advisory htbridge ch Vulnerability ID: HTB22921 Reference: http://www.htbridge.ch/advisory/sql_injection_in_viscacha.html Product: Viscacha Vendor: MaMo Net ( http://www.viscacha.org ) Vulnerable Version: 0.8.1 Vendor Notification: 24 March 2011 Vulnerability Type: SQL Injection Risk level: High Credit: High-Tech Bri [ more ] [ reply ] HTB22918: Path disclosure in phpCollab 2011-04-07 advisory htbridge ch Vulnerability ID: HTB22918 Reference: http://www.htbridge.ch/advisory/path_disclosure_in_phpcollab.html Product: phpCollab Vendor: phpCollab Team ( http://www.php-collab.org/ ) Vulnerable Version: 2.5 and probably prior versions Vendor Notification: 24 March 2011 Vulnerability Type: Path disclosur [ more ] [ reply ] SEC Consult SA-20110407-0 :: Libmodplug ReadS3M Stack Overflow 2011-04-07 SEC Consult Vulnerability Lab (research sec-consult com) [USN-1106-1] NSS vulnerabilities 2011-04-06 Micah Gersten (micah canonical com) =========================================================== Ubuntu Security Notice USN-1106-1 April 06, 2011 nss vulnerabilities https://launchpad.net/bugs/741729 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 8 [ more ] [ reply ] [USN-1107-1] x11-xserver-utils vulnerability 2011-04-06 Marc Deslauriers (marc deslauriers canonical com) =========================================================== Ubuntu Security Notice USN-1107-1 April 06, 2011 x11-xserver-utils vulnerability CVE-2011-0465 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 8.04 LTS [ more ] [ reply ] [SECURITY] CVE-2011-1475 Apache Tomcat information disclosure 2011-04-06 Mark Thomas (markt apache org) CVE-2011-1475 Apache Tomcat information disclosure Severity: Important Vendor: The Apache Software Foundation Versions Affected: - Tomcat 7.0.0 to 7.0.11 - Earlier versions are not affected Description: Changes introduced to the HTTP BIO connector to support Servlet 3.0 asynchronous requests did [ more ] [ reply ] [SECURITY] CVE-2011-1183 Apache Tomcat security constraint bypass 2011-04-06 Mark Thomas (markt apache org) CVE-2011-1183 Apache Tomcat security constraint bypass Severity: Important Vendor: The Apache Software Foundation Versions Affected: - Tomcat 7.0.11 - Earlier versions are not affected Description: A regression in the fix for CVE-2011-1088 meant that security constraints were ignored when no log [ more ] [ reply ] Sonexis ConferenceManager SQL Injection 2011-04-06 robkraus solutionary com Vulnerability title: Sonexis ConferenceManager SQL Injection Solutionary ID: SERT-VDN-1006 Solutionary disclosure URL: http://www.solutionary.com/index/SERT/Vuln-Disclosures/Sonexis-SQL-Injec tion.html CVE ID: Pending CVSS risk rating: 8 Product: Sonexis ConferenceManager Application Ven [ more ] [ reply ] Sonexis ConferenceManager Multiple Cross-site Scripting (XSS) Vulnerabilities 2011-04-06 robkraus solutionary com Vulnerability title: Sonexis ConferenceManager Multiple Cross-site Scripting (XSS) Vulnerabilities Solutionary ID: SERT-VDN-1005 Solutionary disclosure URL: http://www.solutionary.com/index/SERT/Vuln-Disclosures/Sonexis-XSS-Vulne rabilities.html CVE ID: Pending CVSS risk rating: 3.9 Product [ more ] [ reply ] Re: AWCM v2.2 Auth Bypass Vulnerabilities 2011-04-05 security curmudgeon (jericho attrition org) Seems to be a duplicate of: http://www.exploit-db.com/exploits/9237/ CVE: 2009-3219 OSVDB-ID: 56336 From 2009-07-23 yes? On Tue, 16 Nov 2010, eidelweiss (at) windowslive (dot) com [email concealed] wrote: : ######################################################## : AWCM v2.2 Auth Bypass Vulnerabilities : ############## [ more ] [ reply ] Re: Multiple vulnerabilities in chCounter <= 3.1.3 2011-04-06 security curmudgeon (jericho attrition org) : Multiple vulnerabilities were found in web application chCounter <= 3.1.3. : : Author: : - Matias Fontanini(mfontanini (at) cert.unlp.edu (dot) ar [email concealed]). : : Requirements: : - Downloads must be enabled(this is not default). : - magic_quotes off. : - Access to administration site That is a lot of prerequisites [ more ] [ reply ] XSS Vulnerability in Redmine 1.0.1 to 1.1.1 2011-04-06 Netsparker Advisories (advisories mavitunasecurity com) Information -------------------- Name : XSS vulnerability in Redmine Software : all Redmine versions from 1.0.1 to 1.1.1 Vendor Homepage : http://www.redmine.org Vulnerability Type : Cross-Site Scripting Severity : High Researcher : Mesut Timur <mesut [at] mavitunasecurity [dot] com> Advisory [ more ] [ reply ] Re: [eVuln.com] Cookie Auth Bypass in Hot Links SQL 2011-04-06 security curmudgeon (jericho attrition org) : New eVuln Advisory: : Cookie Auth Bypass in Hot Links SQL : http://evuln.com/vulns/140/summary.html Already discovered and disclosed: http://www.exploit-db.com/exploits/8684/ Published: 2009-05-14 : -----------------------[ Summary ]------------------------- : eVuln ID: EV0140 : Software: H [ more ] [ reply ] Re: XSS in CompactCMS 2011-04-06 security curmudgeon (jericho attrition org) : Vulnerability ID: HTB22695 : Reference: http://www.htbridge.ch/advisory/xss_in_compactcms.html : Product: CompactCMS : Vendor: compactcms.nl ( http://www.compactcms.nl/ ) : Vulnerable Version: 1.4.1 : Vendor Notification: 04 November 2010 : Vulnerability Type: XSS (Cross Site Scripting) : Stat [ more ] [ reply ] [USN-1105-1] Linux kernel vulnerabilities 2011-04-05 Kees Cook (kees ubuntu com) =========================================================== Ubuntu Security Notice USN-1105-1 April 05, 2011 linux vulnerabilities CVE-2010-4075, CVE-2010-4076, CVE-2010-4077, CVE-2010-4158, CVE-2010-4162, CVE-2010-4163, CVE-2010-4164, CVE-2010-4242, CVE-2010-4258, CVE-2010-4346 ========= [ more ] [ reply ] |
|
Privacy Statement |
==================================
1024cms Admin Control Panel v1.1.0 Beta (Master-cPanel Package) - Local File Include Vulnerability
========================================================================
===================
[ more ] [ reply ]