|
|
Colapse all |
Post message
ContentBoxx Login.php Cross-Site Scripting 2006-04-19 botan linuxmail org Website : http://www.contentboxx.info/en/ Author : Botan Description: Web Content Management ContentBoxX is a professional software upon which the production of editorial systems, used in the maintenance of Internet and Intranet offers, are based. ContentBoxX is suited for use in demanding Web s [ more ] [ reply ] Cisco Security Advisory: Multiple Vulnerabilities in the WLSE Appliance 2006-04-19 Cisco Systems Product Security Incident Response Team (psirt cisco com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Multiple Vulnerabilities in the WLSE Appliance Advisory ID: cisco-sa-20060419-wlse http://www.cisco.com/warp/public/707/cisco-sa-20060419-wlse.shtml Revision 1.0 For Public Release 2006 April 19 1500 UTC (GMT) - ----------- [ more ] [ reply ] RechnungsZentrale V2 - SQL injection and Remote PHP inclusion vulnerabilities 2006-04-19 info g-0 org Multiple vulnerabilities in Linux based Cisco products 2006-04-19 assurance.com.au advisories+cisco200604 (at) assurance.com (dot) au [email concealed] (advisories+cisco200604 assurance com au) Assurance.com.au - Vulnerability Advisory ----------------------------------------------- Release Date: 19-Apr-2006 Software: Cisco Wireless Lan Solution Engine (WLSE) Cisco Hosting Solution Engine (HSE) Cisco Ethernet Subscriber Solution Engine (ESSE) Cisco User Registration Tool (URT) Cisc [ more ] [ reply ] Re: Multiple vulnerabilities in Linux based Cisco products 2006-04-19 Ilker Temir (itemir cisco com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 This is Cisco PSIRT's response to the privilege escalation vulnerability independently announced by Adam Pointon of Assurance.com.au and Mathieu Pepin of Axen Consulting. We would like to thank both Adam and Mathieu for bringing this issue to our attent [ more ] [ reply ] [security bulletin] HPSBUX02108 SSRT061133 rev.7 - HP-UX running Sendmail, Remote Execution of Arbitrary Code 2006-04-19 security-alert hp com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c00629555 Version: 7 HPSBUX02108 SSRT061133 rev.7 - HP-UX running Sendmail, Remote Execution of Arbitrary Code NOTICE: The information in this Security Bulletin should be acted upon as soon as po [ more ] [ reply ] Re: Path Disclosure and Arbitrary File Read Vulnerability in SLAB5000 2006-04-19 office slabmedia com Cisco Security Advisory: Cisco IOS XR MPLS Vulnerabilities 2006-04-19 Cisco Systems Product Security Incident Response Team (psirt cisco com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Cisco IOS XR MPLS Vulnerabilities Advisory ID: cisco-sa-20060419-xr http://www.cisco.com/warp/public/707/cisco-sa-20060419-xr.shtml Revision 1.0 For Public Release 2006 April 19 1500 UTC (GMT) - ---------------------------- [ more ] [ reply ] XSS Vulnerability in Guest-book script powered by Community Architect 2006-04-19 susam pal gmail com [This document is best seen with Font: Verdana Size: 9pt] Advisory Name =========== XSS Vulnerability in Guest-book script powered by Community Architect Vulnerable Systems ============== Sites providing web-hosting service powered by Community Architect. Found By ======= Susam Pal Found On ==== [ more ] [ reply ] Oracle 10g 10.2.0.2.0 DBA exploit 2006-04-19 putosoft softputo (hasecorp hotmail com) /* * Fucking NON-0 day($) exploit for Oracle 10g 10.2.0.2.0 * * Patch your database now! * * by N1V1Hd $3c41r3 * */ CREATE OR REPLACE PACKAGE MYBADPACKAGE AUTHID CURRENT_USER IS FUNCTION ODCIIndexGetMetadata (oindexinfo SYS.odciindexinfo,P3 VARCHAR2,p4 VARCHAR2,env SYS.odcienv) RETURN NUMBE [ more ] [ reply ] [MajorSecurity]ActualAnalyzer - Remote File Include Vulnerability 2006-04-19 admin majorsecurity de [MajorSecurity]ActualAnalyzer - Remote File Include Vulnerability ----------------------------------------------------------- Software: ActualAnalyzer Type: Remote File Include Vulnerability Date: April, 19th 2006 Vendor: ActualScripts Page: http://actualscripts.com Risc: High Credits: ---------- [ more ] [ reply ] SQL Injection in package SYS.DBMS_LOGMNR_SESSION 2006-04-18 ak red-database-security com SQL Injection in package SYS.DBMS_LOGMNR_SESSION Name SQL Injection in package SYS.DBMS_LOGMNR_SESSION Systems Affected Oracle Database Severity Medium Risk Category SQL Injection (DB06) Vendor URL http://www.oracle.com/ Author Alexander Kornbrust (ak at red-database-security.com) Advisory 1 [ more ] [ reply ] [eVuln] N.T. Version 1.1.0 XSS and PHP Code Insertion Vulnerabilities 2006-04-19 alex evuln com New eVuln Advisory: N.T. Version 1.1.0 XSS and PHP Code Insertion Vulnerabilities http://evuln.com/vulns/121/summary.html --------------------Summary---------------- eVuln ID: EV0121 CVE: CVE-2006-1657 CVE-2006-1658 Vendor: Chucky A. Ivey Software: N.T. Sowtware's Web Site: http://www.v-gfx.net/ Ve [ more ] [ reply ] FreeBSD Security Advisory FreeBSD-SA-06:14.fpu 2006-04-19 FreeBSD Security Advisories (security-advisories freebsd org) CuteNews 1.4.1 <= Cross Site Scripting 2006-04-18 sn4k3 23 gmail com // CuteNews 1.4.1 <= Cross Site Scripting // ----------------------------------------------------------------- [~] Advisory by: LoK-Crew ~ Snake_23 [-] Exploit: http://www.example.com/index.php?mod=editnews&action=editnews&id=1145397 112&source=[XSS] [-] Googledork: Powered by CuteNews 1.4.1 [+ [ more ] [ reply ] [Symantec Security Advisory] LiveUpdate for Macintosh Local Privilege Escalation 2006-04-18 Secure symantec com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Title: Symantec LiveUpdate for Macintosh Local Privilege Escalation Threat: Moderate Impact: Local Privilege Escalation Product: LiveUpdate for Macintosh Situation Overview: Some components of Symantecs LiveUpdate for Macintosh do not set their e [ more ] [ reply ] [KAPDA::#41] - Mambo/Joomla rss component vulnerability 2006-04-18 alireza hassani (trueend5 yahoo com) KAPDA New advisory Mambo website : http://www.mamboserver.com Bug: Path Disclosure & Remote Denial Of Service Exploitation: Remote with browser Exploit: available Description: -------------------- Mambo is a feature-rich dynamic portal engine/content management tool capable of building sites from [ more ] [ reply ] Multiple critical and high risk issues in Oracle's database server 2006-04-18 NGSSoftware Insight Security Research (nisr nextgenss com) David Litchfield of NGSSoftware has discovered multiple critical and high risk vulnerabilities in Oracle's Database Server. Versions affected include Oracle Database 10g Release 2, versions 10.2.0.1, 10.2.0.2 Oracle Database 10g Release 1, versions 10.1.0.4, 10.1.0.5 Oracle9i Database Release 2, v [ more ] [ reply ] blur6ex Local File Inclusion and SQL injection . 2006-04-17 h e (het_ebadi yahoo com) blur6ex Local File Inclusion and SQL injection . A blog and simple content engine. Supports many features found in larger systems such as CSS layouts, RSS feeds, comments, trackbacks, categories, archives, drafts, searching MMS posting, and a multi-user permissions system. Still in development and [ more ] [ reply ] Re: gcc 4.1 bug miscompiles pointer range checks, may place you at risk 2006-04-18 jat-public01 jaet org Are you certain that should fail? (unsigned long)-1 is a word with all bits set (on a twos-complement machine), so I believe the result should be undefined with regard to overflow adding a pointer. It certainly seems reasonable for a compiler to optimize away a test for a pointer in the range of p [ more ] [ reply ] |
|
Privacy Statement |
# by n0m3rcy
# Copyright (c) 2006 n0m3rcy <n0m3rcy (at) bsdmail (dot) org [email concealed]>
# Exploit:
i) in the Already have an account?
ia) Account name: <script>alert(1)</script>
ib) Password: <script>alert(1)</script>
# Shoutz:
cijfer , dag , devil-00 , q-ex and all my
[ more ] [ reply ]