SecurityFocus

[eVuln] RedCMS Multiple XSS and SQL Injection Vulnerabilities 2006-04-13
alex evuln com

New eVuln Advisory:
RedCMS Multiple XSS and SQL Injection Vulnerabilities
http://evuln.com/vulns/115/summary.html

--------------------Summary----------------
eVuln ID: EV0115
CVE: CVE-2006-1568 CVE-2006-1569
Software: RedCMS
Sowtware's Web Site: http://redcms.co.uk/
Versions: 0.1
Critical Level: Mo

[ more ] [ reply ]

Re: RE: IBM 2006-04-13
Juha-Matti Laurio (juha-matti laurio netti fi)

This information is correct and the first address security-alert [at] austin.ibm.com mentioned is a primary reporting address.
This address is located at OSVDB Vendor database too;
http://www.osvdb.org/vendor_dict.php?section=vendor&id=1215&c=I
listed as International Business Machines Corporation

[ more ] [ reply ]

ZDI-06-008: Novell GroupWise Messenger Accept-Language Buffer Overflow 2006-04-13
zdi-disclosures 3com com

ZDI-06-008: Novell GroupWise Messenger Accept-Language Buffer Overflow
http://www.zerodayinitiative.com/advisories/ZDI-06-008.html
April 13, 2006

-- CVE ID:
CVE-2006-0092

-- Affected Vendor:
Novell

-- Affected Products:
Novell GroupWise Messenger 2

-- TippingPoint(TM) IPS Customer Protection:
Ti

[ more ] [ reply ]

SaphpLesson 2.0 (forumid) Remote SQL Injection Exploit 2006-04-12
selfar2002 hotmail com

------------------------------------------------------------------------
---
SaphpLesson 2.0 (forumid) Remote SQL Injection Exploit
------------------------------------------------------------------------
---
Discovered By SnIpEr_SA
Author : SnIpEr_SA
Exploit in Perl : http://www.milw0rm.com/explo

[ more ] [ reply ]

MyBB 1.10 New CrossSiteScripting ' member.php ' 2006-04-12
o y 6 hotmail com

//-- MyBB 1.10 New CrossSiteScripting ' member.php ' --//

Webattack :-
/mybb/member.php?action=do_login&username=[usrname]&password=[pass]&url=
"><script>alert(1);</script>

//-- FixIT --//

Open member.php
GoTo Line :- 1030 ..

if($mybb->input['url'])
{
redirect($mybb->input['

[ more ] [ reply ]

Re: Jupiter CMS <= 1.1.5 multiple XSS attack vectors. 2006-04-12
anonss anonaa com

The problem has been fixed, and now all bbcode is filtered before it is posted

[ more ] [ reply ]

phpMyAdmin 2.7.0-pl1 2006-04-12
kr4ch web de

App: phpMyAdmin 2.7.0-pl1
Advistory by: p0w3r
Exploit: /phpmyadmin/sql.php?lang=de-utf-8&server=1&collation_connection=utf8_gen
eral_ci&db=fu&table=fu&goto=tbl_properties_structure.php&back=tbl_proper
ties_structure.php&sql_query=[XSS]
Example: /phpmyadmin/sql.php?lang=de-utf-8&server=1&collation_conn

[ more ] [ reply ]

Re: IBM 2006-04-12
stend us ibm com

Hello,

For IBM Tivoli products, http://www-306.ibm.com/software/sysmgmt/products/support/Tivoli_Proactiv
e_Notification.html contains our contact information. I'm not certain of the contact points for the other brands, but if you report involves one of them, we will ensure that the report is provid

[ more ] [ reply ]

Re: Confixx 3.1.2 <= SQL Injection 2006-04-13
iovdin swsoft com

hotfixes has been released
http://www.swsoft.com/en/download/confixx/confixx31

http://download1.swsoft.com/Confixx/security_hotfix/release_notes.txt

[ more ] [ reply ]

RE: IBM 2006-04-12
Michael Scheidell (scheidell secnap net)

Try:

security-alert (at) austin.ibm (dot) com [email concealed] and
cert (at) us.ibm (dot) com [email concealed]

(these are in the US, not sure if they segment responsibility)
--
Michael Scheidell, CTO
561-999-5000, ext 1131
SECNAP Network Security Corporation
Keep up to date with latest information on IT security: Real time
security alerts: http://www.

[ more ] [ reply ]

Recon 2006: speaker lineup announcement 2006-04-13
Recon (hfortier recon cx)

RECON 2006 - http://recon.cx
Montreal, Quebec, Canada
16 - 18 June 2006

We are pleased to announce the final speaker lineup selection for the RECON conference.

RECON is a computer security conference being held in Montreal.
The conference offers a single track of presentations over the span of thr

[ more ] [ reply ]

MyBB 1.10 New XSS ' member.php ' 2006-04-12
o y 6 hotmail com

//-- MyBB 1.10 New XSS ' member.php ' --//

Webattack :-
1- Logout
2- Open Firefox
3- Use [ Live HTTP Headers ]
4- Do Register
5- Agree It
6- Edit Cookies By Live HTTP Headers
7- Add This Cookies :D
mybb[referrer]="></input><b>HTML</b><input>;

//-- FixIT --//

Open me

[ more ] [ reply ]

RevoBoard [email] tag XSS 2006-04-13
r0xes ratm gmail com

Revoboard (php) is based on an earlier version of PunBB.
I know for sure that this affects v1.8.

The email tag parser obsfucates emails to stop harvesters. To execute code, do this:
[php]
$code = '\'" onMouseover="javascript:alert(/xss/)">';
for($a=0;$a<strlen($code);$a++){
$c = ord(substr($c

[ more ] [ reply ]

Re: Multiple vulnerabilities in Blur6ex 2006-04-13
Steven M. Christey (coley mitre org)

The XSS issue in the shard parameter appears to be resultant from a
more serious file inclusion vulnerability. This is the kind of
diagnosis error that I have mentioned in the past [1].

Notice that the error message shows that it took the "shard" parameter
and directly inserted it into a filename

[ more ] [ reply ]

phpWebSite 0.10.? (topics.php) Remote SQL Injection Exploit 2006-04-12
selfar2002 hotmail com

------------------------------------------------------------------------
---
phpWebSite <= 0.10.? (topics.php) Remote SQL Injection Exploit
------------------------------------------------------------------------
---
Discovered By SnIpEr_SA
Author : SnIpEr_SA
Exploit in Perl : http://www.milw0rm.co

[ more ] [ reply ]

[BuHa-Security] Multiple Vulnerabilities in MS IE 6.0 SP2 2006-04-12
bugtraq morph3us org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160

Multiple Vulnerabilities in MS IE 6.0 SP2

Recently, I discovered three vulnerabilities in Microsoft Internet
Explorer 6 SP2 with all patches applied. All of these bugs are located
in `mshtml.dll' and are caused by incorrect handling of specially
c

[ more ] [ reply ]

Remote File Inclusion in VBulletin ImpEx 2006-04-12
dr jr7 hotmail com

Remote File Inclusion in VBulletin ImpEx

Date :

12 / 4 / 2006

Software :

VBulletin ImpEx

version :

VBulletin 3.5.1
VBulletin 3.5.2
VBulletin 3.5.4

The bug reside in :

ImpExModule.php
ImpExController.php
ImpExDisplay.php

Exploit :

(1)
www.site.com/forum/impex/ImpExModule.php?syst

[ more ] [ reply ]

TalentSoft Web+Shop Path Disclosure 2006-04-13
revnic gmail com

TalentSoft Web+Shop Path Disclosure

Software: Web+Shop
Version: 5.3.6
Website: http://www.webplus.com
Bug: path disclosure
Exploitation: Remote

Description:
Web+Shop is a user-friendly e-commerce shopping cart application for the web.

Vulnerability:
Web+Shop installation path can be disclosed by

[ more ] [ reply ]

[BuHa-Security] Stack Based Buffer Overflow Vulnerability in Amaya 9.4 #2 2006-04-12
bugtraq morph3us org

QuickBlogger v1.4 Cross-Site Scripting 2006-04-12
botan linuxmail org

Website : www.jlwebworks.net [closed]

Attacking method XSS

http://www.site.com[path]/acc.phprequest=<script>alert(document.cookie)<
/script>

Patriotic Hackers

irc.gigachat.net #kurdhack

Viva Kurdistan!

[ more ] [ reply ]

[BuHa-Security] Stack Based Buffer Overflow Vulnerability in Amaya 9.4 2006-04-12
bugtraq morph3us org

SEC Consult SA-20060314 :: Opera Browser CSS Attribute Integer Wrap / Buffer Overflow 2006-04-13
Bernhard Mueller (research sec-consult com)

SEC-CONSULT Security Advisory 20060413-0
========================================
title: Opera Browser CSS Attribute Integer Wrap /
Buffer Overflow
program: Opera
vulnerable version: <= 8.52
homepage: www.opera.com
found: 2006-0

[ more ] [ reply ]

[BuHa-Security] DoS Vulnerability in Firefox 1.5.0.1 2006-04-12
bugtraq morph3us org

[eVuln] qliteNews SQL Injection Vulnerability 2006-04-13
alex evuln com

New eVuln Advisory:
qliteNews SQL Injection Vulnerability
http://evuln.com/vulns/114/summary.html

--------------------Summary----------------
eVuln ID: EV0114
CVE: CVE-2006-1571
Vendor: r2xDesign.net
Vendor's Web Site: http://www.r2xdesign.net/
Software: qliteNews
Versions: 2005.07.01
Critical Leve

[ more ] [ reply ]

SimpleBBS v1.1(posts.php) remote command execution 2006-04-12
stormhacker hotmail com

[W]orld [D]efacers Team
======================================
--------------------Summary----------------
eVuln ID: WD10
Vendor: SimpleBBS
Vendor's Web Site: www.simplemedia.org
Software: SimpleBBS Forums
Sowtware's Web Site: www.simplemedia.org
Versions: v1.1 v 1.0.*
Class: Remote
PoC/Exploit: Av

[ more ] [ reply ]

Windows Help Heap Overflow 2006-04-13
c0ntexb gmail com

/*
************************************************************************
*****************************************
$ An open security advisory #15 - Windows Help Heap Overflow
************************************************************************
*****************************************
1:

[ more ] [ reply ]

Re: phpWebsite <= SQL Injection (friend.php) & (article.php) 2006-04-13
shaun aegisdesign co uk

This report incorrectly states that all versions up to the current version are vulnerable. The files used by the exploit were only present in phpWebSite up to version 0.83 which was released in 2002.

v0.9x and later are not vulnerable.

[ more ] [ reply ]

Secunia Research: Adobe Document Server for Reader ExtensionsMultiple Vulnerabilities 2006-04-13
Secunia Research (vuln-remove secunia com)

======================================================================

Secunia Research 13/04/2006

Adobe Document Server for Reader Extensions Multiple Vulnerabilities

======================================================================
Table of Contents

Affected Softwar

[ more ] [ reply ]