|
|
Colapse all |
Post message
Multiple Sql injection, and multiple XSS vulnerabilities in Easy Community Management System Forum (E-XOOPS) 2005-03-28 dcrab hackerscenter com Dcrab 's Security Advisory http://icis.digitalparadox.org/~dcrab http://www.hackerscenter.com/ Severity: High Title: Multiple Sql injection, and multiple XSS vulnerabilities in Easy Community Management System Forum (E-XOOPS) Date: March 28, 2005 Summary: There are multiple sql injection, xss [ more ] [ reply ] directory traversal in FastStone 4in1 Browser 1.2 2005-03-29 Donato Ferrante (fdonato autistici org) [USN-102-1] shar vulnerabilities 2005-03-29 Martin Pitt (martin pitt canonical com) =========================================================== Ubuntu Security Notice USN-102-1 March 29, 2005 sharutils vulnerabilities http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=242597 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=265904 ================================================= [ more ] [ reply ] [SECURITY] [DSA 699-1] New netkit-telnet-ssl packages fix arbitrary code execution 2005-03-29 joey infodrom org (Martin Schulze) [SECURITY] [DSA 698-1] New mc packages fix buffer overflow 2005-03-29 joey infodrom org (Martin Schulze) DoS of LAN via D-Link switches 2005-03-29 Frank Bures (lisfrank chem toronto edu) (1 replies) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 D-Link switch Model: DSS-16+ When user connects the same patch cable to two ports of the switch, the switch will ultimately bring down hierarchically higher branches of the LAN. We have this D-link local switch connected to a 3COM 3300 family switch. [ more ] [ reply ] phishing sites report - March/2005 2005-03-28 Gadi Evron (gadi tehila gov il) (1 replies) Below is a periodic public report from the Malicious Websites and Phishing research and mitigation mailing list (a sub-group of the drone armies / botnets research and mitigation mailing list). For this report it should be noted that we base our analysis on the data we have accumulated from variou [ more ] [ reply ] Multiple XSS issues in Sun AnswerBook2 2005-03-28 B00B00 (ptt btinternet com) PTT SECURITY ADVISORY DATE: 08-02-2005 AUTHOR: THOMAS LIAM ROMANIS CURRENT EMPLOYER: Echelon Ltd VENDOR: Sun PRODUCT: Sun AnswerBook2 VERSION(S) TESTED: 1.4.4 on Solaris 8.0 (Sparc) TITLE: Multiple issues in Sun Answerbook2 [Full Disclosure]. Summary. A number of issues have been identified in S [ more ] [ reply ] RE: Re: Symantec Antivirus client locally created scheduled scan is not running if the local console is logged off 2005-03-28 Eitan Caspi (eitancaspi yahoo com) Hi John, Thank you for this important information. Well, I've looked into this and you are perfectly correct about the actual behavior (and my apologies to Bone Machine - you were right, buddy, and I was wrong!): Local scheduled scans are saved under HKEY_CURRENT_USER\Software\Intel\LANDesk\VirusP [ more ] [ reply ] Multiple Sql injection, and multiple XSS vulnerabilities in Photopost PHP Pro Photo Gallery Software 2005-03-28 dcrab hackerscenter com Dcrab 's Security Advisory http://icis.digitalparadox.org/~dcrab http://www.hackerscenter.com/ Severity: High Title: Multiple Sql injection, and multiple XSS vulnerabilities in Photopost PHP Pro Photo Gallery Software. Date: March 29, 2005 Summary: There are multiple sql injection, xss vulner [ more ] [ reply ] Multiple XSS vulnerabilities in ACS Blog 2005-03-28 Dan Crowley (dan crowley gmail com) These vulnerabilities have been tested on the latest version of ACS Blog. (v1.1.1) In the comments section of ACS Blog, it is possible to execute an XSS attack through the [link], [mail], and [img] tags, due to lack of filtering of single quotes and spaces inside the tags. Examples/PoCs: [link= [ more ] [ reply ] [USN-101-1] telnet vulnerabilities 2005-03-28 Martin Pitt (martin pitt canonical com) =========================================================== Ubuntu Security Notice USN-101-1 March 28, 2005 netkit-telnet vulnerabilities CAN-2004-0911, CAN-2005-0469 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 4.1 [ more ] [ reply ] Multiple Sql injection, and multiple XSS vulnerabilities in Easy Community Management System Forum (E-XOOPS) 2005-03-27 dcrab hackerscenter com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Dcrab 's Security Advisory http://icis.digitalparadox.org/~dcrab http://www.hackerscenter.com/ Severity: High Title: Multiple Sql injection, and multiple XSS vulnerabilities in Easy Community Management System Forum (E-XOOPS) Date: March 28, 2005 [ more ] [ reply ] local root security bug in linux >= 2.4.6 <= 2.4.30-rc1 and 2.6.x.y <= 2.6.11.5 2005-03-27 advisories (advisories suresec org) Multiple Sql injection, and multiple XSS vulnerabilities in Photopost PHP Pro Photo Gallery Software. 2005-03-28 dcrab hackerscenter com Dcrab 's Security Advisory http://icis.digitalparadox.org/~dcrab http://www.hackerscenter.com/ Severity: High Title: Multiple Sql injection, and multiple XSS vulnerabilities in Photopost PHP Pro Photo Gallery Software. Date: March 29, 2005 Summary: There are multiple sql injection, xss vulner [ more ] [ reply ] Multiple sql injection, and xss vulnerabilities in Vladersoft Shopping Cart v.3.0 2005-03-27 dcrab hackerscenter com Dcrab 's Security Advisory http://icis.digitalparadox.org/~dcrab http://www.hackerscenter.com/ Severity: High Title: Multiple sql injection, and xss vulnerabilities in Vladersoft Shopping Cart v.3.0 Date: March 27, 2005 Summary: There are multiple sql injection, xss vulnerabilities in the Vla [ more ] [ reply ] Buffer-overflow in Tincat 2 minor than 2.0.28 (Sacred, Settlers 5 and others) 2005-03-28 Luigi Auriemma (aluigi autistici org) [ GLSA 200503-34 ] mpg321: Format string vulnerability 2005-03-28 Sune Kloppenborg Jeppesen (jaervosz gentoo org) [CLA-2005:942] Conectiva Security Announcement - ethereal 2005-03-28 Conectiva Updates (secure conectiva com br) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ -- CONECTIVA LINUX SECURITY ANNOUNCEMENT - ------------------------------------------------------------------------ -- PACKAGE : ethereal SUMMARY : Fixes for security vulnera [ more ] [ reply ] iDEFENSE Security Advisory 03.28.05: Multiple Telnet Client slc_add_reply() Buffer Overflow Vulnerability 2005-03-28 iDEFENSE Labs (labs-no-reply idefense com) (1 replies) Multiple Telnet Client slc_add_reply() Buffer Overflow Vulnerability iDEFENSE Security Advisory 03.28.05 www.idefense.com/application/poi/display?id=220&type=vulnerabilities March 28, 2005 I. BACKGROUND The TELNET protocol allows virtual network terminals to be connected to over the internet. The [ more ] [ reply ] Re: iDEFENSE Security Advisory 03.28.05: Multiple Telnet Client slc_add_reply() Buffer Overflow Vulnerability 2005-03-28 Solar Designer (solar openwall com) (1 replies) Re: iDEFENSE Security Advisory 03.28.05: Multiple Telnet Client slc_add_reply() Buffer Overflow Vulnerability 2005-03-29 Tavis Ormandy (taviso gentoo org) |
|
Privacy Statement |
Dcrab 's Security Advisory
http://icis.digitalparadox.org/~dcrab
http://www.hackerscenter.com/
Severity: Medium
Title: Multiple sql injection, and xss vulnerabilities in AspApp.
Date: March 30, 2005
Vendor: AspApp
Vendor site: http://www.localhost
Summary:
There are multiple sql injection, xs
[ more ] [ reply ]