[MajorSecurity Advisory #29]: foresite CMS - Cross Site Scripting Issue.
67c5eb94625e18e796eb0c8774cf4a63A SQL injection vulnerability has been found in the search.asp script of WebWizForum.
e0665e5d660d4a167c911b9b9803ec43Applications which fail to provide their own filtering on top of the inbuilt .NET request filtering may be vulnerable to XSS attacks. Provided that a web application solely relies on .NET request filtering before echoing input back to the web browser, it is possible to inject scripting code and successfully launch XSS attacks by submitting a specially crafted request.
727743247e8a0816664f4081cab1a83eSecunia Security Advisory - Some vulnerabilities have been reported in Free File Hosting, which can be exploited by malicious people to compromise a vulnerable system.
571b2e3bfb982378645312220c6125bdSecunia Security Advisory - ajann has reported a vulnerability in Techno Dreams Announcement, which can be exploited by malicious people to conduct SQL injection attacks.
4829a07e2a07b5e1641218de20397006Secunia Security Advisory - ajann has reported a vulnerability in Techno Dreams Guestbook, which can be exploited by malicious people to conduct SQL injection attacks.
cb4c261161359466a4a8ddecb5ba53abSecunia Security Advisory - Greg Linares has discovered some vulnerabilities in Easy File Sharing Web Server, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to disclose sensitive information.
34934e4f860ee1511451c449f0b0fdf0Secunia Security Advisory - Mandriva has issued an update for ImageMagick. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
249bc1f7fc2cb19f918a3615e1a7cbdeSecunia Security Advisory - Mandriva has issued an update for postgresql. This fixes some vulnerabilities, which can be exploited by malicious users to cause a DoS (Denial of Service).
df8284fe536b96ee744d994ecbfa52f9Secunia Security Advisory - Some vulnerabilities have been reported in various Informix Products, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
7e88f81cfbbc025a4f2ae6f397198adeSecunia Security Advisory - Nms has discovered a vulnerability in PunBB, which can be exploited by malicious people to compromise a vulnerable system.
9fd29b82d48039995ebd38ca7e5e0737Secunia Security Advisory - ajann has discovered a vulnerability in E-Annu, which can be exploited by malicious people to conduct SQL injection attacks.
47b54c318246d7b6ea033119bbf089c6Secunia Security Advisory - Gentoo has issued an update for cheesetracker. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
46960efa0c76a993d5882833d295ac2fSecunia Security Advisory - v1per-haCker has discovered some vulnerabilities in phpProfiles, which can be exploited by malicious people to compromise a vulnerable system.
c7a71a0089ff9ff9b50667ff445517feSecunia Security Advisory - Debian has issue an update for qt-x11-free. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library.
af9bc017c5b4d5c301d5d2cb42fa4a1eSecunia Security Advisory - David Vieira-Kurz has reported a vulnerability in foresite CMS, which can be exploited by malicious people to conduct cross-site scripting attacks.
ac9f319d35808d7ae8a0b7cb07b672d4Secunia Security Advisory - Gentoo has issued an update in php. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.
b154ca779a2289c2697bd340f435990aSecunia Security Advisory - Gentoo has issued an update for asterisk. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
cdfab5ba333cc05fbe8c0528b8a7b9f4Secunia Security Advisory - HP has acknowledged some vulnerabilities in HP Tru64 Unix, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
13ff611895a1244a08e974adc48a79d1Secunia Security Advisory - Handrix has reported a vulnerability in Sun Java System Messenger Express, which can be exploited by malicious people to conduct cross-site scripting attacks.
9caf1dfc6a88f66bf5b24b58bd5aff8dOpenPKG Security Advisory OpenPKG-SA-2006.027: According to a vendor release announcement [0], security issues exist in the personal publishing platform WordPress [1]. The "wp-db-backup" plugin accepts filenames which could be used to access security sensitive files.
6fa23e5f66c06c2196f275c22469f95cDebian Security Advisory 1200-1: An integer overflow has been found in the pixmap handling routines in the Qt GUI libraries. This could allow an attacker to cause a denial of service and possibly execute arbitrary code by providing a specially crafted image file and inducing the victim to view it in an application based on Qt.
4c4178b2c54028d3a9f92810258b8f98Gentoo Linux Security Advisory GLSA 200610-15 - Asterisk contains buffer overflows in channels/chan_mgcp.c from the MGCP driver and in channels/chan_skinny.c from the Skinny channel driver for Cisco SCCP phones. It also dangerously handles client-controlled variables to determine filenames in the Record() function. Finally, the SIP channel driver in channels/chan_sip.c could use more resources than necessary under unspecified circumstances. Versions less than 1.2.13 are affected.
d8799077b64101eca58d5a7b90fda78aGentoo Linux Security Advisory GLSA 200610-14 - A flaw in the PHP memory handling routines allows an unserialize() call to be executed on non-allocated memory due to a previous integer overflow. Versions less than 5.1.6-r6 are affected.
348e64dff7c57b7b9a61a30897389f25Mandriva Linux Security Advisory MDKSA-2006-192: The CGI library in Ruby 1.8 allowed a remote attacker to cause a Denial of Service via an HTTP request with a multipart MIME body that contained an invalid boundary specifier, which would result in an infinite loop and CPU consumption.
e4dc9b5f9f0fba547dcd24f100ae9e56
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed