PHP-X-Links suffers from a remote SQL injection vulnerability.
0a3ab4e79f8b679cc21ad2828dd5dc8cWSN Links script suffers from a remote SQL injection vulnerability in report.php.
9f0e09c474cb442ffd0c3b43a5066dbaComplete comprehensive archive of all 3,873 exploits added to Packet Storm in 2011.
2c02a93d8156812bc51f121cda5eef48This archive contains all of the 211 exploits added to Packet Storm in December, 2011.
e34713cea61f713bcde4131b86e22089Mandriva Linux Security Advisory 2011-198 - Multiple vulnerabilities has been found and corrected in phpmyadmin. Importing a specially-crafted XML file which contains an XML entity injection permits to retrieve a local file (limited by the privileges of the user running the web server). Using crafted database names, it was possible to produce XSS in the Database Synchronize and Database rename panels. Using an invalid and crafted SQL query, it was possible to produce XSS when editing a query on a table overview panel or when using the view creation dialog. Using a crafted column type, it was possible to produce XSS in the table search and create index dialogs. Crafted values entered in the setup interface can produce XSS; also, if the config directory exists and is writeable, the XSS payload can be saved to this directory. Using crafted url parameters, it was possible to produce XSS on the export panels in the server, database and table sections. This upgrade provides the latest phpmyadmin version to address these vulnerabilities.
f2266e29703f046dca3c61f62868ac08Siena CMS version 1.242 suffers from a cross site scripting vulnerability.
71c0e133cd52fe762b651b4446651cf8PHP 5.3.x hash collision denial of service proof of concept exploit.
2ec0f79d6a35f668667c83cdf5e19722KBeast (Kernel Beast) 2012 is a Linux rootkit that hides the loadable kernel module, hides files and directories, hides processes, hides sockets and connections, performs keystroke logging, has anti-kill functionality and more.
c8fbf115fdf309273ce23f94d817210fjPORTAL version 2 suffers from a remote SQL injection vulnerability in comment.php.
c1de82df1479466f778a8b679bd9701cJin Ware International version 1.2 suffers from a remote SQL injection vulnerability.
f392a651f31211fa656b7b22c3d64da2Readmore Systems suffers from a remote SQL injection vulnerability.
ddf414186af711c7443bff9a46d22b72The WordPress LivePHP plugin suffers from a cross site scripting vulnerability.
e3681cbc6c8d9e6a3980764d5d44d010WebSAT suffers from a remote blind SQL injection vulnerability.
d534f4bcaea16ef956f49683163f8a76PHPB2B suffers from a cross site scripting vulnerability.
08eaf3b15a8ec88d208f721470d2d693Lixar suffers from a remote SQL injection vulnerability.
d2ee0c13e12afc17f8621c3f961220ebLinux/x86 polymorphic shellcode that escalates uid/gid and adds user iph to /etc/passwd without a password.
5f068501a4c3a979131005f6ce38a5dcITMiddle suffers from a remote SQL injection vulnerability.
345ac35a1a49fed306b30277455d7fdcwsCMS suffers from cross site scripting and remote SQL injection vulnerabilities.
34f6015f279f84811eade42bd2c113b0Debian Linux Security Advisory 2376-2 - It was discovered that OpenIPMI, the Intelligent Platform Management Interface library and tools, used too wide permissions PID file, which allows local users to kill arbitrary processes by writing to this file.
7ffb96d29b12a653fc613cce38413b66IBM Lotus Notes/Domino server suffers from a remote denial of service vulnerability that can be triggered by a malformed TCP packet. Versions 8.5.2 FP3 and earlier, 8.5.1, 8.5 and 8.0.x are affected.
b0fcd9bd798394eb4a62a2a83e81c95b
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed