OpenEMR is affected by a remote SQL injection vulnerability in version 4.1.0.
e5fc30bfd7ed1f43dfdbc4641e3dd252RedTeam Pentesting discovered a cross site scripting vulnerability in Bugzilla's chart generator during a penetration test. If attackers can persuade users to click on a prepared link or redirected them to such a link from an attacker-controlled website, they are able to run arbitrary JavaScript code in the context of the Bugzilla installation's domain. Versions affected include 2.17.1 to 3.4.12, 3.5.1 to 3.6.6, 3.7.1 to 4.0.2 and 4.1.1 to 4.1.3.
ecb79fb6812f4fdef542de9e41d1e82bMavili Guestbook version 200711 suffers from bypass, cross site scripting and remote SQL injection vulnerabilities.
7f81f065bf7c615f63fc8c9a060f46c8Tiny Guest Book suffers from a cross site scripting vulnerability.
54fe5383e0ea258a6898102a2b7cc625OpenKM Document Management System version 5.1.7 suffers from a remote command execution vulnerability.
c4d18950cda8be8a03c3ec22caa0c2f5OpenKM Document Management System version 5.1.7 suffers from an authenticated privilege escalation vulnerability.
c854b82aaf61acf780dff9ac73f4b767BigACE CMS version 2.7.5 suffers from a cross site scripting vulnerability.
f792be4bc09acd64f5cc300556b9b3f5Debian Linux Security Advisory 2378-1 - Several vulnerabilities have been discovered in ffmpeg, a multimedia player, server and encoder. Multiple input validations in the decoders for QDM2, VP5, VP6, VMD and SVQ1 files could lead to the execution of arbitrary code.
3888295550ac94884c3f6b2fd4757190MyStore Tienda Virtual version 2.0 suffers from a remote SQL injection vulnerability.
7cf5c707d8f383147cc0f2999bf3f5a2PZIDS (Peta Zetas IDS) is a tool to test if your IDS is detecting threats properly. Written in Python.
b78ed32220ffb538532f721a2be7a485This Metasploit module exploits Stream Down version 6.8.0 using a SEH based buffer overflow that is triggered when processing the server response packet. During the overflow a structured exception handler is overwritten.
8d5b215cd9f32d4686c7433487ed0631The Apigee Facebook API suffers from a cross site scripting vulnerability.
9a44567514e68595badf32581c187bc4The WordPress Comment Rating plugin suffers from cross site scripting and remote SQL injection vulnerabilities.
a53a0c66c38d07d2715138d38faf7c36MyStore Tienda Virtual suffers from a remote SQL injection vulnerability.
4c24b62faa7e261af2d812291f475b53Technitium MAC Address Changer allows you to change Media Access Control (MAC) Address of your Network Interface Card (NIC) irrespective to your NIC manufacturer or its driver. It has a very simple user interface and provides ample information regarding each NIC in the machine.
2a51808af6f03fff9bd076730e9fe281Whitepaper called Linux Kernel Hooking, Data Manipulations and Making Root Exploits. Written in Turkish.
28fae139bde9a4dc5de620503482207dSecunia Security Advisory - Debian has issued an update for ipmitool. This fixes a security issue, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
e1e30bba20c25b51497e5a9ebb0cdbf2Secunia Security Advisory - Two vulnerabilities have been discovered in Rapidleech, which can be exploited by malicious people to conduct cross-site scripting and script insertion attacks.
5e0eecadb1cc1d30dcbb11e377b085c3Secunia Security Advisory - A vulnerability has been discovered in the TheCartPress plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.
6d070c1e2ebc8fcb66a368479233f3d2
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed