Whitepaper called Reading Mission Control Data out of Predator Drone video feeds.
893c57808e275c209ff64f32529d4b5bf791b0ffdab61822c6d1f5362740359aThe Joomla Hot Brackets component suffers from a remote blind SQL injection vulnerability.
5650b3d67178c479b08111cf70529535b6db9b7636933f8b60e0c9e455c1e28bPHPhotoalbum suffers from a remote shell upload vulnerability.
3bc070465e2c256fbeba1e5de7276923283dd12afa0f965a6d23d931f4170d7eGentoo Linux Security Advisory 200912-2 - Multiple vulnerabilities have been discovered in Rails, the worst of which leading to the execution of arbitrary SQL statements. Versions less than 2.2.2 are affected.
16d8e364cfb92aed20ead8b90f7ddfb138996017dcb068bdfb6e381ed4b6eee8Debian Linux Security Advisory 1960-1 - It was discovered that acpid, the Advanced Configuration and Power Interface event daemon, on the oldstable distribution (etch) creates its log file with weak permissions, which might expose sensible information or might be abused by a local user to consume all free disk space on the same partition of the file.
b36c83cc4622b6c42cb7aae2e6218e1d4abe11792e90f00c5524d35ac47bdb56Ultimate Uploader version 1.3 suffers from a remote shell upload vulnerability.
2f4ed31e4cfbbbcc8518a1ed22f7d8a6f0f0f927bdded10ebb3d19f5e5475761Pre Hotels and Resorts Management System suffers from a remote SQL injection vulnerability that allows for authentication bypass.
ccd917de16ae006850643af05572a502b28ab5ee8e16c9aa5a745eff9ef5628aSocial Web CMS suffers from cross site scripting, cross site request forgery, path disclosure, and user redirection vulnerabilities.
96aba5ca15438fb64f35e68876edbc31b755dc427af8b72e6102712e9107cef1GNU SIP Witch is a pure SIP-based office telephone call server that supports generic phone system features like call forwarding, hunt groups and call distribution, call coverage and ring groups, holding, and call transfer, as well as offering SIP specific capabilities such as presence and messaging. It supports secure telephone extensions for making calls over the Internet, and intercept/decrypt-free peer-to-peer audio and video extensions. It is not a SIP proxy, a multi-protocol telephone server, or an IP-PBX, and does not try to emulate Asterisk, FreeSWITCH, or Yate.
55fed35a489fd20b949dbddcc1d479e67e92fa7be948202c058b1d4eae10476bwebCocoon's simpleCMS suffers from a remote SQL injection vulnerability.
d31e6a1484406d78aa86a9addd59ae046219a84f49ad87d1b82846afa2de30bdDebian Linux Security Advisory 1959-1 - It was discovered that ganeti, a virtual server cluster manager, does not validate the path of scripts passed as arguments to certain commands, which allows local or remote users (via the web interface in versions 2.x) to execute arbitrary commands on a host acting as a cluster master.
9de7728afbdb40275675ed1ab9d19384cb604d7333cdcd1f40f042ca1954497fSMF, or Simple Machines Forum, version 1.1.11 suffers from a cross site scripting vulnerability.
005540bee47c80baaed467e87a87cbb5c0707ee839dbf4a5bed5a359ba9d9b07Angelo-emlak version 1.0 suffers from a remote database disclosure vulnerability.
814e0afd4a1ddeefeec9b4ac71b19940f80d74bb461be15a18b23635bb251deaUbuntu Security Notice 874-1 - Jesse Ruderman, Josh Soref, Martijn Wargers, Jose Angel, Olli Pettay, and David James discovered several flaws in the browser and JavaScript engines of Firefox. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. Takehiro Takahashi discovered flaws in the NTLM implementation in Firefox. If an NTLM authenticated user visited a malicious website, a remote attacker could send requests to other applications, authenticated as the user. Jonathan Morgan discovered that Firefox did not properly display SSL indicators under certain circumstances. This could be used by an attacker to spoof an encrypted page, such as in a phishing attack. Jordi Chancel discovered that Firefox did not properly display invalid URLs for a blank page. If a user were tricked into accessing a malicious website, an attacker could exploit this to spoof the location bar, such as in a phishing attack. David Keeler, Bob Clary, and Dan Kaminsky discovered several flaws in third party media libraries. If a user were tricked into opening a crafted media file, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program.
4ce1761d16df1c6ee9f51786f7a5bcc1315bd2c5e16f07360499c7f71471f4abKasseler CMS version 1.3.4 Lite suffers from a cross site scripting vulnerability.
94e73185b09ae4f60617fd8dda65b16c7b7c1f4f3e366c79f8fea63302e418eaAbsolute Shopping Cart suffers from a remote SQL injection vulnerability.
b873650bd9f6d5f98665d33f1abeb585ace5284a0668f238107491a23d73d34fPDQ Script version 1.0 suffers from a remote SQL injection vulnerability.
378c6da640ba72ce6e079db9a17be0cf4bdbae691e8fc19b8f3e269a81e4c2deUbuntu Security Notice 873-1 - Jesse Ruderman, Josh Soref, Martijn Wargers, Jose Angel, Olli Pettay, and David James discovered several flaws in the browser and JavaScript engines of Firefox. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. Takehiro Takahashi discovered flaws in the NTLM implementation in Firefox. If an NTLM authenticated user visited a malicious website, a remote attacker could send requests to other applications, authenticated as the user. Jonathan Morgan discovered that Firefox did not properly display SSL indicators under certain circumstances. This could be used by an attacker to spoof an encrypted page, such as in a phishing attack. Jordi Chancel discovered that Firefox did not properly display invalid URLs for a blank page. If a user were tricked into accessing a malicious website, an attacker could exploit this to spoof the location bar, such as in a phishing attack.
8eaaba6dc798f53aa0cfdc9af6581d1658b9863011229fab65c636d57a06a8dcA vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard OpenView Data Protector. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Cell Manager Database Service, rds.exe, which binds to TCP port 1530.
b35ddf22dfed2acfe23b890459bbb716db5b8a870f760c3daf55fac1b650ebadSimplicity Of Upload version 1.3.2 suffers from a remote shell upload vulnerability.
64b4697da7f8e272253f2c5eb9a01f1118c6e51122c6d072ab70f6bbae0cb29cAdvanced Biz Limited versions 1.0 and below suffer from a remote SQL injection vulnerability that allows for authentication bypass.
2be082a74f4110a8e5e426fdd7f9b495d5588cdb8651e2a21af4066a73984172Explorer version 7.20 RC1 revision A suffers from a cross site scripting vulnerability.
3ce1da83732891b15c50124372e4da9f3a6226565203b6cb0c2c688128c32dd9Ignition version 1.2 suffers from multiple local file inclusion vulnerabilities.
fdbc2d80885ba37e6b668de4f279d116a36bffda8d03f70cdc0ba7b88075e5f9The Pandora FMS monitoring application versions 2.1.x and 3.x suffer from a remote SQL injection vulnerability.
b7bcb28f0cc3d2df0c21443a57cadde9039cdae2fb82858de85923652e70a42c8pixel.net 2009 suffers from a remote database disclosure vulnerability.
2c80584a091671d1025df33cb89273b99f85f14ebe015eb414d28e6025b6cd62
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed