WordPress WooCommerce plugin version 2.0.17 suffers from a cross site scripting vulnerability.
628ac46d8f1244fad6d04ac0e5152e7eb4159026a41ee343f38ebfe0c886e422VMware Security Advisory 2013-0012 - VMware has updated vCenter Server, vCenter Server Appliance (vCSA), vSphere Update Manager (VUM), ESXi and ESX to address multiple security vulnerabilities.
f12f7718cd809d06b660ac50220f6d10a650005791eca8e30c22bada4c7bb911Web-Spa is a Java web knocking tool for sending a single HTTP/S request to your web server in order to authorize the execution of a premeditated operating system (O/S) command on it.
a947eaea9219435522452e5998b2815a6bc802c2c9c0ccc0d1d38e524c6b022eDebian Linux Security Advisory 2780-1 - This DSA updates the MySQL database to 5.1.72. This fixes multiple unspecified security problems in the Optimizer component.
997866fcbe06e5a0d3d671cad421d631798c370aa8d68534717d905391eee5f0Mandriva Linux Security Advisory 2013-256 - Apache mod_fcgid before version 2.3.9 fails to perform adequate boundary checks on user-supplied input. This may allow a remote attacker to cause a heap-based buffer overflow, resulting in a denial of service or potentially allowing the execution of arbitrary code.
d20d575cf387a12cb1f1fe8d514bb5a5a16afb37a8356c7288310330372f7c28Mandriva Linux Security Advisory 2013-255 - A security flaw was found in the way Clutter, an open source software library for creating rich graphical user interfaces, used to manage translation of hierarchy events in certain circumstances. Physically proximate attackers could use this flaw for example to obtain unauthorized access to gnome-shell session right after system resume.
318c161bad22c9578dac995bb0cc50a71769a4b20ec80a826c602730c6f8d7ccMandriva Linux Security Advisory 2013-254 - Remotely exploitable buffer overflow in ospf_api.c and ospfclient.c when processing LSA messages in quagga before 0.99.22.2. Note: We have worked around this vulnerability by disabling the ospf_api and ospfclient features, which did not provide useful functionality.
0eb2cd82b2ff838ef4aa7c6c1c69bfa24d50a5ce038cbd73a1f91cf1c12c3ccdMandriva Linux Security Advisory 2013-252 - A non-privileged user who was able to run jobs or login to a node which ran pbs_server or pbs_mom, could submit arbitrary jobs to a pbs_mom daemon to queue and run the job, which would run as root.
87c892b0b1b0a63846d8440441847718da90b4e6dd6559a8e5add5f37afae24dMandriva Linux Security Advisory 2013-251 - A buffer overflow vulnerability has been discovered in Aircrack-ng. A remote attacker could entice a user to open a specially crafted dump file using Aircrack-ng, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition.
9f962c6db1691c45e7d78d3ba814af35373f15b3e5781028fde68b9a4696daabMandriva Linux Security Advisory 2013-253 - Two heap-based buffer overflow flaws were found in the way libtar handled certain archives. If a user were tricked into expanding a specially-crafted archive, it could cause the libtar executable or an application using libtar to crash or, potentially, execute arbitrary code.
0a2884cd915d053154e7234d410fd1981f2e9addf730ab07f929b35a77ceddd2Bugzilla Security Advisory - Multiple cross site scripting and cross site request forgery vulnerabilities have been discovered and addressed in various versions of Bugzilla.
943bffbd4c59491956254e396c5dddc10c25b0b775de07d14bd90dac0cbf7118Elite Graphix ElitCMS versions 1.01 and PRO suffer from cross site scripting and remote SQL injection vulnerabilities.
29a67e3663b1e3c4862f2246b9ede7002b3897ace31e2a0b390b8b8838c2db15Bluetooth U version 1.2.0 suffers from a directory traversal vulnerability.
ca14296374929c9f6c88571a95a5740d0e443d519a9a0c903df41f3c2bcc8c26This Metasploit module exploits a command execution vulnerability in WebTester version 5.x. The 'install2.php' file allows unauthenticated users to execute arbitrary commands in the 'cpusername', 'cppassword' and 'cpdomain' parameters.
dfea5435bcc036d47d5c594f95500152ab31c0d3ee607b8a70a2b6f399effb39LinkedIn suffered from a cross site request forgery vulnerability in the Join Group functionality.
442cba9a0c6a978e69874ca3310a79b3dd238196b467f3e2045742bf6b7bdf18Zikula CMS version 1.3.5 suffers from multiple cross site scripting vulnerabilities.
69f709f535989b330975f9e777157ccbbe4a049d89e1926d05079fa41e57d717hwk is an easy-to-use wireless authentication and de-authentication tool. Furthermore, it also supports probe response fuzzing, beacon injection flooding, antenna alignment and various injection testing modes. Information gathering is selected by default and shows the incoming traffic indicating the packet types.
599d4f7ecaaefe8226beca944bc48e8459be941747089d6a88a9ff0beee0cb68Apache has announced the release of the Struts 2.3.15.3 framework which addresses multiple security issues including a broken access control.
298a85c71d878d7cffa115e7f986c8ab93495c936ad88dded1f9d2a6aa07d358Adaudit Plus Online Demo suffers from multiple vulnerabilities including cross site request forgery, directory listing, and passwords being passed via a GET method.
65032b7037f6db49f90a134d34c24c4a670cbee2a380df40c787cac1f3f32132Admanager Plus Online Demo suffers from cross site request forgery, directory listing, clickjacking, and cross site scripting vulnerabilities.
ef8980f8307fd85e258505ff90f13dbeb382094a1fe35e49f7d82febddc5223eQuick Paypal Payments, the plugin from quick-plugins.com, suffers from a persistent cross site scripting vulnerability.
37a5f2452b362ab7282d84c4e598396e18994f0a1811c1715518b59a076d9641PHP Point Of Sale versions 10.x, 11.x, and 12.x remote code execution exploit.
2688acc1f96e93d7799ccb3540cbe12f48da9bc32d767bb22ca9db0d45a74255Drupal Simplenews third party module versions 6.x and 7.x suffer from a cross site scripting vulnerability.
9e085ec5d3fff92fc140e15a8768710405e8c5e098decc2b36b9fa716fb4ecf2AIEngine is a packet inspection engine with capabilities of learning without any human intervention. It helps network/security professionals to identify traffic and develop signatures for use them on NIDS, Firewalls, Traffic classifiers and so on.
86c4d7e1eaf85ab6c6574e5dcda97a1858f09db50694774a7b9bbda97f925c82HP Security Bulletin HPSBPV02918 2 - Potential security vulnerabilities have been identified with HP ProCurve Manager (PCM), HP PCM+ and HP Identity Driven Manager (IDM). These vulnerabilities could be exploited remotely to allow SQL injection, remote code execution and session reuse. Revision 2 of this advisory.
81d8b715891741e72a757263197f7d75c3d384c5a407cffd96c491d57658486f
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed