Secunia Security Advisory - A vulnerability has been reported in the Organic Groups Vocabulary module for Drupal, which can be exploited by malicious users to conduct script insertion attacks.
a0e0a8989ecabb90849430e7a1d6538f1bc7cc069d95245e2756d853e10ed639Secunia Security Advisory - A vulnerability has been reported in the Link module for Drupal, which can be exploited by malicious users to conduct script insertion attacks.
b6ec0f76b60d82afdd3f8fc19a4321987ad561ef2b305f5851b8b46b299fe911Secunia Security Advisory - Some vulnerabilities have been reported in the NGP COO/CWP Integration module for Drupal, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to bypass certain security restrictions.
ce6d09d3ff01177132960a3319854b9bf91c35aba5b0a855feae2ba4fd87c434Secunia Security Advisory - A vulnerability has been reported in the Zoomify module for Drupal, which can be exploited by malicious people to conduct script insertion attacks.
fba108c4cf9032780d39f646f8423c18614e81c2d9bb6f74fb08c933d567d638Secunia Security Advisory - Some security issues have been reported in Joomla!, which can be exploited by malicious people to disclose version information and by malicious users to manipulate certain data.
cbe3a143f3481bc7c1567c10c135d7054f762eb564efd5a942c8854a0ff0932eSecunia Security Advisory - A security issue has been reported in Sun Solaris, which can be exploited by malicious people with physical access to the system to potentially bypass certain security restrictions.
1af325ce2179c5b333867b62ac520d158f6b940a0891052666268326ba5e39d3Secunia Security Advisory - Red Hat has issued an update for wget. This fixes a vulnerability, which can be exploited by malicious people to conduct spoofing attacks.
ee569c52ed3b667daa5e94f50cfbfb0d97931cf4c5f6a8d337d0b8a1ca52934cSecunia Security Advisory - A weakness has been reported in Sun Solaris, which can be exploited by malicious people with physical access to the system to potentially bypass certain security restrictions.
2ae4e8c99cbed146a0fae37a404b3b7b950c5beb2f0ab27998c08d918a0cedd5Secunia Security Advisory - A vulnerability has been reported in e-Courier CMS, which can be exploited by malicious people to conduct cross-site scripting attacks.
0a6022cb6b3c38a3ba150f5d4fa4ed45c68f3408bb3241b872d1de60397595cfSecunia Security Advisory - Brett Gervasoni has reported a vulnerability in SafeNet SoftRemote, which can be exploited by malicious people to compromise a user's system.
2b14c1158cc4fa12b20e26e25c349210683bcca40bb773e249afc9c661aa91ffSecunia Security Advisory - Sun has acknowledged some vulnerabilities in Adobe Reader in Solaris, which can be exploited by malicious people to compromise a user's system.
620d16e663e425bb65672bfbd3bad0f735e07f6edb28ed064a817a79dbec4ec5Secunia Security Advisory - A vulnerability has been reported in the Shibboleth Identity and Service Provider, which can be exploited by malicious people to conduct cross-site scripting and potentially script insertion attacks.
32f5a692b233401969ef1bae78e92622bc16e7144383857c5365a3aa4be13d6fSecunia Security Advisory - A vulnerability has been reported in Sun Solaris, which can be exploited by malicious people to cause a DoS (Denial of Service).
c4be10786c39dca0386bb3cda67f296e030434044cf2e1fd37f59710290075a5Secunia Security Advisory - Some vulnerabilities have been reported in RoundCube Webmail, which can be exploited by malicious people to conduct cross-site request forgery attacks.
5340395caf4e3fcfa5c195022996531f9c4094a3e7421f159ac8ada57d553707The Cosminexus XML processor suffers from a remote denial of service vulnerability when receiving an invalid SOAP message.
69bee83c0ee9e888ce02c4291882f7a5428cc4b4f0eac82f075ca86f3638b428Asterisk Project Security Advisory - Asterisk includes a demonstration AJAX based manager interface, ajamdemo.html which uses the prototype.js framework. An issue was uncovered in this framework which could allow someone to execute a cross-site AJAX request exploit.
e86a0ecb6a897bcb9f1220e85d46af735a82bc2ef2a6208e6cc14a3c6f4996ddAsterisk Project Security Advisory - It is possible to determine if a peer with a specific name is configured in Asterisk by sending a specially crafted REGISTER message twice. The username that is to be checked is put in the user portion of the URI in the To header. A bogus non-matching value is put into the username portion of the Digest in the Authorization header. If the peer does exist the second REGISTER will receive a response of "403 Authentication user name does not match account name". If the peer does not exist the response will be "404 Not Found" if alwaysauthreject is disabled and "401 Unauthorized" if alwaysauthreject is enabled.
3634bc8c6b1fcdae106d21b04636f67125dbeb10fda75b29b1244e3e1cd34bf0Mozilla Firefox versions 3.5 and 3.0 suffer from an autocomplete data theft vulnerability.
55e951518276dc7c097f9bba03ab3a9f677c0997fa82a607138edb31bf240c43Debian Linux Security Advisory 1926-1 - Several remote vulnerabilities have been discovered in the TYPO3 web content management framework.
a31da610926d6e1e3800b5a2eddeca9b7395185a3fe5bb747d8d316e7fc0b2fcThis is Malformation's Interactive HTTP GET and POST Shell.
d304cf274bb961d977a885e60060650ec032a74412bac078d3ca8f7b72aa5c21Endonesia CMS version 8.4 suffers from a local file inclusion vulnerability.
89621b89898413d59ea39f85e6729a2d083b27dc0c2fc6ed0f2be4d1ce94654fSecunia Research has discovered a vulnerability in IBM Tivoli Storage Manager Client, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused by an input validation error in the CAD service. This can be exploited to cause a stack-based buffer overflow by sending a specially crafted packet via TCP. Successful exploitation allows execution of arbitrary code. IBM Tivoli Storage Manager Express Client version 5.3.6.2 is affected.
d162501f8a502894ddca76f531d423886089eb16e3f1abdd39eaa04d684d2343The Portili Personal and Team Wiki versions 1.14 and below suffer from cross site scripting, shell upload, and information and password disclosure vulnerabilities.
47dd3f2d94b415af5fadfbaec383af1cb38fb562ed107c7ef39cfdc841ff5874Multiple code execution vulnerabilities have been discovered in the Adobe Shockwave Player. Versions 11.5.1.601 and below are affected.
551711ee8bc2dbf403137d959930ea96fa8074b6018fb3d13dd477357426dd00
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed