Bugtraq

• Thread Index

• DigiOz Guestbook version 1.7 Path Disclosure Vulnerability in list.php
  • From: jesper . jurcenoks
• Re: IE7 website security certificate discrediting exploit
  • From: inge_eivind . henriksen
• News publication system remote File include
  • From: navairum
• [ MDKSA-2006:198 ] - Updated imlib2 packages fix several vulnerabilities
  • From: security
• GreenBeast CMS <= 1.3 PHP Arbitrary File Upload Vulnerability
  • From: skulmatic
• [ MDKSA-2006:199 ] - Updated libx11 packages fix file descriptor leak vulnerability
  • From: security
• [USN-376-2] imlib2 regression fix
  • From: Kees Cook
• Re: Advanced Guestbook 2.3.1 (Admin.php) Remote File Include
  • From: simo64
• Re: Multiple vulnerabilities in SAP Web Application Server 6.40 and7.00
  • From: Nicob
• IE7 website security certificate discrediting exploit
  • From: inge_eivind . henriksen
• Re: Firefox 1.5.0.7 Exploit
  • From: Lubomir Kundrak
• ZDI-06-037: America Online ICQ ActiveX Control Code Execution Vulnerability
  • From: zdi-disclosures
• Re: Firefox 1.5.0.7 Exploit
  • From: OOZIE
• VulnDisco Pack for Metasploit
  • From: Evgeny Legerov
• Advanced Guestbook 2.3.1 (Admin.php) Remote File Include
  • From: broken-proxy
• Hotmail and Windows Live Mail XSS Vulnerabilities
  • From: applesoup
• XSS Vulnerability in Zend Framework Preview 0.2.0
  • From: security
• [SECURITY] [DSA 1206-1] New php4 packages fix several vulnerabilities
  • From: Moritz Muehlenhoff
• [SECURITY] [DSA 1204-1] New ingo1 packages fix arbitrary shell command execution
  • From: Moritz Muehlenhoff
• RE: Internet Explorer 7 - Still Spyware Writers' Heaven
  • From: Roger A. Grimes
• Ariadne <= 2.4.1 Multiple Remote File Include Vulnerabilities(New)
  • From: ajannhwt
• Re: Internet Explorer 7 - Still Spyware Writers' Heaven
  • From: Eliah Kagan
• MajorSecurity Advisory #32]phpComasy CMS - Multiple Cross Site Scripting Issues
  • From: admin
• [ GLSA 200611-02 ] Qt: Integer overflow
  • From: Matthias Geerdsen
• TSLSA-2006-0061 - multi
  • From: Trustix Security Advisor
• Cross Site Scripting (XSS) Vulnerability in IBM WebSphere Application Server
  • From: ProCheckUp Research
• Joomla 1.0.11 Remote File Include
  • From: root
• MWChat pro V 7.0 <= (CONFIG[MWCHAT_Libs]) Remote File Include Vulnerability
  • From: -= SHELL =- -= SHELL =-
• AIOCP <=1.3.007 multiples vulnerabilities [sql , remote file include , xss]
  • From: saps . audit
• Re: New Flaw in Firefox 2.0: DoS and possible remote code execution
  • From: Jerome Athias
• [ECHO_ADV_60_2006] OpenEMR <=2.8.1 Multiple Remote File Inclusion Vulnerability
  • From: erdc
• [ECHO_ADV_59_2006]Agora 1.4 RC1 "$_SESSION[PATH_COMPOSANT]" Remote File Inclusion Vulnerability
  • From: erdc
• Re: @cid stats v2.3 File Include
  • From: Heiko Wundram
• [ECHO_ADV_58_2006]Cyberfolio <=2.0 RC1 $av Remote File Inclusion Vulnerability
  • From: erdc
• Mail Drives Security Considerations
  • From: darkz . gsa
• [ECHO_ADV_57_2006]Soholaunch Pro <=4.9 r36 Multiple Remote File Inclusion Vulnerability
  • From: erdc
• Re: New Flaw in Firefox 2.0: DoS and possible remote code execution
  • From: Jan Heisterkamp
• PHP Rapid Kill All Version File Injection
  • From: null_hack
• Stanford university SCARF user editing
  • From: navairum
• Article Script v1.*and v1.6.3 Sql injection
  • From: liz0
• @cid stats v2.3 File Include
  • From: mahmood ali
• Re: Internet Explorer 7 - Still Spyware Writers' Heaven
  • From: Thierry Zoller
• IF-CMS multiples XSS vunerabilities
  • From: saps . audit
• Re: MajorSecurity Advisory #31]Xenis.creator CMS - Multiple Cross Site Scripting and SQL Injection Issues
  • From: saps . audit
• [USN-377-1] NVIDIA vulnerability
  • From: Kees Cook
• [MajorSecurity Advisory #30]admin.tool 3 CMS - Multiple Cross Site Scripting Issues
  • From: admin
• [USN-378-1] RPM vulnerability
  • From: Kees Cook
• [OpenPKG-SA-2006.029] OpenPKG Security Advisory (bind)
  • From: OpenPKG
• Web Directory Pro bypass Vulnerabilities
  • From: hack2prison
• [OpenPKG-SA-2006.028] OpenPKG Security Advisory (php)
  • From: OpenPKG
• Re: how to trick most of cms avatar upload filter [exemple for : RunCms (PoC)]
  • From: Paul Laudanski
• MajorSecurity Advisory #31]Xenis.creator CMS - Multiple Cross Site Scripting and SQL Injection Issues
  • From: admin
• Re: Internet Explorer 7 - Still Spyware Writers' Heaven
  • From: Eliah Kagan
• [OpenPKG-SA-2006.030] OpenPKG Security Advisory (ruby)
  • From: OpenPKG
• [USN-376-1] imlib2 vulnerabilities
  • From: Kees Cook
• ZDI-06-036: Novell Netmail User Authentication Buffer Overflow Vulnerability
  • From: zdi-disclosures
• XSS in script Mobile
  • From: m-0-t
• [ MDKSA-2006:197 ] - Updated kernel packages fix multiple vulnerabilities and bugs
  • From: security
• SIMPLOG 0.9.3 injection sql & multiple xss
  • From: saps . audit
• [SECURITY] [DSA-1205-1] New thttpd packages fix insecure temporary file creation
  • From: Steve Kemp
• [ GLSA 200611-01 ] Screen: UTF-8 character handling vulnerability
  • From: Matthias Geerdsen
• Re: Multiple vulnerabilities in SAP Web Application Server 6.40 and7.00
  • From: harrisonholland
• Re: Digital Armaments Security Advisory 10.07.2006: Flexwath Authorization Bypassing and XSS Vulnerability
  • From: sales
• Re[2]: New Flaw in Firefox 2.0: DoS and possible remote code execution
  • From: 3APA3A
• Re: Firefox 1.5.0.7 Exploit
  • From: Martin Pitt
• [ MDKSA-2006:195 ] - Updated wireshark packages fix multiple vulnerabilities
  • From: security
• [ MDKSA-2006:196 ] - Updated php packages to address buffer overflow issue
  • From: security
• Re: phpMyConferences <= 8.0.2 Remote File Inclusion
  • From: Steven M. Christey
• EUSecWest/London CFP extended to Nov. 7
  • From: Dragos Ruiu
• Advisory 13/2006: PHP HTML Entity Encoder Heap Overflow Vulnerability
  • From: Stefan Esser
• RE: Internet Explorer 7 - Still Spyware Writers' Heaven
  • From: Roger A. Grimes
• Re: Firefox 1.5.0.7 Exploit
  • From: Bram Dumolin
• RE: how to trick most of cms avatar upload filter [exemple for : RunCms (PoC)]
  • From: Richard Stanway
• Re: Firefox 1.5.0.7 Exploit
  • From: Robert McGrew
• Re: how to trick most of cms avatar upload filter [exemple for : RunCms (PoC)]
  • From: Taneli Leppä
• Re: how to trick most of cms avatar upload filter [exemple for : RunCms (PoC)]
  • From: Taneli Leppä
• Educational write-up by Amit Klein: "A Refreshing Look at Redirection"
  • From: Amit Klein
• [USN-375-1] PHP vulnerability
  • From: Martin Pitt
• [security bulletin] HPSBMA02159 SSRT061238 rev.1 - HP System Management Homepage (SMH), Remote Bypassing of Security Features or Cross Site Scripting or Denial of Service (DoS)
  • From: security-alert
• [SECURITY] [DSA 1203-1] New libpam-ldap packages fix access control bypass
  • From: Moritz Muehlenhoff
• iodine client 0.3.2 buffer overflow
  • From: poplix
• Firefox 1.5.0.7 Exploit
  • From: koenig
• Advisory 12/2006: phpMyAdmin - error.php XSS Vulnerability
  • From: Stefan Esser
• how to trick most of cms avatar upload filter [exemple for : RunCms (PoC)]
  • From: securfrog
• Multiple vulnerabilities in SAP Web Application Server 6.40 and 7.00
  • From: Nicob
• Internet Explorer 7 - Still Spyware Writers' Heaven
  • From: avivra
• [security bulletin] HPSBUX02091 SSRT061099 rev.2 - HP-UX Local Increased Privilege
  • From: security-alert
• [USN-374-1] wvWare vulnerability
  • From: Kees Cook
• [security bulletin] HPSBUX02165 SSRT061266 rev.1 - HP-UX VirtualVault Remote Unauthorized Access
  • From: security-alert
• [security bulletin] HPSBUX02164 SSRT061265 rev.1 - HP-UX VirtualVault Running Apache 1.3.X Remote Denial of Service (DoS) and Arbitrary Code Execution
  • From: security-alert
• Re: PLS-Bannieres 1.21 (bannieres.php) File Include
  • From: Stefano Zanero
• [security bulletin] HPSBUX02172 SSRT061269 rev.1 - HP-UX VirtualVault running Apache Remote Execution of Arbitrary Code, Denial of Service (DoS), and Unauthorized Access
  • From: security-alert
• rPSA-2006-0202-1 tshark wireshark
  • From: rPath Update Announcements
• Outpost Insufficient validation of 'SandBox' driver input buffer
  • From: Matousec - Transparent security Research
• tikiwiki 1.9.5 mysql password disclosure & xss
  • From: securfrog
• Cisco Security Advisory: Cisco Security Agent Management Center LDAP Administrator Authentication Bypass
  • From: Cisco Systems Product Security Incident Response Team
• [USN-371-1] Ruby vulnerability
  • From: Kees Cook
• Asterisk Local and Remote Denial of Service vulnerability
  • From: sil
• [USN-373-1] mutt vulnerabilities
  • From: Kees Cook
• Re: phpLedAds 2.0(dir) File Include
  • From: Stefano Zanero
• Cross Site Scripting (XSS) Vulnerability in Netquery by "VIRtech"
  • From: LegendaryZion
• [USN-370-1] screen vulnerability
  • From: Kees Cook
• Re[3]: New Flaw in Firefox 2.0: DoS and possible remote code execution
  • From: 3APA3A
• Re: Re: Simple Machines Forum (SMF) XSS issue
  • From: oldiesmann
• Multiple XSS Vulnerabilities in Zend Google Data Client Library Preview 0.2.0
  • From: security
• iDefense Security Advisory 10.31.06: Sophos Anti-Virus Petite File Denial of Service Vulnerability
  • From: iDefense Labs
• iDefense Security Advisory 10.31.06: Novell iManager Tomcat DoS Vulnerability
  • From: iDefense Labs
• iDefense Security Advisory 10.27.06: Novell eDirectory NMAS BerDecodeLoginDataRequeset DoS Vulnerability
  • From: iDefense Labs
• Re: New Flaw in Firefox 2.0: DoS and possible remote code execution
  • From: Daniel Veditz
• Cross Site Scripting (XSS) Vulnerability in Web Mail service by "Walla! Communications LTD"
  • From: LegendaryZion
• Directory listing on B-FOCuS Wireless 802.11b/g ADSL2+ Router by "ECI Telecom LTD"
  • From: LegendaryZion
• Cross Site Scripting (XSS) Vulnerability in iPlanet Messaging Server Messenger Express by "Sun"
  • From: LegendaryZion
• PHP-Nuke <= 7.9 Journal module (search.php) "forwhat" SQL Injection vulnerability
  • From: paisterist . nst
• [SECURITY] [DSA 1202-1] New screen packages fix arbitrary code execution
  • From: Moritz Muehlenhoff
• [SECURITY] [DSA 1201-1] New ethereal packages fix denial of service
  • From: Moritz Muehlenhoff
• Re: Re: New Flaw in Firefox 2.0: DoS and possible remote code execution
  • From: xxxx
• Re: New Flaw in Firefox 2.0: DoS and possible remote code execution
  • From: Josh Bressers
• Re: New Flaw in Firefox 2.0: DoS and possible remote code execution
  • From: Gouki
• Authentication bypass in BytesFall Explorer
  • From: RedTeam Pentesting
• Re: freenews---> fileinclude
  • From: pokley
• Re: freenews---> fileinclude
  • From: pokley
• New Flaw in Firefox 2.0: DoS and possible remote code execution
  • From: xxxx
• Sun java System Messenger Express XSS
  • From: handrix
• SQL Injection Vulnerability in bfExplorer 0.0.6
  • From: security
• [ MDKSA-2006:194 ] - Updated PostgreSQL packages fix vulnerabilities
  • From: security
• [ MDKSA-2006:193 ] - Updated ImageMagick packages fix vulnerabilities
  • From: security
• Hawking Technology wireless router WR254-CA DNS issue
  • From: Nikolai Grigoriev
• ActiveX security leaks in the TV owned web game platform
  • From: maxgipeh
• phpMyConferences <= 8.0.2 Remote File Inclusion
  • From: mfp . c
• ModSecurity 2.0, A Core Rule Set and Console now available
  • From: Ofer Shezaf
• Re: Free Rainbow Tables.com
  • From: Jerome Athias
• Re: Nucleus Core v3.23 - Remote File Include
  • From: Francesco Laurita
• Re: freenews---> fileinclude
  • From: Tamriel
• Re: CentiPaid <= 1.4.2 [$class_pwd] Remote File Include
  • From: Tamriel
• [security bulletin] HPSBTU02168 SSRT061237 rev.1 - HP Tru64 UNIX Running gzip, gunzip, and gzcat, Remote Unauthorized Arbitrary Code Execution or Denial of Service (DoS)
  • From: security-alert
• [security bulletin] HPSBMA02121 SSRT061157 rev.3 - HP OpenView Storage Data Protector Remote Unauthorized Arbitrary Command Execution
  • From: security-alert
• [security bulletin] HPSBMA02138 SSRT061184 rev.2 - HP OpenView Storage Data Protector, Remote Unauthorized Arbitrary Command Execution
  • From: security-alert
• unreliable vulnerability reports en-masee [was:Re: vulnerability in Symantec products]
  • From: Gadi Evron
• Re: CentiPaid <= 1.4.2 [$class_pwd] Remote File Include
  • From: Francesco Laurita
• Multiple Remote File Include
  • From: firewall1954
• CORE FORCE R0.95 released!
  • From: CORE FORCE Team
• [ GLSA 200610-15 ] Asterisk: Multiple vulnerabilities
  • From: Raphael Marichez
• Metasploit Framework 2.7 Released
  • From: H D Moore
• opendocman <= 1.2p3 Bypass admin/user Login
  • From: k1tk4t
• [ECHO_ADV_53$2006] QnECMS <= 2.5.6 (adminfolderpath) Remote File Inclusion Vulnerability
  • From: erdc
• Punbb <= 1.2.13 Multiple Vulnerabilities
  • From: Nms
• Nucleus Core v3.23 - Remote File Include
  • From: firewall1954
• PHPEasyData Pro 2.2.1 (index.php) Remote SQL Injection Vulnerability
  • From: ajannhwt
• PHPEasyData Pro 1.4.1 (index.php) Remote SQL Injection Vulnerability
  • From: ajannhwt
• Simple Website Software v0.99 (common.php) Remote File Include
  • From: cw . cybersecurity
• Re: imageVue16.1 upload vulnerability
  • From: mjau
• [MajorSecurity Advisory #29]foresite CMS - Cross Site Scripting Issue
  • From: admin
• easy notes manager sql injection and authentication bypass
  • From: poplix
• freenews---> fileinclude
  • From: MoHaNdKo
• Re: phpAdsNew-2.0.8 <= (adlayer.php) Remote File Include
  • From: simo
• Re: vulnerability in Symantec products
  • From: jay.tomas
• SQL in WebWizForum by almaster hacker
  • From: almaster
• Back-end => 0.4.5 Remote File Include Vulnerability Exploit
  • From: h4ck3riran
• bbsNew => 2.0.1 Remote File Include Vulnerability Exploit
  • From: h4ck3riran
• Exporia => 0.3.0 Remote File Include Vulnerability Exploit
  • From: h4ck3riran
• CentiPaid <= 1.4.2 [$class_pwd] Remote File Include
  • From: firewall1954
• Re: [Full-disclosure] ZDI-06-035: Novell eDirectory NDS Server Host Header Buffer Overflow Vulnerability
  • From: Matt Richard
• [OpenPKG-SA-2006.027] OpenPKG Security Advisory (wordpress)
  • From: OpenPKG
• [SECURITY] [DSA 1200-1] New Qt packages fix integer overflow
  • From: Noah Meyerhans
• [ GLSA 200610-14 ] PHP: Integer overflow
  • From: Raphael Marichez
• [ MDKSA-2006:191 ] - Updated screen packages fix vulnerability
  • From: security
• Re: Ban v0.1 (bannieres.php) File Include
  • From: Francesco Laurita
• [ MDKSA-2006:192 ] - Updated ruby packages fix DoS vulnerability
  • From: security
• [ MDKSA-2006:190 ] - Updated mutt packages fix multiple vulnerabilities
  • From: security
• [ MDKSA-2006:188 ] - Updated mono packages fix vulnerability
  • From: security
• Re: phpAdsNew-2.0.8 <= (adlayer.php) Remote File Include
  • From: emme0032
• [ MDKSA-2006:189 ] - Updated xsupplicant fixes possible remote root stack smash vulnerability
  • From: security
• Microsoft .NET request filtering bypass vulnerability
  • From: research
• Hosting Controller 6.1 Hotfix <= 3.2 Vulnerability
  • From: playpacific . emulacaid
• Thepeak File Upload v1.3 : Read file vulneability
  • From: loveha
• Ban v0.1 (bannieres.php) File Include
  • From: mahmood ali
• phpAdsNew-2.0.8 <= (adlayer.php) Remote File Include
  • From: zooz_998
• [funsec] Haxdoor: UK Police Count 8, 500 Victims in Data Theft (So Far) (fwd)
  • From: Gadi Evron
• phpLedAds 2.0(dir) File Include
  • From: mahmood ali
• PLS-Bannieres 1.21 (bannieres.php) File Include
  • From: mahmood ali
• RFID enabled e-passport skimming proof of concept code released (RFIDIOt)
  • From: Adam Laurie
• GestArt <= vbeta 1 Remote File Include Vulnerabilities
  • From: ip . 123 . 456 . 78 . 90
• ArticleBeach Script <= 2.0 Remote File Inclusion Vulnerability
  • From: Bithedz
• PHP-Nuke <= 7.9 Search module "author" SQL Injection vulnerability
  • From: paisterist . nst
• UNISOR CMS sql injection
  • From: fireboy2006
• IE7 status: 8 days after release, 3 unfixed issues
  • From: Moritz Naumann
• SMF fgets off-by-one issue and filter size evasion
  • From: josecarlos . norte
• TextPattern <=1.19 Remote File Inclusion Vulnerability
  • From: Bithedz
• Re: [Full-disclosure] IE7 is a Source of Problem - Secunia IE7 Release Incident of October 2006
  • From: HASEGAWA Yosuke
• Re: IE7 is a Source of Problem - Secunia IE7 Release Incident of October 2006
  • From: Reversemode
• vulnerability in Symantec products
  • From: security
• [ GLSA 200610-13 ] Cheese Tracker: Buffer Overflow
  • From: Raphael Marichez
• Re: Mozilla Firefox JavaScript Handler Race Condition Memory Corruption Vulnerability
  • From: Christian Kalkhoff
• ZDI-06-035: Novell eDirectory NDS Server Host Header Buffer Overflow Vulnerability
  • From: zdi-disclosures
• iDefense Security Advisory 10.26.06: Multiple Vendor wvWare LFO Count Integer Overflow Vulnerability
  • From: iDefense Labs
• iDefense Security Advisory 10.26.06: Multiple Vendor wvWare LVL Count Integer Overflow Vulnerability
  • From: iDefense Labs
• phpFaber CMS Cross Site Scripting
  • From: security
• Directory Traversal in TorrentFlux 2.1
  • From: Christopher
• Joomla extended_registration mod Remote File Include Vulnerabilities
  • From: crackers_child
• Insecure storage of passwords in Axalto Protiva
  • From: nnposter
• MiniBILL v2006-10-10 (config[page_dir] Remote File Include Vulnerability
  • From: xorontr
• MHL-2006-003 Public Advisory: "ezOnlineGallery" Multiple Security Issues
  • From: Mayhemic Labs Security
• TSLSA-2006-0059 - postgresql
  • From: Trustix Security Advisor
• IE7 is a Source of Problem - Secunia IE7 Release Incident of October 2006
  • From: LIUDIEYU dot COM
• rPSA-2006-0198-1 screen
  • From: rPath Update Announcements
• [OpenPKG-SA-2006.026] OpenPKG Security Advisory (screen)
  • From: OpenPKG
• rPSA-2006-0195-2 kdelibs qt-x11-free
  • From: rPath Update Announcements
• [security bulletin] HPSBMA02133 SSRT061201 rev.2 - HP Oracle for OpenView (OfO) Critical Patch Update
  • From: security-alert
• iDefense Security Advisory 10.25.06: AOL Nullsoft Winamp Ultravox Lyrics3 v2.00 tags Heap Overflow Vulnerability
  • From: iDefense Labs
• Web-style Wireless IDS attacks
  • From: noreply
• iDefense Security Advisory 10.25.06: AOL YGPPDownload downloadFileDirectory ActiveX Control Heap Corruption Vulnerability
  • From: iDefense Labs
• iDefense Security Advisory 10.25.06: AOL YGPPDownload AddPictureNoAlbum ActiveX Control Heap Corruption Vulnerability
  • From: iDefense Labs
• Mozilla Firefox JavaScript Handler Race Condition Memory Corruption Vulnerability
  • From: erreale
• Re: phpMyConferences_8.0.2 Remote File Inclusion
  • From: Tamriel
• iDefense Security Advisory 10.25.06: AOL Nullsoft Winamp Ultravox 'ultravox-max-msg' Header Heap Overflow Vulnerability
  • From: iDefense Labs
• [ MDKSA-2006:187 ] - Updated Qt packages fix vulnerability
  • From: security
• phpMyConferences_8.0.2 Remote File Inclusion
  • From: Outlaw
• [KAPDA::#61] - PacPoll <= 4.0 Multiple Vulnerabilities
  • From: farhadkey
• Re: Yahoo! Messenger Service 18 Remote Buffer Overflow Vulnerability
  • From: Gadi Evron
• Cisco Security Advisory: Cisco Security Agent for Linux Port Scan Denial of Service
  • From: Cisco Systems Product Security Incident Response Team
• [SECURITY] [DSA 1199-1] New webmin packages fix input validation problems
  • From: Noah Meyerhans
• ProgSys verion 0.151 XSS vulnerability
  • From: security
• Re: Application orders Linux in WebAPP v0.9.9.2.1
  • From: nicolascamino
• [vuln.sg] CruiseWorks Directory Traversal and Buffer Overflow Vulnerabilities
  • From: vulnpost-remove
• who needs a server ...
  • From: auto113922
• CSLH2.9.9 Remote File Include Vulnerabilities
  • From: crackers_child
• adobe php sdk Remote File Include Vulnerabilities
  • From: crackers_child
• InteliEditor (sys_path) Remote File Include Vulnerability
  • From: xorontr
• Re: adobe php sdk Remote File Include Vulnerabilities
  • From: Mailinglists Address
• [ GLSA 200610-10 ] ClamAV: Multiple Vulnerabilities
  • From: Raphael Marichez
• [ GLSA 200610-11 ] OpenSSL: Multiple vulnerabilities
  • From: Raphael Marichez
• [ GLSA 200610-12 ] Apache mod_tcl: Format string vulnerability
  • From: Raphael Marichez
• Month of Kernel Bugs and fsfuzzer release (0.6)
  • From: L.M.H.
• Re: Smarty-2.6.1 Remote File Include Vulnerabilities
  • From: J. Carlos Nieto
• Modify Data via Inline Views
  • From: ak
• Symantec Product Security: Symantec Device Driver Elevation of Privileg
  • From: secure
• [SECURITY] [DSA 1198-1] New python2.3 packages fix arbitrary code execution
  • From: Moritz Muehlenhoff
• INCA IM-204 Dsl several vulnerabilities
  • From: crackers_child
• WikiNi Multiple Cross Site Scripting Vulnerabilities
  • From: raphael . huck
• Application orders Linux in WebAPP v0.9.9.2.1
  • From: the_free_kernel
• Multiple HTTP response splitting vulnerabilities in SHOP-SCRIPT
  • From: Debasis Mohanty
• Re: [Full-disclosure] hack.lu Bluetooth demo
  • From: Thierry Zoller
• SQL Injection in Oracle package MDSYS.SDO_LRS
  • From: ak
• SQL Injection in package SYS.DBMS_CDC_IMPDP
  • From: ak
• SQL Injection in package XDB.DBMS_XDBZ0
  • From: ak
• SQL Injection in package SYS.DBMS_SQLTUNE_INTERNAL
  • From: ak
• hack.lu Bluetooth demo
  • From: K F (lists)
• Various Cross-Site-Scripting Vulnerabilities in Oracle Reports
  • From: ak
• http://www.red-database-security.com/advisory/oracle_apex_css_notification_msg.html
  • From: ak
• Cross-Site-Scripting Vulnerability in Oracle APEX WWV_FLOW_ITEM_HELP
  • From: ak
• SQL Injection Vulnerability in Oracle WWV_FLOW_UTILITIES
  • From: ak
• Smarty-2.6.1 Remote File Include Vulnerabilities
  • From: crackers_child
• Flaw in Firefox 2.0 Final
  • From: mike
• D-Link DSL-G624T several vulnerabilities
  • From: jose . palanco
• [PHPADSNEW-SA-2006-002] phpAdsNew and phpPgAds 2.0.8-pr1 fix XSS vulnerability
  • From: Matteo Beccati
• -==PHP Nuke <= 7.9 SQL Injection and Bypass SQL Injection Protection vulnerabilities==-
  • From: paisterist . nst
• [SECURITY] [DSA 1197-1] New python2.4 packages fix arbitrary code execution
  • From: Moritz Muehlenhoff
• Re: Simple Machines Forum (SMF) XSS issue
  • From: RSnake
• AROUNDMe 0.6.9 remonte file inclusion
  • From: noislet . nospam
• PHP Generator of Object SQL Database (path) Remote File Include Vulnerability
  • From: xorontr
• WHM 10.8.0 cPanel 10.9.0 R50 CentOS 4.4 i686 WHM X v3.1.0 Xss Vulnerability
  • From: crackers_child
• speedberg <= 1.2beta1 Remote File Inclusion
  • From: k1tk4t
• XSS in Zwahlen Online Shop
  • From: MC Iglo
• iDefense Security Advisory 10.21.06: Novell eDirectory evtFilteredMonitorEventsRequest Invalid Free Vulnerability
  • From: iDefense Labs
• iDefense Security Advisory 10.21.06: Novell eDirectory NCP over IP length Heap Overflow Vulnerability
  • From: iDefense Labs
• iDefense Security Advisory 10.21.06: Novell eDirectory evtFilteredMonitorEventsRequest Heap Overflow Vulnerability
  • From: iDefense Labs
• IPEER Remote file inclusion
  • From: navairum
• trawler <= 1.8.1 Remote File Inclusion
  • From: k1tk4t
• RMSOFT Cross Site Scripting
  • From: FREAK_PR
• [ GLSA 200610-09 ] libmusicbrainz: Multiple buffer overflows
  • From: Matthias Geerdsen
• [USN-368-1] Qt vulnerability
  • From: Martin Pitt
• Re: iDefense Security Advisory 10.19.06: Kaspersky Labs Anti-Virus IOCTL Local Privilege Escalation Vulnerability
  • From: Steven M. Christey
• Virtual Law Office (phpc_root_path) Remote File Include Vulnerability
  • From: xorontr
• Hustle Labs & MNIN eDirectory Vulnerability
  • From: Ryan Smith
• Open Meetings Filing Application (PROJECT_ROOT) Remote File Include Vulnerability
  • From: xorontr
• Re: Simple Machines Forum (SMF) XSS issue
  • From: mrapples
• [OpenPKG-SA-2006.025] OpenPKG Security Advisory (drupal)
  • From: OpenPKG
• Re: Flaw in Firefox 2.0 RC2
  • From: Jure Pečar
• PHPLibrary-1.5.3(Description.php) Remote File Include
  • From: arab_anaconda
• Advisory for Oneorzero helpdesk
  • From: Mike Klingler
• [Reversemode Advisory] Kaspersky Anti-Virus Privilege Escalation
  • From: Reversemode
• PHP Poll Creator 1.04 (poll_vote.php)File Include
  • From: mahmood ali
• [security bulletin] HPSBTU02163 SSRT061223 rev.1 - HP Tru64 UNIX Running dtmail, Local Execution of Arbitrary Code
  • From: security-alert
• [ GLSA 200610-08 ] Cscope: Multiple buffer overflows
  • From: Raphael Marichez
• PHP Classifieds 7.1 - Remote File Include Vulnerability
  • From: Le . CoPrA
• Simple Machines Forum (SMF) XSS issue
  • From: josecarlos . norte
• HPSBUX02162 SSRT061223 rev.1 - HP-UX Running dtmail, Local Execution of Arbitrary Code
  • From: security-alert
• [KAPDA::#60] Mambo V4.6.x vulnerabilities
  • From: alireza hassani
• [CAID 34693, 34694]: CA BrightStor ARCserve Backup Multiple Buffer Overflow Vulnerabilities (UPDATED)
  • From: Williams, James K
• Re: iDefense Security Advisory 10.19.06: Kaspersky Labs Anti-Virus IOCTL Local Privilege Escalation Vulnerability
  • From: abel . andrade
• Re: PHP "exec", "system", "popen" (+small POC)
  • From: Bernhard Mueller
• RE: Flaw in Firefox 2.0 RC2
  • From: Sean Warnock
• Multiple XSS Vulnerabilities in KnowledgeBank 1.01
  • From: security
• Re: PhpBB<=2.0.10 (groupcp.php) Remote File Include Vulnerability
  • From: neothermic
• ATutor 1.5.3.2=> Remote File Include Vulnerability
  • From: subzero . 0000
• [DRUPAL-SA-2006-025] Drupal 4.6.10 / 4.7.4 fixes CRF issue
  • From: Uwe Hermann
• KICS CMS sql injection
  • From: fireboy2006
• [SECURITY] [DSA 1196-1] New clamav packages fix arbitrary code execution
  • From: Moritz Muehlenhoff
• ERRATA: [ GLSA 200610-07 ] Python: Buffer Overflow
  • From: Raphael Marichez
• [DRUPAL-SA-2006-024] Drupal 4.6.10 / 4.7.4 fixes multiple XSS issues
  • From: Uwe Hermann
• [DRUPAL-SA-2006-026] Drupal 4.6.10 / 4.7.4 fixes HTML attribute injection issue
  • From: Uwe Hermann
• DigitalHive 2.0 RC2 (base_include.php)File Include
  • From: mahmood ali
• Re: phpAdsNew include bug!
  • From: matteo
• [USN-367-1] Pike vulnerability
  • From: Kees Cook
• UltraCMS 0.9 sql injection
  • From: fireboy2006
• Re: Flaw in Firefox 2.0 RC2
  • From: Mark A Basil
• Advisory 11/2006: Serendipity Weblog XSS Vulnerabilities
  • From: Stefan Esser
• Re: Flaw in Firefox 2.0 RC2
  • From: Lubomir Kundrak
• iDefense Security Advisory 10.19.06: Kaspersky Labs Anti-Virus IOCTL Local Privilege Escalation Vulnerability
  • From: iDefense Labs
• [security bulletin] HPSBST02161 SSRT061264 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS06-056 Through MS06-065
  • From: security-alert
• TORQUE Spool Job Race condition (torque <= 2.0.0p8)
  • From: Luís Miguel Silva
• RE: Flaw in Firefox 2.0 RC2
  • From: Aras "Russ" Memisyazici
• [Xss] IN SMF 1.1 RC2
  • From: the_free_kernel
• SQL Injection simplog
  • From: navairum
• Re: PHPRecipeBook <= 2.35 ((g_rb_basedir)) Remote File Include Exploit
  • From: theif
• [OpenPKG-SA-2006.024] OpenPKG Security Advisory (asterisk)
  • From: OpenPKG
• [ MDKSA-2006:186 ] - Updated kdelibs packages fix KHTML vulnerability
  • From: security
• PHP "exec", "system", "popen" problem
  • From: Дмитрий Borgir
• rPSA-2006-0195-1 kdelibs
  • From: rPath Update Announcements
• [USN-366-1] binutils vulnerability
  • From: Kees Cook
• Security-Assessment.com Advisory: Asterisk remote heap overflow
  • From: Adam Boileau
• Re: PHPRecipeBook <= 2.35 ((g_rb_basedir)) Remote File Include Exploit
  • From: str0ke
• Static fmat exploits with random va
  • From: root
• Re: Flaw in Firefox 2.0 RC2
  • From: arny
• Secunia Research: IBM Lotus Notes Insecure Default Folder Permissions
  • From: Secunia Research
• Secunia Research: Joomla BSQ Sitestats Script Insertion and SQL Injection
  • From: Secunia Research
• Re: Flaw in Firefox 2.0 RC2
  • From: Paul Schmehl
• {x0n3-h4ck} DEV Web Manager System <= 1.5 XSS Exploit
  • From: corrado . liotta
• Re: Utimaco Safeguard Easy vulnerability
  • From: Juha-Matti Laurio
• Airmagnet management interfaces multiple vulnerabilities
  • From: noreply
• Multiple vulnerabilities in Highwall Enterprise and Highwall Endpoint management interface
  • From: noreply
• Call for Papers - First International Workshop on Secure Software Engineering (SecSE 2007)
  • From: Lillian Røstad
• PHPRecipeBook <= 2.35 ((g_rb_basedir)) Remote File Include Exploit
  • From: CarcaBotx
• PhpBB<=2.0.10 (groupcp.php) Remote File Include Vulnerability
  • From: mahmood ali
• CS-Forum 0.82 (ajouter.php) Remote File Include Vulnerability
  • From: mahmood ali
• TSLSA-2006-0057 - multi
  • From: Trustix Security Advisor
• Analysis of the Oracle October 2006 Critical Patch Update
  • From: David Litchfield
• [ECHO_ADV_46$2006] P-Book <= 1.17 (pb_lang) Remote File Inclusion
  • From: erdc
• zorum_3_5 <=(dbproperty.php) Remote File Inclusion Exploit
  • From: MoHaNdKo
• Re: Flaw in Firefox 2.0 RC2
  • From: Shane Lahey
• Simplog 0.9.3.1 SQL Injection
  • From: disfigure
• Boonex Dolphin 5.2 Remote File Inclusion
  • From: disfigure
• Comdev One Admin 4.1 Remote File Inclusion
  • From: disfigure
• Re: phpAdsNew include bug!
  • From: Wim Godden
• [ MDKSA-2006:185 ] - Updated php packages to address multiple vulnerabilities
  • From: security
• [ MDKSA-2006:184 ] - Updated clamav packages fix vulnerabilities
  • From: security
• Re: Flaw in Firefox 2.0 RC2
  • From: jm
• Re: Flaw in Firefox 2.0 RC2
  • From: Eliah Kagan
• [ MDKSA-2006:183 ] - Updated libksba packages correct DoS vulnerability
  • From: security
• iDefense Security Advisory 10.17.06: Opera Software Opera Web Browser URL Parsing Heap Overflow Vulnerability
  • From: iDefense Labs
• Rapid7 Advisory R7-0026: HTTP Header Injection Vulnerabilities in the Flash Player Plugin
  • From: advisory
• [ GLSA 200610-07 ] Python: Buffer Overflow
  • From: Raphael Marichez
• rPSA-2006-0194-1 kernel
  • From: rPath Update Announcements
• phpAdsNew include bug!
  • From: wacky
• [ GLSA 200610-06 ] Mozilla Network Security Service (NSS): RSA signature forgery
  • From: Raphael Marichez
• [ GLSA 200610-05 ] CAPI4Hylafax fax receiver: Execution of arbitrary code
  • From: Raphael Marichez
• Re: Flaw in Firefox 2.0 RC2
  • From: Jose Nazario
• [security bulletin] HPSBUX02155 SSRT061235 rev.2 HP-UX CIFS Server (Samba) Local Unauthorized Access, Elevated Privileges
  • From: security-alert
• Flaw in Firefox 2.0 RC2
  • From: Mike
• [ECHO_ADV_55$2006]Phpmybibli <=2.1 Multiple Remote File Inclusion Vulnerability
  • From: erdc
• [OpenPKG-SA-2006.023] OpenPKG Security Advisory (php)
  • From: OpenPKG
• TorrentFlux user_id Script Insertion
  • From: 3cab7cc7
• TorrentFlux file Script Insertion
  • From: 3cab7cc7
• TorrentFlux action Script Insertion
  • From: 3cab7cc7
• Re: Directory Traversal Vulnerability in Goop Gallery 2.0.2
  • From: gene
• PR06-03b: F5 Firepass 1000 SSL VPN version 5.5 vulnerable to Cross-Site Scripting
  • From: research
• [USN-365-1] libksba vulnerability
  • From: Kees Cook
• [Xss] IN phplist v 2.10.2,
  • From: the-free_kernel
• Re: vbulletin Exploit Tool Box
  • From: scottREMOVE
• About.com contact
  • From: C. Hamby
• Advisory 10/2006: ViewVC Undefined Charset UTF-7 XSS Vulnerability
  • From: Stefan Esser
• PHP Forge 3b2 (/inc/inc.php) Remote File Include Vulnerability
  • From: mahmood ali
• patchlodel-0.7.3 - Remote File Include Vulnerabilities
  • From: erne
• Rapid7 Advisory R7-0025: Buffer Overflow in NVIDIA Binary Graphics Driver For Linux
  • From: advisory
• iDefense Security Advisory 10.15.06: Clam AntiVirus ClamAV rebuildpe Heap Overflow Vulnerability
  • From: iDefense Labs
• Full Path Disclosure in PHP-Wyana (2)
  • From: xx_hack_xx_2004
• iDefense Security Advisory 10.15.06: Clam AntiVirus ClamAV CHM Chunk Name Length DoS Vulnerability
  • From: iDefense Labs
• osprey 1.0 (ListRecords.php) Remote File Include Vulnerability
  • From: KaBaRa . HaCk . eGy
• [ GLSA 200610-04 ] Seamonkey: Multiple vulnerabilities
  • From: Raphael Marichez
• [USN-364-1] Xsession vulnerability
  • From: Kees Cook
• WebYep-1.1.9 - Remote File Include Vulnerabilities
  • From: erne
• MOStlyCEV454 - Remote File Include Vulnerabilities
  • From: erne
• VoMM: Taking browser exploits to the next level
  • From: avivra
• :ShAnKaR: WoltLab Burning Book <=1.1.2 multiple vulnerabilities
  • From: 3APA3A
• Full Path Disclosure in PHP-Wyana
  • From: xx_hack_xx_2004
• maintain-3.0.0-RC2 - Remote File Include Vulnerabilities
  • From: erne
• Back-end ( File Include Vulnerability Exploit )
  • From: h4ck3riran
• vbulletin Exploit Tool Box
  • From: [dot]
• SYMSA-2006-010: Directory Traversal in IronWebMail
  • From: research
• bbsNew ( File Include Vulnerability Exploit )
  • From: h4ck3riran
• Security Advisory for Bugzilla 2.18.5, 2.20.2, 2.22, and 2.23.2
  • From: mkanat
• Kmail <= 1.9.1 (table/frameset) DOS
  • From: nnp
• Re: [Full-disclosure] Kmail <= 1.9.1 (table/frameset) DOS
  • From: Vidar Løkken
• Re: @lex Guestbook <=(ModeliXe.php) Remote File Inclusion Exploit
  • From: ptitgal
• ISS BlackICE PC Protection Filelock protection bypass Vulnerability
  • From: Matousec - Transparent security Research
• Re: yet another OpenSSH timing leak?
  • From: Marco Ivaldi
• Spoofing security dialog in object packager - 2
  • From: seejay . 11
• Jinzora 2.6 - Remote File Include Vulnerabilities
  • From: erne
• Re: Multiple XSS Vulnerabilities in Zen Cart 1.3.5
  • From: security
• WDT:- osTicket File Include all V
  • From: stormhacker
• Re: Jax LinkLists Remote File include
  • From: xorontr
• Re: Secunia Research: Microsoft Windows Object Packager Dialog Spoofing
  • From: edubp2002
• Re: DanPHPSupport => 0.5 Cross Site Scripting Vulnerabilities
  • From: dansoftaus
• Multiple XSS Vulnerability in Gcontact
  • From: security
• Re: iDefense Security Advisory 10.11.06: Sun Microsystems Solaris NSPR Library Arbitrary File Creation Vulnerability
  • From: Marco Ivaldi
• EXlor 1.0 (/fonctions/template.php) Remote File Include Vulnerability
  • From: mahmood ali
• @lex Guestbook <=(ModeliXe.php) Remote File Inclusion Exploit
  • From: xp1o
• iDefense Security Advisory 10.13.06: Apache HTTP Server mod_tcl set_var Format String Vulnerability
  • From: iDefense Labs
• Utimaco Safeguard Easy vulnerability
  • From: boomboom999
• Buzlas <= v2006-1 Full Remote File Include Vulnerability
  • From: nima . salehi
• PHP Top webs (config.php) Remote File Inclue Vulnerability
  • From: Le . CoPrA
• PhpBB Prillian French Remote File Include Vulnerability
  • From: nima . salehi
• RPG Events 1.0.0 Remote File Include Vulnerability
  • From: nima . salehi
• phpBB lat2cyr <= 1.0.1 Remote File Include Vulnerability
  • From: nima . salehi
• AMAZONIA MOD Remote File Include Vulnerability
  • From: nima . salehi
• news defilante horizontale <= 4.1.1 Remote File Include Vulnerability
  • From: nima . salehi
• maluinfo version 206.2.38l Remote File Include Vulnerability
  • From: nima . salehi
• SpamOborona PHPBB Plugin Remote File Include Vulnerability
  • From: nima . salehi
• phpBB Add Name Remote File Include Vulnerability
  • From: nima . salehi
• phpMyConferences <= 8.0.2 Remote File Inclusion
  • From: k1tk4t
• MNews <= 2.0 (noticias.php) Remote File Inclue Vulnerability
  • From: Le . CoPrA
• Jax LinkLists Remote File include
  • From: dj_remix_20
• pbpbb archive for search engines Remote File Include Vulnerability
  • From: nima . salehi
• TorrentFlux startpop.php torrent Script Insertion
  • From: 566d9bfe
• [SECURITY] [DSA 1166-2] New cheesetraceker packages fix buffer overflow
  • From: Steve Kemp
• Jax Newspage Remote File include
  • From: dj_remix_20
• news7 <= (news.php) Remote File Inclusion Exploit
  • From: xp1o
• PHPht Topsites Remote File &#304;nclude
  • From: By_KorsaN_Son
• phpBB Security <= 1.0.1 Remote File Include Vulnerability
  • From: nima . salehi
• Bloq 0.5.4 Remote File &#304;nclude
  • From: By_KorsaN_Son
• PHP Cards <= 1.3 Remote File Inclue Vulnerability
  • From: Le . CoPrA
• ISOI II - a DA Workshop (announcement and CFP)
  • From: Gadi Evron
• phpBB PlusXL 2.x <= biuld 272 Remote File Include Vulnerability
  • From: nima . salehi
• Download-Engine Remote File &#304;nclude
  • From: By_KorsaN_Son
• SpamBlockerMODv <= 1.0.2 Remote File Include Vulnerability
  • From: nima . salehi
• CMS contenido Path Disclosure
  • From: CvIr . System
• Morcego CMS <= 0.9.6 Remote File Inclue Vulnerability
  • From: Le . CoPrA
• PacSec Hype Security Team: CGI.pm param injection
  • From: Dragos Ruiu
• RamaCMS (adodb.inc.php) Remote File Inclue Vulnerability
  • From: Le . CoPrA
• [security bulletin] HPSBST02134 SSRT061187 rev.2 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS06-052, MS06-053 and MS06-054
  • From: security-alert
• [security bulletin] HPSBST02160 SSRT061254 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS06-055
  • From: security-alert
• CMS contenido Remote File Inclusion
  • From: CvIr . System
• Mcafee Network Agent (mcnasvc.exe) Remote DoS
  • From: Alexander Hristov
• Open Conference Systems <= 1.1.3 Remote File Inclusion
  • From: k1tk4t
• Google Earth (kml & kmz files) buffer overflow
  • From: Alexander Hristov
• Phpbb insert mod Remote file include
  • From: By_KorsaN_Son
• Black Hat CFP, Registration, and Announcements for October
  • From: Jeff Moss
• Download-Engine Remote File Include
  • From: v1per-hacker
• Security Suite IP Logger Remote File Inclusion
  • From: ReeM_HaCk
• Iono all version fullpath disclosure
  • From: hack2prison
• Admin User Viewed Posts Tracker Remote File Include Vulnerability
  • From: nima . salehi
• Journals System <= 1.0.2 [RC2] Remote File Include Vulnerability
  • From: nima . salehi
• Cisco Security Advisory: Default Password in Wireless Location Appliance
  • From: Cisco Systems Product Security Incident Response Team
• ExtCalThai_Component <= 0.9.1 Remote File Inclusion
  • From: k1tk4t
• [security bulletin] HPSBMA02158 SSRT061251 rev.1 - HP Version Control Agent, Remote Unauthorized Access and Possible Elevation of Privilege
  • From: security-alert
• Xeobook <= 0.93 Multiple SQL Injection Vulnerabilities
  • From: Tamriel
• XeoPort <= 0.81 SQL Injection Vulnerability
  • From: Tamriel
• MHL-2006-002 Public Advisory: "Call-Center-Software" Multiple Security Issues
  • From: Mayhemic Labs Security
• SecureWorks Research Client Advisory: Multiple Vendor Bluetooth Memory Stack Corruption Vulnerability
  • From: Research
• MS06-060 Microsoft Word Memmove Code Execution
  • From: Avert
• iDefense Security Advisory 10.11.06: Sun Microsystems Solaris NSPR Library Arbitrary File Creation Vulnerability
  • From: iDefense Labs
• new version of phplist fix XSS vulnerability
  • From: info
• iDefense Security Advisory 10.11.06: AOL YGPPDownload SetAlbumName ActiveX Control Buffer Overflow Vulnerability
  • From: iDefense Labs
• zenphoto Multiple Path Disclosure and Cross Site Scripting Vulnerabilities
  • From: raphael . huck
• [ MDKSA-2006:182 ] - Updated kernel packages fix multiple vulnerabilities and bugs
  • From: security
• Re: gcards (languagefile) <= Remote File Include
  • From: str0ke
• AlberT-EasySite <= 1.0.a5 Remote File Inclusion
  • From: k1tk4t
• CommunityPortals <= 1.0 Remote File Include Vulnerability
  • From: nima . salehi
• Re: phpWebSite 0.10.2 Remote File Include Vulnerabilities
  • From: kevin
• New tool release today - "wyd" - password profiling
  • From: Max Moser
• Noah's Classifieds Cross Site Scripting Vulnerability
  • From: raphael . huck
• gcards (languagefile) <= Remote File Include
  • From: D-virus
• Jinzora <= 2.1 Remote File Inclusion
  • From: k1tk4t
• [USN-363-1] libmusicbrainz vulnerability
  • From: Kees Cook
• Secunia Research: Microsoft Windows Object Packager Dialog Spoofing
  • From: Secunia Research
• MysqlDumper Version 1.21 b6 Xss Vulnerability
  • From: crackers_child
• Microsoft Office Malformed Record Memory Corruption Vulnerability
  • From: Sowhat
• ShmooCon 2006 CFP Announcement
  • From: B Potter
• Directory Traversal Vulnerability in Goop Gallery 2.0.2
  • From: security
• rPSA-2006-0187-1 idle python
  • From: rPath Update Announcements
• Re: The latest version of iSearch is V2.16 <= (index.php) Remote File Inclusion Exploit
  • From: Steven M. Christey
• [ MDKSA-2006:181 ] - Updated python packages fix vulnerability
  • From: security
• iDefense Security Advisory 10.10.06: FreeBSD ptrace PT_LWPINFO Denial of Service Vulnerability
  • From: iDefense Labs
• pacsec hype security team: 7 words of warning about Macromedia Flash Player 9+
  • From: Dragos Ruiu
• blueshoes <= 4.6_public Remote File Inclusion
  • From: k1tk4t
• claroline <= 180rc1 Remote File Inclusion
  • From: k1tk4t
• tagit2b -- Remote File Inclusion
  • From: k1tk4t
• PHPLibrary <= 1.5.3 Remote File Inclusion
  • From: k1tk4t
• [SECURITY] [DSA 1195-1] new openssl096 packages fix denial of service
  • From: Noah Meyerhans
• Re: yet another OpenSSH timing leak?
  • From: Marco Ivaldi
• [Fedora] libtool-ltdl uses relative paths to resolve and load libraries
  • From: Enrico Scholz
• [USN-362-1] PHP vulnerabilities
  • From: Martin Pitt
• ZDI-06-034: Microsoft Office Word Malformed Chart Code Execution Vulnerability
  • From: zdi-disclosures
• ZDI-06-032: Microsoft Office PowerPoint Malformed Slide Notes Rebuilding Vulnerability
  • From: zdi-disclosures
• ZDI-06-033: Microsoft Office Excel File Format DATETIME Record Parsing Vulnerability
  • From: zdi-disclosures
• [security bulletin] HPSBUX02087 SSRT4728 rev.4 - HP-UX running TCP/IP Remote Denial of Service (DoS)
  • From: security-alert
• MHL-2006-001 Public Advisory: "Eazy Cart" Multiple Security Issues
  • From: Mayhemic Labs Security
• Re: yet another OpenSSH timing leak?
  • From: Gianluca Varisco
• eXpBlog <= 0.3.5 Cross Site Scripting Vulnerabilities
  • From: Tamriel
• Re: The latest version of iSearch is V2.16 <= (index.php) Remote File Inclusion Exploit
  • From: str0ke
• phpWebSite 0.10.2 Remote File Include Vulnerabilities
  • From: crackers_child
• MS Windows DRM software Memory Corruption
  • From: Joxean Koret
• [ECHO_ADV_54$2006]vtiger CRM <=4.2 (calpath) Multiple Remote File Inclusion Vulnerability
  • From: erdc
• 7 php scripts File Inclusion / Source disclosure Vuln
  • From: gmdarkfig
• [USN-360-1] awstats vulnerabilities
  • From: Martin Pitt
• [USN-361-1] Mozilla vulnerabilities
  • From: Martin Pitt
• Re: net2ftp: a web based FTP client :) <= Remote File Inclusion
  • From: Steven M. Christey
• [SECURITY] [DSA 1194-1] New libwmf packages fix arbitrary code execution
  • From: Moritz Muehlenhoff
• yet another OpenSSH timing leak?
  • From: Marco Ivaldi
• [ECHO_ADV_52$2006]OpenDock Easy Gallery <=1.4 (doc_directory) Multiple Remote File Inclusion Vulnerability
  • From: erdc
• Cisco Security Advisory: Limitations in Cisco Secure Desktop
  • From: Cisco Systems Product Security Incident Response Team
• [ECHO_ADV_49$2006]OpenDock Easy Doc <=1.4 (doc_directory) Multiple Remote File Inclusion Vulnerability
  • From: erdc
• SUSE Security Announcement: php4,php5 (SUSE-SA:2006:059)
  • From: Ludwig Nussel
• Re: [Full-disclosure] SQL injection - moodle
  • From: scsantos@unigranrio com br
• HITBSecConf2006 CTF Source code and daemons
  • From: Praburaajan
• SQL injection - moodle
  • From: disfigure
• SQL injection - 4images
  • From: disfigure
• Freenews v1.1 <= (chemin) Remote File Include Vulnerability
  • From: xorontr
• PHP open_basedir with symlink() function Race Condition PoC exploit
  • From: paisterist . nst
• XSS IN paFileDB 3.1
  • From: zarloule04
• [ECHO_ADV_48$2006] WebYep <= 1.1.9 (webyep_sIncludePath) Multiple Remote File Inclusion Vulnerability
  • From: erdc
• PHPMyNews 1.4 <= (cfg_include_dir) Remote File Include Vulnerability
  • From: xorontr
• Advisory 09/2006: PHP unserialize() Array Creation Integer Overflow
  • From: Stefan Esser
• [ECHO_ADV_51$2006] docmint <= 2.0 (MY_ENV[BASE_ENGINE_LOC]) Remote File Inclusion Vulnerability
  • From: erdc
• Advanced Poll v2.02 :) <= Remote File Inclusion
  • From: alguidy
• [ECHO_ADV_50$2006]OpenDock Easy Blog <=1.4 (doc_directory) Multiple Remote File Inclusion Vulnerability
  • From: erdc
• Re: [funsec] Technical Paper on the ZERT Patch and VML [was: Re: ZERT patch for setSlice()]
  • From: Gadi Evron
• The latest version of iSearch is V2.16 <= (index.php) Remote File Inclusion Exploit
  • From: xp1o
• JavaScript Spider (code that can traverse the web)
  • From: pdp (architect)
• RE: Informing Companies about security vulnerabilities...
  • From: Wolf Halton
• Re: zero-day flaws in Firefox: about 30 unpatched Firefox flaws
  • From: Mailinglists Address
• RE: Informing Companies about security vulnerabilities...
  • From: Arian J. Evans
• PHP Live! <= 3.1 help.php Remote File Inclusion vulnerability
  • From: paisterist . nst
• RE: Informing Companies about security vulnerabilities...
  • From: bugtraq
• Re: Security contact for Myspace/Fox?
  • From: Juha-Matti Laurio
• Observations on Mandatory Integrity Control (MIC) in Windows Vista
  • From: Enno Rey
• Re: Invision Power Board Multiple Vulnerabilities
  • From: Rapigator
• Sorry....My Message With Out Live Site....
  • From: Dr . Ninux
• Cahier de textes 2.0 Remote SQL injection Exploit
  • From: sami
• LS-20060313 - CA BrightStor ARCserve Backup Remote Buffer Overflow Vulnerability
  • From: advisories
• phpBB User Viewed Posts Tracker Version <= 1.0 [phpbb_root_path] File Include Vulnerability
  • From: x0r0n
• FreeForum 0.9.7 (fpath) Remote File Include Vulnerability
  • From: x0r0n
• LS-20060220 - CA BrightStor ARCserve Backup Remote Buffer Overflow Vulnerability
  • From: advisories
• Vulnerability in Btitracker
  • From: aeroxteam
• LS-20060330 - CA BrightStor ARCserve Backup Remote Buffer Overflow Vulnerability
  • From: advisories
• Re: WikyBlog <= v1.4 (WN_BASEDIR) Remote File Inclusion Exploit
  • From: Steven M. Christey
• Re: net2ftp Remote File Inclusion - bogus report
  • From: david
• [ GLSA 200610-03 ] ncompress: Buffer Underflow
  • From: Raphael Marichez
• phponline <= (LangFile) Remote File Inclusion Exploit
  • From: xp1o
• Emek Portal v2.1 SQL Injection
  • From: dj_remix_20
• Details of Lotus Notes Java Applet vulnerabilities
  • From: Jouko Pynnonen
• FreeWPS File Upload Command Execution
  • From: security
• rPSA-2006-0182-1 php php-mysql php-pgsql
  • From: rPath Update Announcements
• TSRT-06-11: CA Multiple Product DBASVR RPC Server Multiple Buffer Overflow Vulnerabilities
  • From: TSRT
• rPSA-2006-0185-1 gnome-ssh-askpass openssh openssh-client openssh-server
  • From: rPath Update Announcements
• rPSA-2006-0183-1 nss_ldap
  • From: rPath Update Announcements
• TSRT-06-12: CA BrightStor Discovery Service Mailslot Buffer Overflow Vulnerability
  • From: TSRT
• [CAID 34693, 34694]: CA BrightStor ARCserve Backup Multiple Buffer Overflow Vulnerabilities
  • From: Williams, James K
• [Reversemode Advisory] Symantec Antivirus Engine Privilege Escalation
  • From: Reversemode
• ZDI-06-031: CA Multiple Product Message Engine RPC Server Code Execution Vulnerability
  • From: zdi-disclosures
• ZDI-06-030: CA Multiple Product Discovery Service Remote Buffer Overflow Vulnerability
  • From: zdi-disclosures
• ackerTodo 4.2 SQL Injection Vulnerability
  • From: Francesco Laurita
• phpMyTeam v2.0 <= (smileys_dir) Remote File Include Vulnerability
  • From: x0r0n
• ezmlm warning
  • From: bugtraq-help
• Re: Concurrency-related vulnerabilities in browsers - expect problems
  • From: Josh Bressers
• [USN-359-1] Python vulnerability
  • From: Martin Pitt
• Re: Concurrency-related vulnerabilities in browsers - expect problems
  • From: Nick Boyce
• TorrentFlux User-Agent XSS Vulnerability
  • From: sec
• TSLSA-2006-0055 - multi
  • From: Trustix Security Advisor
• [SECURITY] [DSA 1192-1] New Mozilla packages fix several vulnerabilities
  • From: Martin Schulze
• SUSE Security Summary Report SUSE-SR:2006:024
  • From: Thomas Biege
• Hazir Site v2.0 Admin SQL Injection
  • From: dj_remix_20
• Vulnerable function in newest PowerPoint case (MS Advisory #925984)
  • From: Juha-Matti Laurio
• [ MDKSA-2006:180 ] - Updated php packages fix integer overflow vulnerability
  • From: security
• iDefense Security Advisory 10.05.06: Symantec AntiVirus IOCTL Kernel Privilege Escalation Vulnerability
  • From: iDefense Labs
• [SECURITY] [DSA 1191-1] New Mozilla Thunderbird packages fix several vulnerabilities
  • From: Martin Schulze
• Re: Concurrency-related vulnerabilities in browsers - expect problems
  • From: Mike
• WikyBlog <= v1.4 (WN_BASEDIR) Remote File Inclusion Exploit
  • From: xp1o
• Vulnerability Type Distributions in CVE
  • From: Steven M. Christey
• [ GLSA 200610-02 ] Adobe Flash Player: Arbitrary code execution
  • From: Matthias Geerdsen
• [SECURITY] [DSA 1190-1] New maxdb-7.5.00 packages fix execution of arbitrary code
  • From: Moritz Muehlenhoff
• [SECURITY] [DSA 1189-1] New openssh-krb5 packages fix denial of service and potential execution of arbitrary code
  • From: Moritz Muehlenhoff
• [ GLSA 200610-01 ] Mozilla Thunderbird: Multiple vulnerabilities
  • From: Matthias Geerdsen
• Invision Power Board Multiple Vulnerabilities
  • From: Rapigator
• [USN-357-1] Mono vulnerability
  • From: Martin Pitt
• [USN-353-2] OpenSSL vulnerability
  • From: Martin Pitt
• [USN-358-1] ffmpeg, xine-lib vulnerabilities
  • From: Martin Pitt
• Re: [funsec] Technical Paper on the ZERT Patch and VML [was: Re: ZERT patch for setSlice()]
  • From: Alexander Sotirov
• Technical Paper on the ZERT Patch and VML [was: Re: ZERT patch for setSlice()]
  • From: Gadi Evron
• Yener Haber Script v2.0 SQL injection
  • From: dj_remix_20
• Directory Traversal Vulnerability in Goop Gallery 2.0.2
  • From: security
• [SECURITY] [DSA 1188-1] New mailman packages fix several problems
  • From: Martin Schulze
• [ MDKSA-2006:179 ] - Updated openssh packages fix DoS vulnerabilities
  • From: security
• Advisory 08/2006: PHP open_basedir Race Condition Vulnerability
  • From: Stefan Esser
• [CAID 34661]: CA Unicenter WSDM File System Read Access Vulnerability
  • From: Williams, James K
• phpMyProfiler remote file include
  • From: mozi2weed
• iDefense Security Advisory 10.02.06: Novell GroupWise Messenger nmma.exe DoS Vulnerability
  • From: iDefense Labs
• PacSec 2006 Papers announcement and EUSecWest Call For Papers
  • From: Dragos Ruiu
• Re: [Full-disclosure] IE UXSS (Universal XSS in IE, was Re: Microsoft Internet Information Services UTF-7 XSS Vulnerability [MS06-053])
  • From: Paul Szabo
• Security flaw in IBM Client Security Password Manager
  • From: Luís Miguel Silva
• Re: WebspotBlogging => 3.0 Remote File Include Vulnerabilities
  • From: Steven M. Christey
• [ MDKSA-2006:178 ] - Updated ntp packages rebuilt against updated openssl.
  • From: security
• Re: [Full-disclosure] IE UXSS (Universal XSS in IE, was Re: Microsoft Internet Information Services UTF-7 XSS Vulnerability [MS06-053])
  • From: Paul Szabo
• [ MDKSA-2006:177 ] - Updated MySQL packages rebuilt against updated openssl.
  • From: security
• [ MDKSA-2006:172-1 ] - Updated openssl packages fix vulnerabilities
  • From: security
• [SECURITY] [DSA 1185-2] New openssl packages fix arbitrary code execution
  • From: Noah Meyerhans
• [security bulletin] HPSBUX02129 SSRT061149 rev.1 - HP-UX running SLP, Remote Unauthorized Access
  • From: security-alert
• FreeBSD Security Advisory FreeBSD-SA-06:22.openssh
  • From: FreeBSD Security Advisories
• Re: net2ftp: a web based FTP client :) <= Remote File Inclusion
  • From: securfrog
• Re: WebCalendar-1.0.3 reading of any files
  • From: webcalendar
• Portable shell-exploit for buffer-overflow bugs
  • From: Roman Medina-Heigl Hernandez
• Microsoft Internet Information Services UTF-7 XSS Vulnerability [MS06-053]
  • From: Eiji James Yoshida
• Security contact for Myspace/Fox?
  • From: E Mintz
• [USN-354-1] Firefox vulnerabilities
  • From: Martin Pitt
• Re: [Full-disclosure] IE UXSS (Universal XSS in IE, was Re: Microsoft Internet Information Services UTF-7 XSS Vulnerability [MS06-053])
  • From: Brian Eaton
• digishop v 4.0.0 Xss Vuln.
  • From: meto5757
• [USN-356-1] gdb vulnerability
  • From: Martin Pitt
• [USN-355-1] openssh vulnerabilities
  • From: Martin Pitt
• "POC 2006" by Korean hackers
  • From: securityproof
• IE UXSS (Universal XSS in IE, was Re: Microsoft Internet Information Services UTF-7 XSS Vulnerability [MS06-053])
  • From: Paul Szabo
• [security bulletin] HPSBUX02157 SSRT061220 rev.1 HP-UX Running Ignite-UX Server, Remote Unauthorized Access and Privilege Elevation
  • From: security-alert
• Dayfox Blog v2.0 Remote file include
  • From: dj_remix_20
• Pebble 2.0.0 RC[1,2] XSS vulnerability
  • From: Paolo Perego
• Kerio Multiple insufficient argument validation of hooked SSDT function Vulnerability
  • From: David Matousek
• IBM Informix Dynamic Server V10.0 File Clobbering during Install
  • From: Larry Cashdollar
• [OpenPKG-SA-2006.022] OpenPKG Security Advisory (openssh)
  • From: OpenPKG
• EasyBannerFree (functions.php) Remote File Include Exploit
  • From: las_kid
• phpMyWebmin 1.0 <= (target) Remote File Include Vulnerability
  • From: x0r0n
• Layered Defense Advisory: TrendMicro OfficesScan Corporate Edition Format String Vulnerability
  • From: dh
• zero-day flaws in Firefox: about 30 unpatched Firefox flaws
  • From: ragan
• 0day in Firefox from ToorCon '06
  • From: Thor Larholm
• Advisory 07/2006: phpMyAdmin Multiple CSRF Vulnerabilities
  • From: Stefan Esser
• ZERT patch for setSlice()
  • From: Gadi Evron
• phpBB XS <= 0.58 (phpbb_root_path) Remote File Include Vulnerability(2)
  • From: x0r0n
• Yblog => Cross Site Scripting
  • From: h4ck3riran
• OlateDownload 3.4.0 Multiple Vulnerabilities
  • From: no-reply
• [SECURITY] [DSA 1186-1] New cscope packages fix arbitrary code execution
  • From: Moritz Muehlenhoff
• [SECURITY] [DSA 1187-1] New migrationtools packages fix denial of service
  • From: Moritz Muehlenhoff
• setSlice exploited in the wild - massively
  • From: Gadi Evron
• Mercury SiteScope 8.2 (8.1.2.0) Cross Site Scripting (XSS) Vulnerability
  • From: ozkan . aziz
• rPSA-2006-0176-1 openldap openldap-clients openldap-servers
  • From: rPath Update Announcements
• Matasano Advisory: MacOS X Mach Exception Server Privilege Escalation
  • From: Matasano Advisories
• rPSA-2006-0175-2 openssl openssl-scripts
  • From: rPath Update Announcements
• Determina zero-day fix for CVE-2006-3730 (WebViewFolderIcon setSlice Integer Overflow)
  • From: Alexander Sotirov
• [ MDKSA-2006:176 ] - Updated xine-lib packages fix buffer overflow vulnerabilities
  • From: security
• [ MDKSA-2006:175 ] - Updated mplayer packages fix buffer overflow vulnerabilities
  • From: security
• [ MDKSA-2006:174 ] - Update gstreamer-ffmpeg packages fix buffer overflow vulnerabilities
  • From: security
• [ MDKSA-2006:173 ] - Updated ffmpeg packages fix buffer overflow vulnerabilities
  • From: security
• Re: [Full-disclosure] VML Exploit vs. AV/IPS/IDS signatures
  • From: SanjayR
• Sql injection in PostNuke [Admin section]
  • From: Omid
• Advisory 06/2006: PHProjekt (Remote) Include Vulnerabilities
  • From: Stefan Esser
• UBB.threads Multiple input validation error
  • From: security
• [MajorSecurity Advisory #28]ConPresso CMS - Multiple Cross Site Scripting and SQL Injection Issues
  • From: admin
• FreeBSD Security Advisory FreeBSD-SA-06:23.openssl [REVISED]
  • From: FreeBSD Security Advisories
• Secunia Research: Joomla BSQ Sitestats Component Multiple Vulnerabilities
  • From: Secunia Research
• TSLSA-2006-0054 - multi
  • From: Trustix Security Advisor
• Re: ssLinks <=v1.22 Multiple SQL Injection Vulnerabilities
  • From: rip
• rPSA-2006-0175-1 openssl openssl-scripts
  • From: rPath Update Announcements
• [ MDKSA-2006:172 ] - Updated openssl packages fix vulnerabilities
  • From: security
• MkPortal UrloBox Increment Zize Desfiguration
  • From: vannovax
• [ MDKSA-2006:171 ] - Updated openldap packages fixes ACL vulnerability
  • From: security
• [ GLSA 200609-19 ] Mozilla Firefox: Multiple vulnerabilities
  • From: Matthias Geerdsen
• Re: xxs in MKPortal M1.1
  • From: security
• [ MDKSA-2006:157-1 ] - Updated musicbrainz packages fix buffer overflow vulnerabilities
  • From: security
• [ GLSA 200609-20 ] DokuWiki: Shell command injection and Denial of Service
  • From: Matthias Geerdsen
• Re: [Full-disclosure] VML Exploit vs. AV/IPS/IDS signatures
  • From: Pukhraj Singh