Bugtraq
[Prev Page][Next Page]
- file include exploits in mcGuestbook 1.3
- Re: PaintedOver.com, Inc. 2004-2006 Xss Vulnerabilities
- Oracle DBMS_STANDARD security problem
- PhpMyFactures 1.0 Cross Site Scripting, SQL Injection, Full Path Disclosure and others
- GamePlay.co.uk XSS
- RE: Windows Software Restriction Policy Protection Bypass
- Chipmailer <= 1.09 Multiple Vulnerabilities
- RE: Dell Openmanage CD Vulnerability
- iDefense Security Advisory 06.13.06: Windows Media Player PNG Chunk Decoding Stack-Based Buffer Overflow
- REMOTE FILE INCLUSION ( ALL )
- blur6ex <= 0.3.462 'ID' blind sql injection
- Re: PHP-Nuke <= 7.9 Search XSS Vulnerability
- Re: vbulletin.com Multiple XSS Vulnerabilities
- TikiWiki Sql injection & XSS Vulnerabilities
- From: bug@xxxxxxxxxxxxxxx
- Web-CMS <<--1.0 "print.php" SQL injection
- [REVERSEMODE ADVISORY] MS06-030 NtClose DeadLock.
- Re: Simpnews <= All version - Remote File Include Vulnerabilities
- # MHG Security Team --- PHPAskIt v2.0.1 Remote File Inc.
- [REVERSEMODE ADVISORY] MS06-030 - Microsoft Mrxsmb.sys privilege escalation advisory
- Ltwcalendar 4.1.3 version - Remote File Include Vulnerabilities
- Re: Shoutpro 1.0 Version - Remote File Include Vulnerability
- iDefense Security Advisory 06.13.06: Windows MRXSMB.SYS MrxSmbCscIoctlCloseForCopyChunk DoS
- S H O U T B O X (v1.5) Version - Remote File Include Vulnerability
- Amr Talkbox talkbox.PHP - Remote File Include Vulnerabilities
- Jobline 1 1 1 Version - Remote File Include Vulnerability
- PHP MESSENGER 1.0 Version - Remote File Include Vulnerability
- ZDI-06-017: Microsoft Internet Explorer UTF-8 Decoding Heap Overflow Vulnerability
- iDefense Security Advisory 06.13.06: Microsoft Internet Explorer ART File Heap Corruption Vulnerability
- iDefense Security Advisory 06.13.06: Windows MRXSMB.SYS MRxSmbCscIoctlOpenForCopyChunk Overflow
- High Risk Vulnerability in Microsoft Windows RASMAN Service
- multiple Xss exploits in 35mmslidegallery V6
- Simpnews <= All version - Remote File Include Vulnerabilities
- VBZooM <<--V1.01 "language.php" SQL injection
- [SECURITY] [DSA 1096-1] New webcalendar packages fix arbitrary code execution
- VBZooM <<--V1.11 "subject.php" SQL injection
- Re: SSL VPNs and security
- VBZooM <<--V1.02 "meaning.php" SQL injection
- Re: BUGTRAQ:20060611 ThWboard 3.0 <= SQL Injection
- DCP-Portal 6.1.x, Remote command execution
- Content-Builder (CMS) 0.7.5, Remote command execution
- Emllabs.com - XSS
- Call For Papers - No cON Name 2006 Edition Spain
- From: Jose Nicolas Castellano
- [FSA013] phpCMS 1.2.1pl2, Remote command execution
- internet explorer vulnerability based on MarjinZ & Mr.Niega discovered
- Re: Internet Explorer vulnerbility
- Re: Windows XP Task Scheduler Local Privilege Escalation (Advisory)
- Invision Power Board XSS
- Re: Ie opera dos exploit
- Blackplanet.com - XSS & cookie disclosure vuln.
- [ GLSA 200606-09 ] SpamAssassin: Execution of arbitrary code
- From: Sune Kloppenborg Jeppesen
- Yourfacesucks.com - XSS & cookie disclosure
- Re: SSL VPNs and security
- Re: Internet Explorer vulnerbility
- Onlinenode.com - XSS
- [EEYEB-20060524] Symantec Remote Management Stack Buffer Overflow
- Meefo.com - XSS with cookie include
- # MHG Security Team --- PHORUM 5.1.13 Remote File Inc.
- Vampirefreaks.com - XSS with cookie disclosure
- Re: SSL VPNs and security
- Flork.com
- RE: Internet Explorer vulnerbility
- From: Greg Merideth (Forward Technology)
- Re: SSL VPNs and security
- myPHP Guestbook 2.0.2 XSS Vulnerabilitie
- [ MDKSA-2006:099 ] - Updated freetype2 packages fixes multiple vulnerabilities.
- rPSA-2006-0100-1 freetype
- Virtualtourist.com - XSS with cookie disclosure
- Re: igloo DoubleSpeak v 0.1 Multiple remote file inclusion
- [ GLSA 200606-14 ] GDM: Privilege escalation
- From: Sune Kloppenborg Jeppesen
- Wireclub.com - XSS & cookie disclosure
- Windows XP Task Scheduler Local Privilege Escalation (Advisory)
- Stargazer.org - XSS with Session output
- cescripts.com - XSS
- ThWboard 3.0 <= SQL Injection
- Nowtalking.com - XSS
- sorry i wrong something, this is original AWF CMS 1.11 adv
- Foing (manage_songs.php) Remote File Inclusion[phpBB]
- Opengaia.com - XSS Vuln & Session Include
- [KAPDA::48]CopperminePhotoGallery1.4.8~ addhit() function~ SQLinjection attack
- Wanderlist.com - XSS vuln with sessions disclosure
- PaintedOver.com, Inc. 2004-2006 Xss Vulnerabilities
- tempnam() Bypass unique file name PHP 5.1.4
- Myscrapbook v3.1 - XSS
- CS-Forum <= 0.81 Cross Site Scripting, SQL Injection, Full Path Disclosure
- RCblog 1.03 Directory Traversal [index.php]
- Re: iFoto v0.20-06/06/06
- WinSCP - URI Handler Command Switch Parsing
- Secunia Research: MyBB "domecode()" PHP Code Execution Vulnerability
- vbulletin.com Multiple XSS Vulnerabilities
- 5 Star Review - review-script.com - XSS w/ cookie output
- Hotbot.com - XSS vulnerability in search engine
- Lycos.com - XSS vulnerability
- [ GLSA 200606-13 ] MySQL: SQL Injection
- From: Sune Kloppenborg Jeppesen
- [ GLSA 200606-12 ] Mozilla Firefox: Multiple vulnerabilities
- From: Sune Kloppenborg Jeppesen
- Mydeardiary.com - XSS
- [ GLSA 200606-11 ] JPEG library: Denial of Service
- From: Sune Kloppenborg Jeppesen
- igloo DoubleSpeak v 0.1 Multiple remote file inclusion
- Diaryland.com - XSS
- [ GLSA 200606-10 ] Cscope: Many buffer overflows
- From: Sune Kloppenborg Jeppesen
- [KAPDA::#47] - Snitz Forum <= 3.4.05 SQL-Injection Vulnerability
- Joomla! 1.0 Remote File Inclusion
- ERRATA: [ GLSA 200604-10 ] zgv: Heap overflow
- From: Sune Kloppenborg Jeppesen
- [MajorSecurity #12]ZMS<= 2.9 - XSS
- [MajorSecurity #14]CFXe-CMS <= 2.0 - XSS
- [MajorSecurity #13]Cabacos Web CMS<= 3.8 - XSS
- [MajorSecurity #11]OpenCMS<= 6.2.1 - XSS
- AsianXO.com - XSS with cookie data include
- Tempinbox.com
- fx-APP Version 0.0.8.1
- Ringlink v3.2 - XSS
- [SECURITY] [DSA 1095-1] New freetype packages fix several vulnerabilities
- rPSA-2006-0099-1 openldap openldap-clients openldap-servers
- CORE-2006-0330: Asterisk PBX truncated video frame vulnerability
- From: Core Security Technologies advisories
- [Kil13r-SA-20060609-3] DreamWiz Search Cross-Site Scripting Vulnerability
- [Kil13r-SA-20060609-2] DaNaWa Search Cross-Site Scripting Vulnerability
- [Kil13r-SA-20060609-1] Daum Search Cross-Site Scripting Vulnerability
- [USN-296-1] firefox vulnerabilities
- TSLSA-2006-0034 - multi
- From: Trustix Security Advisor
- 0verkill 0.6, Remote integer overflow
- Re: [Full-disclosure] Windows Software Restriction Policy Protection Bypass
- ST AdManager Lite v1
- P.A.I.D v2.2
- Windows Software Restriction Policy Protection Bypass
- [USN-288-2] PostgreSQL server/client vulnerabilities
- Re: IRM 019: MailMarshal 6.1 SMTP MTA Content Filter Bypass
- [USN-288-3] PostgreSQL client vulnerabilities
- Contensis CMS XSS vunerability
- CORE-2006-0327: IAXclient truncated frames vulnerabilities
- From: Core Security Technologies advisories
- PHP-Nuke Download Module Remote SQL Injection
- TinyMuw v1.0 - XSS
- Secunia Research: AutoMate unacev2.dll Buffer Overflow Vulnerability
- [ GLSA 200606-08 ] WordPress: Arbitrary command execution
- From: Sune Kloppenborg Jeppesen
- Secunia Research: SelectaPix Cross-Site Scripting and SQL Injection Vulnerabilities
- Re: SSL VPNs and security
- Re: SSL VPNs and security
- Re: DGbook v1.0 - XSS
- Docebo Lms 3.0.3, Remote command execution
- MobeSpace v2.0 - XSS
- Docebo Kms 3.0.3, Remote command execution
- Re: libgd 2.0.33 infinite loop in GIF decoding ?
- mole.com.ua Ticket Booking Script - XSS
- mole.com.ua Booking Script
- Docebo Core 3.0.3, Remote command execution
- Docebo CMS 3.0.3, Remote command execution
- [USN-293-1] gdm vulnerability
- [USN-292-1] binutils vulnerability
- Re: PHP-Nuke <= 7.9 Search XSS Vulnerability
- phazizGuestbook v2.0 - XSS
- iFoto v0.20-06/06/06
- Dell Openmanage CD Vulnerability
- okscripts.com - XSS Vulns
- [SECURITY] [DSA 1094-1] New gforge packages fix cross-site scripting
- [USN-294-1] courier vulnerability
- [ GLSA 200606-07 ] Vixie Cron: Privilege Escalation
- From: Sune Kloppenborg Jeppesen
- [USN-295-1] xine-lib vulnerability
- Re: SSL VPNs and security
- From: Amit Klein (AKsecurity)
- rPSA-2006-0098-1 gdm
- SSL VPNs and security
- [security bulletin] HPSBUX02090 SSRT051058 rev.2 - HP-UX Secure Shell Remote Denial of Service (DoS)
- [security bulletin] HPSBMA02121 SSRT061157 rev.2 - HP OpenView Storage Data Protector Remote Arbitrary Command Execution
- Re: [Full-disclosure] RealVNC 4.1.1 Remote Compromise
- [SECURITY] [DSA 1092-1] New MySQL 4.1 packages fix SQL injection
- Re: Multiple Vendor NTFS Data Stream Malware Stealth Technique
- 'Multiple Sql injection and XSS in integramod portal
- [USN-291-1] FreeType vulnerabilities
- [USN-289-1] tiff vulnerabilities
- Ie opera dos exploit
- Re: Tiny Web Gallery <= 1.4 XSS
- Re: IRM 019: MailMarshal 6.1 SMTP MTA Content Filter Bypass
- bug of script injection in shoutcast servers
- Re: phpBannerExchange 2.0 Directory Traversal Vulnerability
- [SECURITY] [DSA 1091-1] New TIFF packages fix arbitrary code execution
- PHP-Nuke <= 7.9 Search XSS Vulnerability
- Back-end = 0.7.2.1 (jpcache.php) Remote command execution
- NPDS <= 5.10 Local Inclusion, XSS, Full path disclosure
- Mathcad Area Lock Vulnerability
- Uninformed Journal Release Announcement: Volume 4
- Internet Explorer vulnerbility
- Re: aWebNews <= 1.0 (login.php) Remote DocumentRoot file disclosure
- [SECURITY] [DSA 1093-1] New xine-ui packages fix denial of service
- Tikiwiki 1.9.3.2 security release
- cms-bandits 2.5, Remote command execution
- [MajorSecurity #10]i.List <= 1.5 - XSS
- GUESTEX guestbook code execution
- Ez Ringtone Manager from scriptez.net - XSS
- E-Dating System from scriptsez.net - XSS
- MiraksGalerie <= 2.62 Multiple Remote command execution
- [ GLSA 200606-06 ] AWStats: Remote execution of arbitrary code
- From: Sune Kloppenborg Jeppesen
- [NOBYTES.COM: #12] ViArt Shop v2.5.5 - XSS Vulnerability
- Easy Ad-Manager
- Chemical Directory - XSS
- Babykatmedia.com scripts - vSCAL & vREAL - XSS Vulns
- Mafia Moblog Full Path Disclosure / SQL injection
- [ MDKSA-2006:098 ] - Updated postgresql packages fixes SQL injection vulnerabilities.
- PBL Guestbook v1.31 - XSS
- [ MDKSA-2006:097 ] - Updated MySQL packages fixes SQL injection vulnerability.
- [ MDKSA-2006:096 ] - Updated openldap packages fixes buffer overflow vulnerability.
- Calendar Express 2 SQL injection
- [FLSA-2006:189137-2] Updated firefox package fixes security issues
- [FLSA-2006:190884] Updated squirrelmail package fixes security issues
- Re: [Full-disclosure] RealVNC 4.1.1 Remote Compromise
- [FLSA-2006:190941] Updated ipsec-tools package fixes security issue
- Re: XSS in ICQ.com
- [FLSA-2006:190777] Updated X.org packages fix security issue
- MiraksGalerie <= 2.62 Multiple Remote command execution
- aWebNews <= 1.0 (login.php) Remote DocumentRoot file disclosure
- [ GLSA 200606-01 ] Opera: Buffer overflow
- From: Sune Kloppenborg Jeppesen
- [ GLSA 200606-04 ] Tor: Several vulnerabilities
- From: Sune Kloppenborg Jeppesen
- Re: IRM 019: MailMarshal 6.1 SMTP MTA Content Filter Bypass
- [FLSA-2006:189137-1] Updated mozilla packages fix security issues
- MyBB 1.1.2 New XSS
- [ GLSA 200606-05 ] Pound: HTTP request smuggling
- From: Sune Kloppenborg Jeppesen
- [HV-LOW] Microsoft NetMeeting memory corruption (Brief)
- Re: XSS in ICQ.com
- rPSA-2006-0096-1 spamassassin
- Vice Stats 0.5b SQL injection
- [ GLSA 200606-03 ] Dia: Format string vulnerabilities
- From: Sune Kloppenborg Jeppesen
- Re: XSS in ICQ.com
- ADVISORY - D-Link Wireless Access-Point
- Re: [Info Disclosure] Diesel PHP Job Site Latest Version
- From: Ronald van den Blink
- Re: Squirrelmail local file inclusion
- XSS on LarkinWEB & Company
- Re: WebCalendar-1.0.3 reading of any files
- Re: Re: Fire fox dos exploit
- Re: [Full-disclosure] RealVNC 4.1.1 Remote Compromise
- TinyPHP forum <= 3.6 Remote Command Execution Exploit
- BloggIT <= 1.01 (admin.php) Arbitrary code execution
- bug on showwich.asp
- Re: Buffer-overflow and crash in Fenice OMS 1.10
- From: giampaolo . mancini
- RE: Fire fox dos exploit
- [ GLSA 200606-02 ] shadow: Privilege escalation
- From: Sune Kloppenborg Jeppesen
- Re: Squirrelmail local file inclusion
- Re: [MajorSecurity #8]DreamAccount <= 3.1 - Remote File Include Vulnerability
- libgd 2.0.33 infinite loop in GIF decoding ?
- [SECURITY] [DSA 1090-1] New spamassassin packages fix remote command execution
- IRM 019: MailMarshal 6.1 SMTP MTA Content Filter Bypass
- Asterisk 1.2.9 and Asterisk 1.0.11 Released - Security Fix
- GANTTy v1.0.3
- Re: # MHG Security Team --- MyBloggie 2.1.1 version Remote File Include Vulnerabilit
- Re: phpBB2 (template.php) Remote File Inclusion
- [ MDKSA-2006:095 ] - Updated libtiff packages fixes tiffsplit vulnerability
- ParticleSoft Wiki v1.0.2
- Re: phpBB2 (template.php) Remote File Inclusion
- ParticleSoft Whois v1.0.3
- Partial Links v1.2.2
- Particle Gallery v1.0.0
- Re: [Full-disclosure] RealVNC 4.1.1 Remote Compromise
- Multiple file include exploits in Xtreme Downloads v.1.0
- Re: phpBB2 (template.php) Remote File Inclusion
- file include in Xtreme Downloads v.1.0
- Re: Multiple Vendor NTFS Data Stream Malware Stealth Technique
- Re: PCPIN Chat <= 5.0.4 "login/language" remote cmmnds xctn
- ASPScriptz Guest Book 2.0 XSS
- Re: Bookmark4U Remote File Include
- Re: [Full-disclosure] RealVNC 4.1.1 Remote Compromise
- [KAPDA::#47] - myNewsletter 1.1.2 SQL_Injection
- [Kil13r-SA-20060606] ESTsoft InternetDISK Arbitary Code Execution Vulnerability
- [Kil13r-SA-20060605] Syworks SafeNET Policy File Vulnerability
- Personal Information Disclosure/Account Hijacking Vulerability in mafia online games
- Re: New Snort Bypass - Patch - Bypass of Patch
- Dmx Forum <= v2.1a Remote Passwords Disclosure
- Re: phpBB2 (template.php) Remote File Inclusion
- From: ad@xxxxxxxxxxxxxxxx
- [MajorSecurity #9]HostAdmin <= 3.1 - Remote File Include Vulnerability
- [MajorSecurity #8]DreamAccount <= 3.1 - Remote File Include Vulnerability
- Re: [Full Disclosure] [Kil13r-SA-20060520] Microsoft Internet Explorer Crash Vulnerability
- Advisory 04/2006: DokuWiki PHP code execution vulnerability in spellchecker
- ewsEngine <= 1.5.0(newscomments.php) Remote SQL Injection Vulnerability
- FunkBoard CF0.71 (profile.php) Remote User Pass Change Exploit
- LocazoList Classifieds <= v1.05e(viewmsg.asp) Remote SQL Injection Vulnerability
- TSLSA-2006-0032 - multi
- From: Trustix Security Advisor
- RE: Fire fox dos exploit
- Kmita FAQ v1.0
- LabWiki v1.0
- RE: phpBB2 (template.php) Remote File Inclusion
- Multiple Vendor NTFS Data Stream Malware Stealth Technique
- CyBoards PHP Lite v1.25 (common.PHP) Remote File Inclusion
- Re: [Full-disclosure] bug in oscomerce
- # MHG Security Team ---Rumble 1.02 version Remote File Inc.
- From: MSN : erne [at] ernealizm [dot] com
- # MHG Security Team ---Rumble 1.02 version Remote File Inc.
- Bookmark4U Remote File Include
- Client buffer-overflow in Quake 3 engine (1.32c / rev 795)
- XSS in ICQ.com
- SMS "messages.php" SQL injection
- New <<BackTrack release announcement
- Timberland Search XSS Vulnerability
- Re: Fire fox dos exploit
- Re: Fire fox dos exploit
- From: Ronald van den Blink
- VMSA-2006-0001 - VMware ESX Server Cross Site Scripting issue
- From: VMware Security Team
- Re: phpFoX All Version Login Exploit
- Re: Internet explorer Vulnerbility
- Re: Fire fox dos exploit
- Re: Re: Fire fox dos exploit
- Re: Fire fox dos exploit
- Re: Fire fox dos exploit
- From: Ronald van den Blink
- RE: Fire fox dos exploit
- Re: Fire fox dos exploit
- Re: [Info Disclosure] Diesel PHP Job Site Latest Version
- Re: OaBoard 1.0 Remote File inclusion
- Re: WBB<--v2.3.4"misc.php" SQL injection Vulnerability
- LifeType <=1.0.4 'articleId' SQL injection
- DotClear <= 1.2.4 'blog_dc_path' (php5) arbitrary remote inclusion
- Re: New Snort Bypass - Patch - Bypass of Patch
- [SECURITY] [DSA 1089-1] New freeradius packages fix arbitrary code execution
- [MajorSecurity #7]dotWidget CMS <= 1.0.6 - Remote File Include Vulnerability
- phpBB2 (template.php) Remote File Inclusion
- LocazoList Classifieds <= v1.05e(viewmsg.asp) Remote SQL Injection Vulnerability
- Re: # MHG Security Team --- MyBloggie 2.1.1 version Remote File Include Vulnerabilit
- Blackhat USA 2006 - Review , remarks and proposal agenda
- From: newslist@xxxxxxxxxxxxxxxxxxxxxx
- [SECURITY] [DSA 1088-1] New centericq packages fix arbitrary code execution
- Critical SQL Injection in CoolForum
- [ECHO_ADV_32$2006] SCart 2.0 Remote Code Execution
- [SECURITY] [DSA 1087-1] New PostgreSQL packages fix encoding vulnerabilities
- Pixelpost <= 1-5rc1-2 multiple vulnerabilities
- Re: New Snort Bypass - Patch - Bypass of Patch
- Re: Re: # MHG Security Team --- PHP NUKE All version Remote File Inc.
- rPSA-2006-0091-1 firefox thunderbird
- [DRUPAL-SA-2006-006] Drupal 4.6.7 / 4.7.1 fixes arbitrary file execution issue
- [DRUPAL-SA-2006-008] Drupal 4.6.8 / 4.7.2 fixes XSS issue
- [DRUPAL-SA-2006-007] Drupal 4.6.8 / 4.7.2 fixes arbitrary file execution issue
- [DRUPAL-SA-2006-005] Drupal 4.6.7 / 4.7.1 fixes SQL injection issue
- # MHG Security Team --- MyBloggie 2.1.1 version Remote File Include Vulnerabilit
- Pro Publish SQL Injection and XSS Vulnerabilities
- new bug
- [SECURITY] [DSA 1086-1] New xmcd packages fix denial of service
- MyTrueHood.com - XSS
- aspWebLinks 2.0 Remote SQL Injection / Admin Pass Change Exploit
- New Snort Bypass - Patch - Bypass of Patch
- Redaxo CMS <= 3.2 Remote File Include
- Re: Squirrelmail local file inclusion
- newsfactory Cross Site Scripting & SQL injection
- Re: Jiwa Financials - Reporting allows execution of arbitrary reports as SQL user with full permissions.
- Bytehoard 2.1 Remote File Include
- PHP ManualMaker v1.0
- Weblog Oggi v1.0
- VMSA-2006-0002 - VMware Server sensitive information lifetime issue
- From: VMware Security Team
- Re: Re: # MHG Security Team --- PHP NUKE All version Remote File Inc.
- Re: my Web Server << v-1.0 Denial of Service Exploit
- SMF 1.0.7 and lower plus 1.1rc2 and lower - IP spoofing vulnerability/IP ban evasion vulnerability
- Re: [SECURITY] [DSA 1085-1] New lynx-cur packages fix several vulnerabilities
- northstudio Cross Site Scripting Vulnerability
- Re: PHPSimple Choose v0.3
- RE: Internet explorer Vulnerbility
- Joomla/Mambo CMS Component SimpleBoard 1.1 XSS-Vulnerabilities
- Forensic memory dumping intricacies - PhysicalMemory, DD, and caching issues
- CA Forum Remote SQL Injection
- [ MDKSA-2006:094 ] - Updated evolution packages fix DoS (crash) vulnerability on certain messages.
- Re: # MHG Security Team --- PHP NUKE All version Remote File Inc.
- Corsaire Security Advisory - VMware ESX Server Cross Site Scripting issue
- Re: Internet explorer Vulnerbility
- [SECURITY] [DSA 1085-1] New lynx-cur packages fix several vulnerabilities
- SyScan'06 - The Hackers' Conference in Asia
- Squirrelmail local file inclusion
- Snort HTTP Inspect Pre-Processor Uricontent Bypass
- From: Christian Swartzbaugh
- TAL RateMyPic v1.0
- ishopcart cgi 0day and multiple vulnerabilities
- multiple file inclusion exploits in ovidentia v5.8.0
- FreeBSD Security Advisory FreeBSD-SA-06:15.ypserv
- From: FreeBSD Security Advisories
- FreeBSD Security Advisory FreeBSD-SA-06:16.smbfs
- From: FreeBSD Security Advisories
- multiple file inclusion exploits in ovidentia v5.8.0
- rPSA-2006-0087-1 kernel
- SUSE Security Announcement: rug (SUSE-SA:2006:029)
- Internet explorer Vulnerbility
- [security bulletin] HPSBUX02122 SSRT061158 rev.1 - HP-UX Mozilla Remote Execution of Arbitrary Code, Denial of Service (DoS)
- [SECURITY] [DSA 1084-1] New typespeed packages fix arbitrary code execution
- Re: Fire fox dos exploit
- Re: New SecurityFocus mailing list: Focus-Apple
- New SecurityFocus mailing list: Focus-Apple
- Secunia Research: ZipCentral ZIP File Handling Buffer Overflow Vulnerability
- Secunia Research: Eserv/3 IMAP and HTTP Server Multiple Vulnerabilities
- file include exploit in Support Cards v1
- toendaCMS 0.7.0 Cross Site Scripting
- Re: Fire fox dos exploit
- From: Josh Zlatin-Amishav
- [SECURITY] [DSA 1083-1] New motor packages fix arbitrary code execution
- QontentOneCMS v1.0
- Re: [Info Disclosure] Diesel PHP Job Site Latest Version
- From: GulfTech Security Research
- # MHG Security Team --- PHP NUKE All version Remote File Inc.
- pppBlog <= 0.3.8 administrative credentials/system disclosure
- Re: Re[2]: The Weakness of Windows Impersonation Model
- Xss exploit in Chipmunk directory
- Re: V-Webmail 1.6.4 Remote File Include
- Re: [Info Disclosure] Diesel PHP Job Site Latest Version
- Open Searchable Image Catalogue: XSS and SQL Injection Vulnerabilities
- WebCalendar-1.0.3 reading of any files
- [ GLSA 200605-17 ] libTIFF: Multiple vulnerabilities
- [ MDKSA-2006:093 ] - Updated dia packages fix string format vulnerabilities.
- [ GLSA 200605-16 ] CherryPy: Directory traversal vulnerability
- Fire fox dos exploit
- Backdoor in RelevantKnowledge adware (What are we fighting for?)
- OaBoard 1.0 Remote File inclusion
- Re: On the Recent PGP and Truecrypt Posting
- WBB<--v2.3.4"misc.php" SQL injection Vulnerability
- NorthStudio Cross Site Scripting Vulnerability
- Bratpack Cross Site Scripting Vulnerability
- phpMyDesktop|arcade 1.0 FINAL Code Execution
- Re: On the Recent PGP and Truecrypt Posting
- 4nNukeWare<--V 0.91 SQL Injection exploits
- Jiwa Financials - Reporting allows execution of arbitrary reports as SQL user with full permissions.
- Re: LM hashes in a hot-desking environment
- [KAPDA::#46] - Nukedit Unauthorized Admin Add
- multiple Xss exploits in : vCard 2.9
- RE: Multiple Xss exploits in coolphp magazine
- Multiple Xss exploits in Chipmunk Board
- [SECURITY] [DSA 1082-1] New Linux kernel 2.4.17 packages fix several vulnerabilities
- WikiNi Persistent Cross Site Scripting Vulnerability
- New SMB and DCERPC features on Impacket released with doc
- Foing Remote File Include Vulnerability [PHPBB]
- Re: Proof of concept that PGP AUTHENTICATION CAN BE BYPASSED WITHOUT PATCHING
- RE: Advisory: Eggblog <= 3.x Multiple Remote Vulnerabilities
- RE: Advisory: Blend Portal <= 1.2.0 for phpBB 2.x(blend_data/blend_common.php) File Inclusion Vulnerability
- UBBThreads 5.x,6.x md5 hash disclosure
- [KAPDA::#45] - geeklog multiple vulnerabilities
- Xss exploit in Photoalbum B&W v1.3
- VARIOMAT(advanced cms tool)SQL injection/XSS
- Advisory: Blend Portal <= 1.2.0 for phpBB 2.x (blend_data/blend_common.php) File Inclusion Vulnerability
- From: Mustafa Can Bjorn IPEKCI
- Advisory: UBBThreads 5.x,6.x Multiple File Inclusion Vulnerabilities.
- From: Mustafa Can Bjorn IPEKCI
- Advisory: ASPSitem <= 2.0 Multiple Vulnerabilities.
- From: Mustafa Can Bjorn IPEKCI
- Advisory: phpBB 2.x (Activity MOD Plus) File Inclusion Vulnerability.
- From: Mustafa Can Bjorn IPEKCI
- Advisory: phpBB 2.x (admin/admin_hacks_list.php) Local Inclusion Vulnerability.
- From: Mustafa Can Bjorn IPEKCI
- Advisory: Eggblog <= 3.x Multiple Remote Vulnerabilities
- From: Mustafa Can Bjorn IPEKCI
- Advisory: F@cile Interactive Web <= 0.8x Multiple Remote Vulnerabilities.
- From: Mustafa Can Bjorn IPEKCI
- Advisory: Enigma Haber <= 4.3 Multiple Remote SQL Injection Vulnerabilities
- From: Mustafa Can Bjorn IPEKCI
- Advisory: tinyBB <= 0.3 Multiple Remote Vulnerabilities.
- From: Mustafa Can Bjorn IPEKCI
- Advisory: ASPBB <= 0.52 (perform_search.asp) XSS vulnerability
- From: Mustafa Can Bjorn IPEKCI
- Advisory: MiniNuke v2.x Multiple Remote Vulnerabilities
- From: Mustafa Can Bjorn IPEKCI
- JAMES 2.2.0 <-- Denial Of Service
- multiple file include exploits in EzUpload Pro v2.10
- Re: On the Recent PGP and Truecrypt Posting
- Buffer overflow in QuickTime 7.0.4?
- [USN-288-1] PostgreSQL server/client vulnerabilities
- [USN-287-1] Nagios vulnerability
- [SECURITY] [DSA 1081-1] New libextractor packages fix arbitrary code execution
- [SECURITY] [DSA 1080-1] New dovecot packages fix directory traversal
- [SECURITY] [DSA 1079-1] New MySQL 4.0 packages fix several vulnerabilities
- html Guest Gear
- Re: Re: A Nasty Security Bug that affect PGP Virtual Disks & PGP SDA , PGP 8.x & 9.x and Truecrypt.
- RE: [security] A Nasty Security Bug that affect PGP Virtual Disks & PGP SDA , PGP 8.x & 9.x and Truecrypt.
- RE: A Nasty Security Bug that affect PGP Virtual Disks & PGP SDA , PGP 8.x & 9.x and Truecrypt.
- Proof of concept that PGP AUTHENTICATION CAN BE BYPASSED WITHOUT PATCHING
- Re: On the Recent PGP and Truecrypt Posting
- D-Link DSA-3100 Cross-Site Scripting
- [SECURITY] [DSA 1078-1] New tiff packages fix denial of service
- Speedy ASP Forum(profileupdate.asp) User Pass Change Exploit
- RE: LM hashes in a hot-desking environment
- sql injection in PHPcafe.net Tutorial Manager
- Multiple Xss exploits in ar-blog v 5.2
- Xss exploit in Chipmunk guestbook
- Re: LM hashes in a hot-desking environment
- From: Ansgar -59cobalt- Wiechers
- Re: LM hashes in a hot-desking environment
- Critical sql injection in saphplesson 2.0
- InternerExplorer error: ECMAScript interpreter stack overflow
- Symantec antivirus software exposes computers
- rPSA-2006-0083-1 enscript
- Wavecon Advisory: Open-Xchange <= 0.8.2 defaultuser with /bin/bash and default password
- rPSA-2006-0084-1 fetchmail
- cURL Safe Mode Bypass PHP 4.4.2 and 5.1.4
- Re[2]: [Full-disclosure] ASLR now built into Vista
- Re: my Web Server << v-1.0 Denial of Service Exploit
- Re: Sun single-CPU DOS
- LM hashes in a hot-desking environment
- [ MDKSA-2006:092 ] - Updated mpg123 packages fix DoS vulnerability.
- Re: RE: A Nasty Security Bug that affect PGP Virtual Disks & PGP SDA , PGP 8.x & 9.x and Truecrypt.
- Re: A Nasty Security Bug that affect PGP Virtual Disks & PGP SDA , PGP 8.x & 9.x and Truecrypt.
- Re: Wordpress <=2.0.2 'cache' shell injection
- Morris Guestbook v1
- Smile Guestbook v1
- Pretty Guestbook v1
- MyYearBook.com - XSS
- Re: Microsoft Internet Explorer - Crash on mouse button click
- Re: Microsoft Internet Explorer - Crash on mouse button click
- Vacation Retal Script v1.0
- Super Link Exchange Script v1.0
- PHPSimple Choose v0.3
- iBoutique.MALL - Directory Traversal
- XSS Vulnerability on Vodafone
- rPSA-2006-0080-1 postgresql postgresql-server
- Re: Kaspersky antivirus 6: HTTP monitor bypassing
- Re: Microsoft Internet Explorer - Crash on mouse button click
- On the Recent PGP and Truecrypt Posting
- [OpenPKG-SA-2006.009] OpenPKG Security Advisory (binutils)
- XSS Vulnerability on www.my6d.com Connection Work System
- Re: Microsoft Internet Explorer - Crash on mouse button click
- Re: Sun single-CPU DOS
- Seditio Cross Site Scripting Vulnerability
- Re: PhpListPro 2.01 Remote File Include Vulnerability
- Re: Kaspersky antivirus 6: HTTP monitor bypassing
- Easy-Content Forums 1.0 Multiple [SQL/XSS] Vulnerabilities
- Assetman <= 2.4a XSS
- ByteHoard <= 2.1 multiple vulnerabilities
- PHP AGTC-Membership system <= v1.1a XSS
- PHPResidence <= 0.6 XSS
- Plume CMS Remote File Include
- Re: [BuHa-Security] DoS Vulnerability in MS IE 6 SP2
- From: ad@xxxxxxxxxxxxxxxx
- RE: Realty Pro One Property Listing Script
- Multiple XSS Vulnerabilities in Tikiwiki 1.9.x
- my Web Server << v-1.0 Denial of Service Exploit
- Tamber Forum <= 1.9.13 Multiple SQL Injection Vulnerabilities
- [MajorSecurity #6]Socketmail <= 2.2.6 - Remote File Include Vulnerability
- qjForum(member.asp) SQL Injection Vulnerability
- phpjobboard Authecnical admin byPass
- Toasts Forums 1.6.44 in Xss
- Easy-Content Forums 1.0 Multiple SQL/XSS Vulnerabilities
- XSS in Monster Top List | MTL 1.4
- Re: A Nasty Security Bug that affect PGP Virtual Disks & PGP SDA , PGP 8.x & 9.x and Truecrypt.
- Docebo LMS 2.05 Remote File Include
- XSS in Omegasoft's Insel
- Re: Sun single-CPU DOS
- Re: Sun single-CPU DOS
- Re: Kaspersky antivirus 6: POP3 state machine error
- [SECURITY] [DSA 1075-1] New awstats packages fix arbitrary command execution
- Re: [Full-disclosure] ASLR now built into Vista
- ASLR now built into Vista
- [BuHa-Security] MS06-013: HTML Tag Memory Corruption Vulnerability in MS IE 6 SP2
- [BuHa-Security] DoS Vulnerability in MS IE 6 SP2
- V-Webmail 1.6.4 Remote File Include
- Re: Destiney Rated Images Script v0.5.0 - XSS Vulnv
- [SECURITY] [DSA 1077-1] New lynx-ssl packages fix denial of service
- [SECURITY] [DSA 1076-1] New lynx packages fix denial of service
- TSLSA-2006-0030 - multi
- From: Trustix Security Advisor
- RE: A Nasty Security Bug that affect PGP Virtual Disks & PGP SDA , PGP 8.x & 9.x and Truecrypt.
- From: ennead@xxxxxxxxxxxxx
- Addendum
- From: ennead@xxxxxxxxxxxxx
- Wordpress <=2.0.2 'cache' shell injection
- PostgreSQL security releases 8.1.4, 8.0.8, 7.4.13, 7.3.15
- From: PostgreSQL Security
- Hackernetwork Mail Xss[Search] Vulnerability
- iFlance v1.1
- rPSA-2006-0082-1 vixie-cron
- RE: modules name(Sections)SQL Injection Exploit
- Drupal <= 4.7 attachment/mod_mime remote code execution
- Pre News Manager v1.0
- [KAPDA::#44] - NewsCMSLite Login ByPass by Cookie
- Pre Shopping Mall v1.0
- CMS Mundo V1.0
- Re: Circumventing quarantine control in Windows 2003 and ISA 2004
- GuestbookXL 1.3
- [USN-286-1] Dia vulnerabilities
- Bulletin Board Elite-Board v.1.1
- Realty Pro One Property Listing Script
- iFdate v1.2
- sql injection in phpWebSite 0.8.3
- A Nasty Security Bug that affect PGP Virtual Disks & PGP SDA , PGP 8.x & 9.x and Truecrypt.
- ChatPat v1.0
- Re: IpLogger <= 1.7 XSS
- RE: Microsoft Internet Explorer - Crash on mouse button click
- AZ Photo Album Script Pro
- Re: Re: [SECURITYREASON.COM] PhpNuke 7.6=>x Multiple vulnerabilities cXIb8O3.12
- phpFoX All Version Login Exploit
- Kaspersky antivirus 6: POP3 state machine error
- Re: mybb v1.1.1(rss.php) SQL Injection Exploit
- [CLOSED] SOE's implementation of Lithium Forums Software allows users to log on as each other.
- Re: Default Screen Saver Vulnerability in Microsoft Windows
- VSR Advisory: PDF Tools AG - PDF Form Filling and Flattening Tool Buffer Overflow
- [ MDKSA-2006:091 ] - Updated php packages fix vulnerabilities
- [ MDKSA-2006:090 ] - Updated shadow-utils packages fix mailbox creation vulnerability
- Re: Default Screen Saver Vulnerability in Microsoft Windows
- From: Ansgar -59cobalt- Wiechers
- Re: Default Screen Saver Vulnerability in Microsoft Windows
- [ MDKSA-2006:089 ] - Updated kphone packages fixes permissions issue with .qt/kphonerc
- [ MDKSA-2006:088 ] - Updated hostapd package to address DoS vulnerability
- [ MDKSA-2006:087 ] - Updated kernel packages fixes netfilter SNMP NAT memory corruption
- Cisco Security Advisory: Windows VPN Client Local Privilege Escalation Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- [SECURITY] [DSA 1074-1] New mpg123 packages fix arbitrary code execution
- OpenCms version 6.0.x Xml Content Demo search engine Cross site scripting
- Write-up by Amit Klein: "IE + some popular forward proxy servers = XSS, defacement (browser cache poisoning)"
- From: Amit Klein (AKsecurity)
- Diesel Joke Site SQL INJECTION
- Re: How secure is software X?
- NETGEAR WGR614 v6 Wireless DSL router information disclosure vulnerability
- Vodafone.de XSS Vulnerability
- Default Screen Saver Vulnerability in Microsoft Windows
- YLZH(right.php)Cross Site Scripting
- Mambo <= 4.6. RC1 xss
- Re: Circumventing quarantine control in Windows 2003 and ISA 2004
- Publicist v0.95 - XSS And Full Path Errors
- Re: Checkpoint SYN DoS Vulnerability
- AlstraSoft Web Host Directory v1.2
- Re: Destiney Rated Images Script v0.5.0 - XSS Vulnv
- Re: Sun single-CPU DOS
- Buffer-overflow in the WebTool service of PunkBuster for servers (minor than v1.229)
- Server termination in netPanzer 0.8 (rev 952)
- Re: Circumventing quarantine control in Windows 2003 and ISA 2004
- Re: Microsoft Internet Explorer - Crash on mouse button click
- [security bulletin] HPSBMA02098 SSRT5911 rev.1 - HP OpenView Network Node Manager (OV NNM) Remote Unauthorized Privileged Access, Arbitrary Command Execution, Arbitrary File Creation
- [security bulletin] HPSBMA02121 SSRT061157 rev.1 - HP OpenView Storage Data Protector Remote Arbitrary Command Execution
- [USN-285-1] awstats vulnerability
- DGbook v1.0 - XSS
- Re: How secure is software X?
- RE: Circumventing quarantine control in Windows 2003 and ISA 2004
- Re: Sun single-CPU DOS
- [security bulletin] HPSBUX02075 SSRT051074 rev.5 - HP-UX Running xterm Local Unauthorized Access
- Alstrasoft Article Manager Pro v1.6
- AlstraSoft E-Friends - XSS
- phpMyDirectory <= 10.4.4 Multiple Remote File Include(new!)
- [security bulletin] HPSBUX02114 SSRT061115 rev.1 - HP-UX Running Software Distributor Local Elevation of Privilege
- Nucleus CMS <= 3.22 arbitrary remote inclusion
- Non eXecutable Stack Lovin on OSX86
- [OpenPKG-SA-2006.008] OpenPKG Security Advisory (openldap)
- Kaspersky antivirus 6: HTTP monitor bypassing
- SkyeShoutbox <= v.1.2.0 XSS
- Russcom Ping Remote code execution
- Russcom PHPImages lack of validation
- QBv14 XSS
- IpLogger <= 1.7 XSS
- DSChat <= 1.0 XSS
- Re: Circumventing quarantine control in Windows 2003 and ISA 2004
- Chatty improper input sanitizing
- Circumventing quarantine control in Windows 2003 and ISA 2004
- Hackernetwork.Com Mail XSS Vulnerability
- Microsoft Internet Explorer - Crash on mouse button click
- Re: 90% of programs made in PHP5 and prior Full Path Disclosure vuln.
- Re: POC exploit for freeFTPd 1.0.10
- Re: POC exploit for freeFTPd 1.0.10
- Remote Code Execution in artmedic Newsletter 4.1 [log.php]
- TSLSA-2006-0028 - multi
- From: Trustix Security Advisor
- phpRaid "view.php" XSS Vulnerability
- Re: Sun single-CPU DOS
- Beoped Portal XSS
- SOE's implementation of Lithium Forums Software allows users to log on as each other.
- Re: Checkpoint SYN DoS Vulnerability
- ACROS Security: Buffer Overflow In EMC (previously Dantz) Retroclient Service
- Re: 90% of programs made in PHP5 and prior Full Path Disclosure vuln.
- CANews Multiple Vulnerabilities
- Re: Unfiltered Header Injection in Apache 1.3.34/2.0.57/2.2.1
- From: Amit Klein (AKsecurity)
- [SECURITY] [DSA 1072-1] New Nagios packages fix arbitrary code execution
- mybb v1.1.1(rss.php) SQL Injection Exploit
- Re: Novell Client login form enables reading and writing from and to the clipboard of the logged-in user
- Re: Checkpoint SYN DoS Vulnerability
- [SECURITY] [DSA 1073-1] New MySQL 4.1 packages fix several vulnerabilities
- ZDI-06-016: Novell eDirectory 8.8 NDS Server Buffer Overflow Vulnerability
- [security bulletin] HPSBUX02120 SSRT051057 rev.1 - HP-UX Local Denial of Service (DoS)
- [security bulletin] HPSBUX02119 SSRT4848 rev.1 - HP-UX Running Motif Applications Remote Arbitrary Code Execution, Denial of Service (DoS)
- Re: WebsiteBaker CMS lack of sanitizing
- BitZipper Archive Extraction Directory traversal
- Prodder Remote Arbitrary Command Execution
- Perlpodder Remote Arbitrary Command Execution
- [SECURITY] [DSA 1071-1] New MySQL 3.23 packages fix several vulnerabilities
- Re: tseekdir.cgi<--Local File Include
- From: security curmudgeon
- Re: modules name(Sections)SQL Injection Exploit
- From: security curmudgeon
- Skype - URI Handler Command Switch Parsing
- [KAPDA::#43] - phpwcms multiple vulnerabilities
- Generic Browser Crash with Java 1.4.2_11, Java 1.5.0_06
- Novell Client login form enables reading and writing from and to the clipboard of the logged-in user
- From: EitanCaspi@xxxxxxxxx
- [SECURITY] [DSA 1069-1] New Linux kernel 2.4.18 packages fix several vulnerabilities
- [ GLSA 200605-15 ] Quagga Routing Suite: Multiple vulnerabilities
- [ GLSA 200605-14 ] libextractor: Two heap-based buffer overflows
- [TZO-072006]-Xampp - Multiple Priviledge Escalation (SYSTEM) and Rogue Autostart
- XOOPS <= 2.0.13.2 'xoopsOption[nocommon]' exploit
- Firefox 1.5.0.3 Flaw - Page can obtain path to Mozilla installation or profile by examining JavaScript exceptions
- PHP Easy Galerie Index.PHP Remote File Include Vulnerability
- Captivate 1.0 - XSS Vuln
- [SECURITY] [DSA 1070-1] New Linux kernel 2.4.19 packages fix several vulnerabilities
- Destiney Links Script v2.1.2
- Destiney Rated Images Script v0.5.0 - XSS Vulnv
- PunBB 1.2.11 Cross site scripting
- [SECURITY] [DSA 1069-1] New Linux kernel 2.4.18 packages fix several vulnerabilities
- Hiox Guestbook 3.1
- Re: Zix Forum <= 1.12 (layid) SQL Injection Vulnerability
- [SECURITY] [DSA 1068-1] New fbi packages fix denial of service
- Re: XSS in orkut.com
- From: Google Security Team
- Zix Forum <= 1.12 (layid) SQL Injection Vulnerability
- cPanel OpenBaseDir Bypass
- Re: PHPBB 2.0.20 persistent issues with avatars
- [SECURITY] [DSA 1064-1] New cscope packages fix arbitrary code execution
- Re: NSA Group Security Advisory NSAG-196-23.02.2006 Vulnerability FCKeditor 2.2
- [SECURITY] [DSA 1067-1] New Linux kernel 2.4.16 packages fix several vulnerabilities
- Xtremescripts Topsites v1.1
- Interlink "news_information.php" XSS
- RaceEventManagement <--v0.7.6 SQL injection & XSS
- ActualAnalyzer Server <=8.23 - Remote File Include Vulnerability
- [SECURITY] [DSA 1065-1] New hostapd packages fix denial of service
- Re: NSA Group Security Advisory NSAG-195-23.02.2006 Vulnerability FCKeditor 2.0 FC
[Index of Archives]
[Linux Security]
[Netfilter]
[PHP]
[Yosemite News]
[Linux Kernel]
