Section: .. / 0608-advisories /
| /// File Name: |
xoopsSQL.txt |
Description:
|
Xoops version 2.0.14 suffers from a SQL injection flaw.
| | Author: | Omid | | Homepage: | http://www.hackers.ir | | File Size: | 932 | | Last Modified: | Aug 28 01:14:00 2006 |
| MD5 Checksum: | 63f0b661c10e70db8989d68ac68f5f8e |
|
| /// File Name: |
rubyonrails.txt |
Description:
|
Scott Barron and Tobias Luetke, of the Ruby on Rails Core Team, discovered a fault with the dependency resolution mechanism which can, when exploited by a remote attacker, leave a system vulnerable to denial of service attacks, or even data loss. Affected are versions 1.1.0 through 1.1.5.
| | File Size: | 886 | | Last Modified: | Aug 26 21:50:19 2006 |
| MD5 Checksum: | ddc3b411312b8ae0569f4994f458e025 |
|
| /// File Name: |
coolmessenger.txt |
Description:
|
A vulnerability has been found in Cool Messenger Office/School Server. When exploited, the vulnerability allows any people to logon to the messenger server as any user without requiring knowledge of any passwords.
| | Author: | Tan Chew Keong | | Homepage: | http://vuln.sg/ | | File Size: | 885 | | Last Modified: | Aug 27 19:53:02 2006 |
| MD5 Checksum: | 961d09ddd420d199f8f40fb35acbe6fa |
|
| /// File Name: |
PI-2006-001.txt |
Description:
|
PinoyInfosec Advisory - Web500 does not have proper input validation in the fronteditor script which allows an attacker to execute arbitrary SQL commands. This allows an attacker to manipulate data on the CMS by passing specially crafted SQL statements through the Dbcountry variable. Version 2.80 is affected.
| | Author: | Daniel Tumalad | | Homepage: | http://www.pinoyinfosec.org/ | | File Size: | 848 | | Last Modified: | Aug 28 01:25:45 2006 |
| MD5 Checksum: | 77bcb5e5ff9f30497c2bdb0de283a0e5 |
|
| /// File Name: |
cybozuSQL.txt |
Description:
|
Some SQL injection vulnerabilities have been found in Cybozu Garoon 2 version 2.1.0 for Windows. When exploited by a logged on user, the vulnerabilities allow for manipulation of SQL statements which can lead to disclosure of information from the database, or to cause the backend MySQL database to consume large amount of CPU resources.
| | Author: | Tan Chew Keong | | Homepage: | http://vuln.sg/ | | File Size: | 820 | | Last Modified: | Aug 28 23:07:33 2006 |
| MD5 Checksum: | 347231623e54e0353d915054775d085c |
|
| /// File Name: |
cmsimple.txt |
Description:
|
CMSimple suffers from a cross site scripting flaw.
| | Author: | OUTLAW | | Homepage: | http://www.aria-security.net | | File Size: | 812 | | Last Modified: | Aug 17 04:25:38 2006 |
| MD5 Checksum: | f68339555b91b443ef5cc3f958fa7516 |
|
| /// File Name: |
cybozuFile.txt |
Description:
|
A vulnerability has been found in Cybozu Products. When exploited, the vulnerability allows an authenticated user to retrieve arbitrary files accessible to the web server process. Affected versions include Cybozu Office version 6.5 for Windows and Cybozu Share 360 version 2.5 for Windows.
| | Author: | Tan Chew Keong | | Homepage: | http://vuln.sg/ | | File Size: | 784 | | Last Modified: | Aug 28 23:06:16 2006 |
| MD5 Checksum: | e7e15384cfafa97eadf981ea2f98b541 |
|
| /// File Name: |
ftd373.txt |
Description:
|
FTD versions 3.7.3 and below suffer from a cross site scripting flaw.
| | Author: | O.G. | | File Size: | 739 | | Last Modified: | Aug 18 00:17:36 2006 |
| MD5 Checksum: | a0cfd84550afec8f00b153d968e36ac8 |
|
| /// File Name: |
simplog093.txt |
Description:
|
Simplog versions less than or equal to 0.9.3 suffer from a cross site scripting flaw.
| | Homepage: | http://www.darkend.org/ | | File Size: | 719 | | Last Modified: | Aug 18 01:02:13 2006 |
| MD5 Checksum: | e9d4b89609cb22886508b0d202d842a1 |
|
| /// File Name: |
powerzip.txt |
Description:
|
A vulnerability has been found in PowerZip version 7.06 build 3895. When exploited, the vulnerability allows execution of arbitrary code when the user opens a malicious ZIP archive.
| | Author: | Tan Chew Keong | | Homepage: | http://vuln.sg/ | | File Size: | 678 | | Last Modified: | Aug 27 19:52:14 2006 |
| MD5 Checksum: | df193db989e4e4b88a47b041f66d908a |
|
| /// File Name: |
blur6ex03.txt |
Description:
|
blur6ex version 0.3 suffers from a HTML injection flaw.
| | Homepage: | http://www.darkend.org | | File Size: | 673 | | Last Modified: | Aug 18 00:48:10 2006 |
| MD5 Checksum: | e3117af1dd6a66903c6c92f9a52daf2e |
|
| /// File Name: |
arch.txt |
Description:
|
Archangel Weblog versions 0.90.02 and below suffer from html injection flaws.
| | Homepage: | http://www.darkend.org/ | | File Size: | 647 | | Last Modified: | Aug 18 02:00:39 2006 |
| MD5 Checksum: | 99b34f70fdb588a210de89755410c25c |
|
| /// File Name: |
bloghoster.txt |
Description:
|
BlogHoster version 2.2 suffers from a HTML injection flaw.
| | Homepage: | http://www.darkend.org/ | | File Size: | 585 | | Last Modified: | Aug 18 02:32:31 2006 |
| MD5 Checksum: | 8f71c06ff3dd166c415b5e6023e2106e |
|
| /// File Name: |
dotclear_1.2.5.txt |
Description:
|
DotClear version 1.2.5 is susceptible to cross site scripting attacks.
| | Author: | Stoun | | File Size: | 516 | | Last Modified: | Aug 27 17:22:00 2006 |
| MD5 Checksum: | 2d70ab168e19fe718e41604483950f39 |
|
| /// File Name: |
lhaplus.txt |
Description:
|
LHAPlus version 1.52 suffers from a buffer overflow vulnerability.
| | Author: | Tan Chew Keong | | Homepage: | http://vuln.sg/ | | File Size: | 445 | | Last Modified: | Aug 17 01:59:47 2006 |
| MD5 Checksum: | 64e6d0425838752317b7403f8fbe99a4 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
