-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
-
Debian Security Advisory DSA-168201 [EMAIL PROTECTED]
http://www.debian.org/security/ Thijs Kinkhorst
December 07, 2008
Affects PrestaShop 1.1.0.3
product: homepage: http://prestashop.com
This is XSS in the URI of PrestaShop. Trust no one, not even your
$_SERVER[PHP_SELF] .
http://10.1.1.155/prestashop_1.1.0.3/admin/login.php/%22%3Cscript%3Ealert(1)%3C/script%3E
Add an item to the shoping cart and then vist
Vulnerable Version:PHPepperShop v 1.4
Homepage:http://www.phpeppershop.com
This is 4 reflective XSS flaws in the URI. Trust no one not even your
$_SERVER[PHP_SELF]
http://10.1.1.10/shop/kontakt.php/'scriptalert(1)/script
http://10.1.1.10/index.php/%22%3Cscript%3Ealert(1)%3C/script%3E
--
vulnerability discovered by DATA_SNIPER.
bug discovred in 25/11/2008.
infected version:All Version
greetz go to:www.at4re.com(Arab Team 4 Reverse Engineering),arab4services.net
Critical: Highly critical
Impact:Command
Maksymilian, good day.
Sat, Dec 06, 2008 at 12:40:48PM -0700, [EMAIL PROTECTED] wrote:
[ SecurityReason.com : PHP 5.2.6 SAPI php_getuid() overload ]
[...]
Using PHP 5.2.6, as a Apache module can bypass many security points.
Am I right that this vulnerability exists only in the Apache 1.x
Digital Security Research Group [DSecRG] Advisory #DSECRG-08-040
Application:XOOPS
Versions Affected: 2.3.1
Vendor URL: http://www.xoops.org/
Bug:Multiple Local File Include
Exploits:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01612418
Version: 1
HPSBMA02391 SSRT071481 rev.1 - HP OpenView Reporter and HP Reporter Running on
Windows, Remote Denial of Service (DoS)
NOTICE: The information in this Security Bulletin
ZDI-08-082: BMC PatrolAgent Version Logging Format String Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-08-082
December 8, 2008
-- Affected Vendors:
BMC Software
-- Affected Products:
BMC Software Patrol
-- TippingPoint(TM) IPS Customer Protection:
TippingPoint IPS customers
# Neostrada Livebox Router Remote Network Down PoC Exploit
# Author: 0in aka zer0in from Dark-Coders Group!
# Contact: 0in.email(at)gmail.com / 0in(at)dark-coders.pl
# Site: http://dark-coders.pl
# Greetings to: All Dark-Coders Members: die,doctor,m4r1usz,sun8hclf ;*
# Friends:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Aruba Networks Security Advisory
Title: DoS Vulnerability in Aruba Mobility Controller Caused by
Malformed EAP Frame.
Aruba Advisory ID: AID-12808
Revision: 1.0
For Public Release on 12/8/2008
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
-
Debian Security Advisory DSA-1683-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Florian Weimer
December 08, 2008
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01621724
Version: 1
HPSBMA02390 SSRT071481 rev.1 - HP OpenView Performance Agent, HP Performance
Agent, Remote Denial of Service (DoS)
NOTICE: The information in this Security Bulletin should
Author: Michael Brooks ()
I usually don't like posting my leet exploits to bugtraq because it is so
unprofessional. You guys usually malform my exploits so they are totally
useless, even to someone trying to write a patch! You also tend to get the
wrong name! Michael Brooks wrote this!
On Sat, Nov 15, 2008 at 11:36:26AM -0500, Micheal Cottingham wrote:
I found and reported this back in 2005/2006. Microsoft told me that it
had been reported previously and that it would be fixed in the next
release, which I'm guessing they meant 2007. I do not know if they
have fixed it in
14 matches
Mail list logo