Re: Pragyan CMS 2.6.4 Multiple SQL Injection Vulnerabilities

This reported vulnerability is fixed in Pragyan CMS v3.0

cgTestimonial 2.2 Joomla Component Multiple Remote Vulnerabilities

cgTestimonial 2.2 Joomla Component Multiple Remote Vulnerabilities Name cgTestimonial Vendorhttp://www.cmsgalaxy.com Versions Affected 2.2 AuthorSalvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact

[SECURITY] [DSA 2090-1] New socat packages fix arbitrary code execution

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - Debian Security Advisory DSA-2090-1 secur...@debian.org http://www.debian.org/security/Luciano Bello August 06, 2010

QQ Computer Manager TSKsp.sys Driver Local Denial of Service Vulnerability

QQ Computer Manager TSKsp.sys Driver Local Denial of Service Vulnerability By Lufeng Li of Neusoft Corporation Vulnerable: QQpcmgr=v4.0Beta1 Vendor: Tencent Inc 1) Software Description: QQ doctors more than three years after the development and operation, and finally ushered in the fourth

XSS vulnerability in allinta CMS

Vulnerability ID: HTB22528 Reference: http://www.htbridge.ch/advisory/xss_vulnerability_in_allinta_cms.html Product: Allinta CMS Vendor: Allinta ( http://www.allinta.com/ ) Vulnerable Version: Current at 22.07.2010 and Probably Prior Versions Vendor Notification: 26 July 2010 Vulnerability Type:

XSS vulnerability in Eden Platform

Vulnerability ID: HTB22538 Reference: http://www.htbridge.ch/advisory/xss_vulnerability_in_eden_platform.html Product: Eden Platform Vendor: Preation ( http://www.preation.com/ ) Vulnerable Version: Current at 27.07.2010 and Probably Prior Versions Vendor Notification: 26 July 2010

SQL injection vulnerability in allinta CMS

Vulnerability ID: HTB22530 Reference: http://www.htbridge.ch/advisory/sql_injection_vulnerability_in_allinta_cms.html Product: Allinta CMS Vendor: Allinta ( http://www.allinta.com/ ) Vulnerable Version: Current at 22.07.2010 and Probably Prior Versions Vendor Notification: 26 July 2010

XSS vulnerability in allinta CMS

Vulnerability ID: HTB22531 Reference: http://www.htbridge.ch/advisory/xss_vulnerability_in_allinta_cms_2.html Product: Allinta CMS Vendor: Allinta Vulnerable Version: Current at 22.07.2010 and Probably Prior Versions Vendor Notification: 26 July 2010 Vulnerability Type: XSS (Cross Site

SQL injection vulnerability in allinta CMS

Vulnerability ID: HTB22532 Reference: http://www.htbridge.ch/advisory/sql_injection_vulnerability_in_allinta_cms_1.html Product: Allinta CMS Vendor: Allinta ( http://www.allinta.com/ ) Vulnerable Version: Current at 22.07.2010 and Probably Prior Versions Vendor Notification: 26 July 2010

XSS vulnerability in Eden Platform

Vulnerability ID: HTB22539 Reference: http://www.htbridge.ch/advisory/xss_vulnerability_in_eden_platform_1.html Product: Eden Platform Vendor: Preation ( http://www.preation.com/ ) Vulnerable Version: Current at 27.07.2010 and Probably Prior Versions Vendor Notification: 26 July 2010

XSS vulnerability in allinta CMS

Vulnerability ID: HTB22529 Reference: http://www.htbridge.ch/advisory/xss_vulnerability_in_allinta_cms_1.html Product: Allinta CMS Vendor: Allinta ( http://www.allinta.com/ ) Vulnerable Version: Current at 22.07.2010 and Probably Prior Versions Vendor Notification: 26 July 2010 Vulnerability

ZDI-10-143: Novell Sentinel Log Manager Multiple Servlet Remote Code Execution Vulnerabilities

ZDI-10-143: Novell Sentinel Log Manager Multiple Servlet Remote Code Execution Vulnerabilities http://www.zerodayinitiative.com/advisories/ZDI-10-143 August 9, 2010 -- CVSS: 10, (AV:N/AC:L/Au:N/C:C/I:C/A:C) -- Affected Vendors: Novell -- Affected Products: Novell Security Manager --

Nagios XI 2009R1.2B Multiple CSRF

Advisory Information Advisory ID: NGENUITY-2010-006 Date published: Aug. 7, 2010 Class: Cross-Site Request Forgery (CSRF) Software Description Nagios XI is the commercial / enterprise version of the open source Nagios project. Vulnerability Description Nagios XI 2009R1.2B

ZDI-10-144: Apple Webkit Rendering Counter Remote Code Execution Vulnerability

ZDI-10-144: Apple Webkit Rendering Counter Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-144 August 9, 2010 -- CVE ID: CVE-2010-1784 -- CVSS: 10, (AV:N/AC:L/Au:N/C:C/I:C/A:C) -- Affected Vendors: Apple -- Affected Products: Apple WebKit --

ZDI-10-145: Novell ZENWorks Remote Management Agent Weak Authentication Remote Code Execution Vulnerability

ZDI-10-145: Novell ZENWorks Remote Management Agent Weak Authentication Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-145 August 9, 2010 -- CVSS: 9, (AV:N/AC:L/Au:S/C:C/I:C/A:C) -- Affected Vendors: Novell -- Affected Products: Novell Zenworks --

ZDI-10-146: Apple Webkit Anchor Tag Mouse Click Event Dispatch Remote Code Execution Vulnerability

ZDI-10-146: Apple Webkit Anchor Tag Mouse Click Event Dispatch Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-146 August 9, 2010 -- CVE ID: CVE-2010-0048 -- CVSS: 10, (AV:N/AC:L/Au:N/C:C/I:C/A:C) -- Affected Vendors: Apple -- Affected Products: Apple