[USN-468-1] Firefox vulnerabilities

=== Ubuntu Security Notice USN-468-1 June 01, 2007 firefox vulnerabilities CVE-2007-1362, CVE-2007-2867, CVE-2007-2868, CVE-2007-2869, CVE-2007-2870, CVE-2007-2871 === A se

Evenzia CMS XSS

Application: Evenzia CMS Vendors Url: http://www.evenzia.com Bug Type: Cross-Site Script Exploitation: Remote Introduction: Evenzia CMS is a web-based CMS system Google Dork: "Powered By eVenzia CMS" || "Developed By eVenzia" PoC: http://www.test.com/includes/send.inc.php/>'>>alert(d

Outpost Enforcing system reboot with 'outpost_ipc_hdr' mutex Vulnerability

Hello, We would like to inform you about a vulnerability in Outpost Firewall PRO 4.0. Description: Outpost insufficiently protects its own mutex outpost_ipc_hdr. Arbitrary process is able to open and capture this mutex. In such case, Outpost is not able to use this mutex for its synchronizati

RevokeBB Blind SQL Injection / Hash Extractor

#!/usr/bin/php -q -d short_open_tag=on http://www.revokesoft.net by BlackHawk <[EMAIL PROTECTED]> Thanks to rgod for the php code and Marty for the Love - "; if ($argc<5) { echo " Usage: php ".$argv[0

[MajorSecurity Advisory #49]Calimero.CMS - Session fixation Issue

[MajorSecurity Advisory #49]Calimero.CMS - Session fixation Issue Details === Product: Calimero.CMS Affected version: 3.3.1232 and prior Remote-Exploit: yes Vendor-URL: http://www.calimero-cms.de Vendor-Status: informed Advisory-Status: published Credits Discovered by: David Viei

bugtraq submission

There are numerous XSS vulnerabilities in PHPLive v3.2.2 (Maybe others) /phplive/chat.php?sid=alert(123); /phplive/help.php?LANG[DEFAULT_BRANDING]=alert(123); /phplive/help.php?PHPLIVE_VERSION=alert(123); /phplive/admin/header.php?admin[name]=alert(123); /phplive/super/info.php?BASE_URL=alert(123)

[MajorSecurity Advisory #50]chameleon cms - Session fixation Issue

[MajorSecurity Advisory #50]chameleon cms - Session fixation Issue Details === Product: chameleon cms Affected version: 3.0 and prior Remote-Exploit: yes Vendor-URL: http://www.chameleon-cms.com Vendor-Status: informed Advisory-Status: published Credits Discovered by: David Vieir

n.runs-SA-2007.013 - F-Secure Antivirus LZH parsing BufferOverflow Advisory

n.runs AG http://www.nruns.com/ security(at)nruns.com n.runs-SA-2007.013 01-Jun-2007 Vendor:F

Full Path Disclosure in SendCard

Hello Vulnerable : SendCard Version : 3.3.0 Web : http://www.sendcard.org Exploit : http://example.com/sendcard/sendcard.php?sc_language=['Anything'] Discovered By Linux_Drox www.LeZr.Com Best Regards ,,,

Prototype of an PHP application ===> RFI

Prototype of an PHP application ===> RFI *** url: http://sourceforge.net/project/showfiles.php?group_id=196435&package_id=232559&release_id=509638 * author: titanichacker (egy-virus)

static XSS / SQL-Injection in Omegasoft Insel

Input passed to fields in OmegaMw7's tables isn't properly sanitized before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site and/or inject SQL-Commands This applies to many many standard fields i

Z-Blog 1.7 Authentication Bypass Database Download Vulnerability

* Author : Hasadya Raed * Contact : [EMAIL PROTECTED] ~>Israel Hacker * Greetz : Fairoz :) * Advisory : Z-Blog 1.7 Authentication Bypass/Database Download Vulnerability * Script : Z-Blog 1.7 * Impact : Remote * Googledork : "Powered by Z-Blog 1.7" , "Powered By Z-Blog 1.7

PBSite - PHP Bulletin Site | CMS ====> RFI

%% script:PBSite - PHP Bulletin Site | CMS > RFI url:http://sourceforge.net/project/showfiles.php?group_id=88114 authot:titanichacker ([EMAIL PROTECTED]) contact: hack-teach.com & mohandko.com & tryag.com %%

SEC Consult SA-20070601-0 :: PHP chunk_split() integer overflow

SEC Consult Security Advisory < 20070601-0 > === title: PHP chunk_split() integer overflow program: PHP vulnerable version: < 5.2.3 impact:

[OpenPKG-SA-2007.020] OpenPKG Security Advisory (php)

ion: Corrected Branch: Corrected Package: OpenPKG Enterprise E1.0-SOLIDapache-1.3.37-E1.0.6 OpenPKG Enterprise E1.0-SOLIDphp-5.1.6-E1.0.4 OpenPKG CommunityCURRENT apache-1.3.37-20070601 OpenPKG CommunityCURRENT apache2-php-5.2.3-20070

phpreactor <===1.2.7 remote file include

*** *phpreactor <===1.2.7 remote file include * *url:http://sourceforge.net/projects/phpreactor/ * *author:titanichacker (egy-virus) * *contact: hack-teach.com & mohandko.com & tryag.com * *bug in : * */inc/view.inc.php & inc/users.inc.php & inc/update