Cross Site Scripting (XSS) in Owl <=0.95, CVE-2008-3100
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3100
http://owl.sourceforge.net/
http://www.datensalat.eu/~fabian/cve/CVE-2008-3100-Owl.html
Description:
Owl is a multi user document repository (knowledgebase) system for
##
# GulfTech Security ResearchJuly 28, 2008
##
# Vendor : ViArt, Ltd
# URL : http://www.viart.com/
# Version : ViArt Shop <= 3.5
# Risk : SQL Injection
#
-#
[Saved] - [27-07-2008/13:10:02]
# .: Multiple Cross-Site Scripting Vulnerabilities in Web Wiz Rich Text
Editor version 4.02
# .: [Author] CSDT
# .: [Affected versions] http:/
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
CVE requests can be sent to [EMAIL PROTECTED] or to me directly. My PGP
key is below, or accessible from the MIT public key server.
Alternately, you can request them from Candidate Numbering Authorities
(CNAs) which include the security teams at Red
-Original Message-
From: Abe Getchell [mailto:[EMAIL PROTECTED]
Sent: Friday, 18 July 2008 12:39 PM
To: bugtraq@securityfocus.com
Subject: Windows Vista Power Management & Local Security Policy
> When the security option "Shutdown: Allow system to be shutdown without
having to log on" (
##
# GulfTech Security ResearchJuly 28, 2008
##
# Vendor : Talldude Networks, LLC
# URL : http://www.jamroom.net/
# Version : Jamroom <= 3.3.8
# Risk : Authentication Byp
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01511225
Version: 1
HPSBMA02353 SSRT080066 rev.1 - HP OpenView Internet Services Running Probe
Builder, Remote Denial of Service (DoS)
NOTICE: The information in this Security Bulletin should
-- ISR - Infobyte Security Research
-- | ISR-evilgrade | www.infobyte.com.ar |
ISR-evilgrade: is a modular framework that allow us to take advantage of poor
upgrade implementations by injecting fake updates.
* How does it work?
It works with modules, each module implements the structure needed
Digital Security Research Group [DSecRG] Advisory #DSECRG-08-033
Application:Pixelpost photoblog
Versions Affected: 1.7.1
Vendor URL: http://www.pixelpost.org/
Bug:Local File Include
Exploits:
Bboyhacks
bboyhacks[at]gmail.com
AXESS.TEL
CDMA 1xEV-DO
FIXED WIRELESS MODEN
AXW-D800
S/W Version:D2_ETH_109_01_VEBR Jun-14-2006
Default LAN IP: 192.168.0.1
http thttpd 2.25b
Security Bypass Vulnerabilities
_
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
-
Debian Security Advisory DSA-1621-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Moritz Muehlenhoff
July 27, 2008
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2008:155-1
http://www.mandriva.com/security/
___
hi,
i'd like to know, how to request a cve id when a vulnerability has been
discovered.
thanks
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
-
Debian Security Advisory DSA-1620-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Moritz Muehlenhoff
July 27, 2008
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
-
Debian Security Advisory DSA-1619-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Devin Carraway
July 27, 2008
15 matches
Mail list logo