Section: .. / 0604-advisories /
| /// File Name: |
Mini-NUKEv2.3.txt |
Description:
|
Mini-NUKE v2.3 suffers from a SQL injection vulnerability.
| | Author: | CrAzY.CrAcKeR | | File Size: | 403 | | Last Modified: | Apr 28 14:49:05 2006 |
| MD5 Checksum: | cc6ccadcd825a90baeb80eca1691efb4 |
|
| /// File Name: |
SUSE-SA-2006-021.txt |
Description:
|
SUSE Security Announcement SUSE-SA:2006:021: various security problems in Mozilla based browsers.
| | Homepage: | http://www.suse.com | | File Size: | 33510 | | Last Modified: | Apr 28 14:48:29 2006 |
| MD5 Checksum: | 0ce91f5efc612402ba64bda5579152bd |
|
| /// File Name: |
Websense.txt |
Description:
|
It is possible to bypass any website that is in the "Uncategorized" Websense Category simply by adding a question mark at the end of the URL.
| | Author: | qex | | File Size: | 492 | | Last Modified: | Apr 28 14:47:30 2006 |
| MD5 Checksum: | ff435902262fb7efa95ee4012e46e65c |
|
| /// File Name: |
ActualAnalyzer.txt |
Description:
|
ActualAnalyzer suffers from a remote file inclusion vulnerability if register_globals = On.
| | Homepage: | http://www.majorsecurity.de | | File Size: | 1415 | | Last Modified: | Apr 28 14:46:12 2006 |
| MD5 Checksum: | 9bcc17c87c11678acda81e4225e8584c |
|
| /// File Name: |
Firefox1.5.0.2.txt |
Description:
|
Remote file open flaw in Firefox 1.5.0.2: It is possible by a malicious web site to open local content in the browser by tricking a user into right-clicking and +choosing "View Image" on a broken image, which is referencing a local resource (e.g. via the file: URI handler).
| | Author: | miky | | Related Exploit: | show_bug.cgi?id=334341 | | File Size: | 1438 | | Last Modified: | Apr 28 14:34:46 2006 |
| MD5 Checksum: | f5bdb613e8470c352ab66a6ff1a75e1d |
|
| /// File Name: |
mambo-joomla.txt |
Description:
|
Mambo / Joomla do not properly validate user-supplied input in rss.php.A remote user can supply a specially crafted URL to cause the system to display an error message that discloses the installation Path or force the script to create Tons of superfluous xml files which in some cases results in remote DOS attacks against target.
| | Homepage: | http://www.kapda.ir/ | | File Size: | 3136 | | Last Modified: | Apr 28 14:31:29 2006 |
| MD5 Checksum: | aa680d223f20e8dfbce6bcbdbeb20365 |
|
| /// File Name: |
4images-1.7.txt |
Description:
|
4images versions less than or equal to 1.7 suffer from XSS.
| | Author: | qex | | File Size: | 250 | | Last Modified: | Apr 28 14:20:22 2006 |
| MD5 Checksum: | a4e1fe5401feefc141874387c26f1358 |
|
| /// File Name: |
oracle-10gR1.txt |
Description:
|
Oracle Database 10gR1 suffers from a buffer overflow in VERIFY_LOG procedure (DB03) Oracle Database Server provides the DBMS_SNAPSHOT_UTL package that includes capability to manage materialized views. This package contains the public procedure VERIFY_LOG that is vulnerable to buffer overflow. By default DBMS_SNAPSHOT_UTL has EXECUTE permission to PUBLIC so any Oracle database user can exploit this vulnerability.
| | Author: | Argeniss - Information Security | | Homepage: | http://www.argeniss.com | | File Size: | 2020 | | Last Modified: | Apr 28 14:12:22 2006 |
| MD5 Checksum: | b49a0be025c700042e26b51c1143b0f4 |
|
| /// File Name: |
AT-9724TS.txt |
Description:
|
It is possible to crash a Allied Telesyn AT-9724TS switch by sending it a large stream of UDP data.
| | Author: | kim | | File Size: | 412 | | Last Modified: | Apr 28 14:09:45 2006 |
| MD5 Checksum: | 87332998944a6df10049445ae18f0c65 |
|
| /// File Name: |
WWWThread.txt |
Description:
|
WWWThread RC 3 suffers from multiple SQL injection vulnerabilities.
| | Author: | o.y.6 | | Homepage: | http://www.securitygurus.net | | File Size: | 2533 | | Last Modified: | Apr 28 14:08:30 2006 |
| MD5 Checksum: | 223b4f359d26f15273350ce5f491c0c4 |
|
| /// File Name: |
ASPSitem-1.83.txt |
Description:
|
ASPSitem 1.83 and prior suffer from SQL injection in the id parameter of Haberler.asp.
| | Author: | nukedx | | Homepage: | http://www.nukedx.com | | File Size: | 1329 | | Last Modified: | Apr 28 14:07:21 2006 |
| MD5 Checksum: | 1c7de361373fbfcb35c488ec1fe83be9 |
|
| /// File Name: |
EasyGallery.txt |
Description:
|
EasyGallery CMS is vulnerable to XSS in EasyGallery.php.
| | Author: | botan | | File Size: | 412 | | Last Modified: | Apr 28 14:06:24 2006 |
| MD5 Checksum: | f5f9b554f732b949f9c99fa07ff41fb9 |
|
| /// File Name: |
ContentBoxx.txt |
Description:
|
ContentBoxX CMS is vulnerable to XSS in login.php.
| | Author: | botan | | File Size: | 448 | | Last Modified: | Apr 28 14:05:23 2006 |
| MD5 Checksum: | cf93b7a79db3ebab778eb9ff8ad25127 |
|
| /// File Name: |
dForum-1.5.txt |
Description:
|
dForum versions less than or equal to 1.5 suffer from multiple remote file inclusion vulnerabilities.
| | Author: | nukedx | | Homepage: | http://www.nukedx.com | | File Size: | 1632 | | Last Modified: | Apr 28 13:38:03 2006 |
| MD5 Checksum: | 4ee3f8054a9d04daf01374e429dbcffc |
|
| /// File Name: |
r57shell.php.txt |
Description:
|
r57shell.php suffers from XSS.
| | Author: | qex | | File Size: | 101 | | Last Modified: | Apr 28 13:35:17 2006 |
| MD5 Checksum: | e17339c3eb127eb55b3deb227867a072 |
|
| /// File Name: |
Simplog-0.93.txt |
Description:
|
Simplog 0.93 and earlier suffer from SQL injection in preview.php, archive.php, and comments.php as well as XSS. POC included.
| | Author: | nukedx | | Homepage: | http://www.nukedx.com | | File Size: | 2698 | | Last Modified: | Apr 28 13:34:20 2006 |
| MD5 Checksum: | a70ef8d8e4fa79e0ef4d3ab7c63b3862 |
|
| /// File Name: |
vb-MKPortal.txt |
Description:
|
The MKPortal vBulletin plugin versions 1.1 RC1 and prior suffer from SQL injection in index.php.
| | Author: | nukedx | | Homepage: | http://www.nukedx.com | | File Size: | 1467 | | Last Modified: | Apr 28 13:32:40 2006 |
| MD5 Checksum: | 3114d92a26bfcf27bafd49fc1d8f0942 |
|
| /// File Name: |
GamingLadder.txt |
Description:
|
My Gaming Ladder Combo System versions less than or equal to 7.0 suffer from a remote file inclusion vulnerability.
| | Homepage: | http://www.nukedx.com | | File Size: | 1143 | | Last Modified: | Apr 28 13:29:57 2006 |
| MD5 Checksum: | 861222dd181bada7508e56a9e8641dd0 |
|
| /// File Name: |
mshtml.dll.txt |
Description:
|
There appears to be a vulnerability in how Microsoft Internet Explorer handles (or fails to handle) certain combinations of nested OBJECT tags. This may lead to execution of code.
| | Author: | Michal Zalewski | | File Size: | 2769 | | Last Modified: | Apr 28 13:29:04 2006 |
| MD5 Checksum: | 4adb50bcba8cfc64ca6f57f787ca5953 |
|
| /// File Name: |
RIblog.txt |
Description:
|
RIblog suffers from SQL injection. POC included.
| | Homepage: | http://colander.altervista.org/ | | File Size: | 1899 | | Last Modified: | Apr 28 13:24:50 2006 |
| MD5 Checksum: | b448b18b9baef8876dd1d845809fe778 |
|
| /// File Name: |
ffdos.txt |
Description:
|
Firefox 1.5.0.2 suffers from a buffer overflow which may lead to execution of arbitrary code. POC included that crashes firefox 1.5.0.2.
| | Author: | splices | | Homepage: | http://www.securident.com/ | | File Size: | 1699 | | Last Modified: | Apr 28 13:22:24 2006 |
| MD5 Checksum: | 6b50fcdc6032df723b2fc82a323da82f |
|
| /// File Name: |
ScryGallery.txt |
Description:
|
Scry Gallery v1.1 suffers from XSS.
| | Author: | arko.dhar | | File Size: | 555 | | Last Modified: | Apr 28 13:18:55 2006 |
| MD5 Checksum: | 45cd6dd272efb0805ac2a7c4cf06299c |
|
| /// File Name: |
Clansys-1.1.txt |
Description:
|
Clansys versions less than or equal to 1.1 suffer from a PHP code insertion vulnerability.
| | Homepage: | http://www.nukedx.com/ | | File Size: | 1200 | | Last Modified: | Apr 28 13:18:07 2006 |
| MD5 Checksum: | 4c30c3dd3e496b6ff1aa20b8499705ff |
|
| /// File Name: |
CoreNews-2.0.1.txt |
Description:
|
CoreNews versions less than or equal to 2.0.1 suffer from multiple remote vulnerabilities.
| | Homepage: | http://www.nukedx.com | | File Size: | 2092 | | Last Modified: | Apr 28 12:06:46 2006 |
| MD5 Checksum: | 06970d0150caf3052c3ba25f33335514 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
