SQLSUS MySQL Injection Tool 0.4.1
sqlsus is a MySQL injection and takeover tool, written in perl. Via a command line interface that mimics a mysql console, you can retrieve the database structure / contents, inject a SQL query,...
View ArticleHP OpenView NNM webappmon.exe CGI Host Header Buffer Overflow
A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard OpenView Network Node Manager. Authentication is not required to exploit this...
View ArticleHP OpenView NNM OvWebHelp.exe CGI Topic Heap Overflow
A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard OpenView Network Node Manager. Authentication is not required to exploit this...
View ArticleHP OpenView NNM ovalarm.exe CGI Accept-Language Stack Overflow
A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard OpenView Network Node Manager. Authentication is not required to exploit this...
View ArticleHP OpenView NNM snmpviewer.exe CGI Host Header Stack Overflow
A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard OpenView Network Node Manager. Authentication is not required to exploit this...
View ArticleHP OpenView NNM ovwebsnmpsrv.exe OVwSelection Stack Overflow
A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard OpenView Network Node Manager. Authentication is not required to exploit this...
View ArticleAdobe Flash Player Memory Corruption
Fortinet's FortiGuard Labs has discovered memory corruption vulnerabilities in the Adobe Flash Player.
View ArticlePHPIDS 0.6.2 Unserialize() Execution
PHPIDS versions 0.6.2 and below unserializes() user input which allows an attacker to send a carefully crafted cookie that when unserialized can utilize existing classes which e.g. can lead to upload...
View ArticlePiwik Cookie Unserialize() Execution
It was discovered that Piwik versions 0.4.5 and below unserialize data from the user supplied cookie. By unserializing some of Piwik's objects it is possible to write arbitrary files to writable...
View ArticleMandriva Linux Security Advisory 2009-329
Mandriva Linux Security Advisory 2009-329 - Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel.
View ArticleGeN3 1.4 SQL Injection
It appears that the recently discovered vulnerability in GeN3 version 1.3 also works against GeN3 version 1.4.
View ArticleUbuntu Security Notice 869-1
Ubuntu Security Notice 869-1 - David Ford discovered that the IPv4 defragmentation routine did not correctly handle oversized packets. A remote attacker could send specially crafted traffic that would...
View ArticleiDEFENSE Security Advisory 2009-12-08.1
iDefense Security Advisory 12.08.09 - Remote exploitation of a memory corruption vulnerability in Microsoft Corp.'s Internet Explorer could allow an attacker to execute arbitrary code with the...
View ArticleiDEFENSE Security Advisory 2009-12-08.2
iDefense Security Advisory 12.08.09 - Remote exploitation of an integer overflow vulnerability in Microsoft Corp.'s WordPad could allow an attacker to execute arbitrary code with the privileges of the...
View ArticleiDEFENSE Security Advisory 2009-12-08.3
iDefense Security Advisory 12.08.09 - Remote exploitation of a heap corruption vulnerability in Microsoft Corp.'s Indeo32 Codec could allow an attacker to execute arbitrary code in the context of the...
View ArticleCore Security Technologies Advisory 2009.1013
Core Security Technologies Advisory - The TestLink Test Management and Execution System suffers from cross site scripting and remote SQL injection vulnerabilities. Versions below 1.8.5 are affected.
View ArticleHP Security Bulletin HPSBUX02480 SSRT090253
HP Security Bulletin - A potential security vulnerability has been identified with HP-UX running VRTSweb version 5.0. The vulnerability could be exploited remotely to execute arbitrary code or increase...
View ArticleoBlog Cross Site Scripting / Request Forgery
oBlog suffers from cross site scripting, cross site request forgery, and a lack of brute forcing protection.
View ArticleHP Security Bulletin HPSBMA02483 SSRT090257
HP Security Bulletin - Potential security vulnerabilities have been identified with HP OpenView Network Node Manager (OV NNM). These vulnerabilities could be exploited remotely to execute arbitrary code.
View ArticleOPMANAGER SQL Injection
OPMANAGER suffers from a remote blind SQL injection vulnerability.
View Article
