sqlmap is an automatic blind SQL injection tool, developed in python, capable to perform an active database management system fingerprint, enumerate entire remote databases and much more. The aim of this project is to implement a fully functional database management system tool which takes advantages of web application programming security flaws which lead to SQL injection vulnerabilities.
79a390525330bfc0ba75ff322b46363ad822b19c9fe144aaa840869108e5a04aDemonstration code that shows how Kaspersky Internet Security 6 hooks many functions in SSDT and in at least nine cases it fails to validate arguments that come from the user mode.
6d0d1ca3bc484c7a00854c53eec72c38dd889b5ea5dde97f8401308d0f41498bKaspersky Internet Security 6 hooks many functions in SSDT and in at least nine cases it fails to validate arguments that come from the user mode.
88baa51895098a119b253129abb370e0e3855658a1194e120b3e2226fededcb1PHP::HTML version 0.6.4 suffers from a remote file inclusion vulnerability in phphtml.php.
bc5775c33dc42ad7966b0eac2926ab62d2be3de0be562f4f6544aa6739c9fa62Sitellite CMS versions 4.2.12 and below suffer from a remote file inclusion vulnerability in 559668.php.
4ed906fecdcc37bc301b71c285a269be7270b242f3c771741ffd39d6a68690d9124 byte win32 download and execute shellcode.
aab5d5a52b27af1060146907b74ed8f440ebb56779c5e3714747edb53d0f0c71Whitepaper discussing secure file upload in PHP web applications.
c2f310516a6d4d5db4170ff162f315419894a825ccc044c82abbc2e20b2cdee4The XOOPS module PopnupBlog suffers from a remote file inclusion vulnerability.
0c8cf5e73633bb3313c3bda90a4aae5f5bbbf02bb6f2313543a48b54d8bd8712XOOPS module Cjay Content 3 suffers from a remote file inclusion vulnerability.
be91a68f2bca327c5710bbb46b15837b44afbb7c2ae04b0cb24633e5edb1ab23XOOPS module XT-Conteudo suffers from a remote file inclusion vulnerability.
ca3e69c1caa3fa4f7548c808fbc152507df4fc799a8c3016ad96878d5e8b276aGuardian Information Systems suffer from a direct database download vulnerability.
648ad3011ba8b8861ae69163a15b70ad4c3e6c4beb317a14816148af3d9d863fSH-News version 3.1 suffers from a remote file inclusion vulnerability.
18ce6bb58baff871d11864a166cea3612927a8431a3d8ce2f22a6986ce3b337fMandriva Linux Security Advisory - SpamAssassin 3.1.x, when running as root with unusual configuration options using vpopmail or virtual users, could allow local users to cause a denial of service (via corrupting arbitrary files) using a symlink attack on a file used by spamd.
51a5fdeaf6c02118794caa0acc1dd810f18dbb0fb0675dc53164d334f034c39aElxis CMS versions 2006.4 and below suffer from a SQL injection vulnerability.
d53eb6928d0f75544d96921f1a3054e4b17885be06a5ee60f367852f79e0e232TeamIntell has reported a vulnerability in the Letterman Subscriber Module (mod_letterman) for Joomla! CMS which can be exploited by malicious people to conduct script insertion attacks. Version 1.2.4-RC1 is reported vulnerable. Other versions may be susceptible as well.
cafb25669a06fbe805a64225e3da0e3d5d5b123773f8fba826c5c04d5f674547iDefense Security Advisory 06.14.07 - Remote exploitation of an input validation vulnerability in Apache Software Foundation's MyFaces Tomahawk JSF framework could allow an attacker to perform a cross-site scripting (XSS) attack. The code responsible for parsing HTTP requests is vulnerable to an XSS vulnerability. When parsing the 'autoscroll' parameter from a POST or GET request, the value of this variable is directly inserted into JavaScript that is sent back to the client. This allows an attacker to run arbitrary JavaScript in the context of the affected domain of the MyFaces application being targeted. iDefense has confirmed the existence of this vulnerability in MyFaces Tomahawk version 1.1.5. Previous versions may also be affected.
244283775e3ba1442966782ad515ee3b4e94173b27931fb11f8a1cb4f498d173Debian Security Advisory 1308-1 - Several remote vulnerabilities have been discovered in the Iceweasel web browser, an unbranded version of the Firefox browser.
d0351618063473adc3c0fb3a3bec7f4695f33cf5c58e5d2ea61ac013924a3feeApache Tomcat versions 4.0.0 to 4.0.6, 4.1.0 to 4.1.36, 5.0.0 to 5.0.30, 5.5.0 to 5.5.24, and 6.0.0 to 6.0.13 suffer from a cross site scripting flaw in the Host Manager Application.
0cf8c43036f2c7837ce86bba5bc54b9dea03e8669966df6441046992fbb203b0Apache Tomcat versions 4.0.0 to 4.0.6, 4.1.0 to 4.1.36, 5.0.0 to 5.0.30, 5.5.0 to 5.5.24, and 6.0.0 to 6.0.13 suffer from a cross site scripting flaw in their JSP examples.
a6c3ae6ce4360fc4d056e2d6c0d8f910d71d7afb1587a7db9a0a2d4f30cc120a
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed