Ikarus CAB/RAR/ZIP Evasions
The Ikarus parsing engine versions below 1.1.58 suffer from CAB, RAR, and ZIP related bypass vulnerabilities.
View ArticleNorman Generic Evasion
Norman with decompression engine versions below 5.99.07 suffer from a RAR related bypass vulnerability.
View ArticleF-prot TAR Bypass / Evasion
The F-prot parsing engine can be bypassed by a specially crafted and formatted TAR archive.
View ArticleApple Safari / QuickTime Denial Of Service
Apple Safari and QuickTime programs suffer from a denial of service vulnerability.
View ArticleApple Safari Remote Code Execution
Calling a CSS attr attribute with a large number leads to memory corruption in Apple Safari.
View ArticleDebian Linux Security Advisory 1814-1
Debian Security Advisory 1814-1 - Two vulnerabilities have been found in libsndfile, a library to read and write sampled audio data.
View ArticleEvernew Free Joke Script 1.2 Password Changer
Evernew Free Joke Script version 1.2 remote change password exploit.
View ArticleImpleo Music Collection 2.0 XSS / SQL Injection
Impleo Music Collection version 2.0 suffers from remote SQL injection and cross site scripting vulnerabilities.
View ArticleDB Top Sites 1.0 Code Execution
DB Top Sites version 1.0 remote command execution exploit.
View ArticleDB Top Sites 1.0 Local File Inclusion
DB Top Sites version 1.0 suffers from a local file inclusion vulnerability in index.php.
View ArticleElvin BTS 1.2.0 XSS / LFI / SQL Injection
Elvin BTS version 1.2.0 suffers from remote SQL injection, cross site scripting, cross site request forgery, and local file inclusion vulnerabilities.
View ArticleAdaptWeb 0.9.2 LFI / SQL Injection
AdaptWeb version 0.9.2 suffers from local file inclusion and remote SQL injection vulnerabilities.
View ArticleEntropy Broker RNG
Entropy Broker is an infrastructure for distributing cryptographically secure random numbers (entropy data) from one or more servers to one or more clients. Entropy Broker allows you to distribute...
View ArticleSugarCRM 5.2.0e Code Execution
SugarCRM versions 5.2.0e and below suffer from a remote code execution vulnerability.
View ArticleDebian Linux Security Advisory 1815-1
Debian Security Advisory 1815-1 - It was discovered that the Rasterbar Bittorrent library performed insufficient validation of path names specified in torrent files, which could lead to denial of...
View ArticleWordPress Photoracer SQL Injection
The WordPress Photoracer plugin version 1.0 suffers from a remote SQL injection vulnerability.
View ArticleTorrentTrader Classic 1.09 SQL Injection
TorrentTrader Classic version 1.09 suffers from information leakage, forced database backup, and multiple remote SQL injection vulnerabilities.
View ArticleUbuntu Security Notice 788-1
Ubuntu Security Notice USN-788-1 - Iida Minehiko discovered that Tomcat did not properly normalise paths. A remote attacker could send specially crafted requests to the server and bypass security...
View ArticlevBulletin Radio And TV Player Cross Site Scripting
The vBulletin Radio and TV Player add-on suffers from cross site scripting, iframe injection, and redirect vulnerabilities.
View ArticleApple QuickTime CRGN Atom Overflow
Apple QuickTime CRGN Atom stack overflow exploit that creates a malicious .mov file.
View ArticleZoki Catalog SQL Injection
The Zoki Catalog is susceptible to a remote SQL injection vulnerability in the search form.
View ArticleJoomla iJoomla RSS Blind SQL Injection
Blind remote SQL injection exploit for the Joomla iJoomla RSS component.
View ArticlephpCollegeExchange 0.1.5c SQL Injection
phpCollegeExchange version 0.1.5c suffers from a remote SQL injection vulnerability in listing_view.php.
View ArticleNetgear DG632 Authentication Bypass
The Netgear DG632 router suffers from a remote authentication bypass vulnerability.
View ArticleNetgear DG632 Denial Of Service
The Netgear DG632 router suffers from a remote denial of service vulnerability.
View Article
