Publication: SecurityAlert Database - Vulnerability Database

First reported 22 hours ago - Updated 9 hours ago - 1 reports

Sixnet Sixview 2.4.1 Directory Traversal

Topic: Sixnet Sixview 2.4.1 Directory Traversal Risk: Medium Text:#Exploit Title: Sixnet sixview web console directory traversal #Date: 2014-04-21 #Exploit Author: daniel svartman #Vendor Ho... ... [Published SecurityAlert Database - Vulnerability Database - 22 hours ago]
First reported 22 hours ago - Updated 22 hours ago - 1 reports

Parallels Plesk Panel 12.x Key Disclosure

Topic: Parallels Plesk Panel 12.x Key Disclosure Risk: High Text:While auditing the source code for Parallels Plesk Panel 12.x on Linux I noticed the following feature that leads to leakage o... ... [Published SecurityAlert Database - Vulnerability Database - 22 hours ago]
Entities: Source Code, Linux
First reported 22 hours ago - Updated 22 hours ago - 1 reports

No-CMS 0.6.6 Rev 1 Account Hijack / Remote Command Execution

Topic: No-CMS 0.6.6 Rev 1 Account Hijack / Remote Command Execution Risk: High Text:<?php /* * * Static encryption_key of No-CMS lead to Session Array Injection in order to * hijack administrator account the... ... [Published SecurityAlert Database - Vulnerability Database - 22 hours ago]
First reported 22 hours ago - Updated 22 hours ago - 1 reports

Symantec Messaging Gateway 10.5.1 Cross Site Scripting

Topic: Symantec Messaging Gateway 10.5.1 Cross Site Scripting Risk: Low Text:I. VULNERABILITY-Reflected XSS Attacks vulnerability in Symantec Messaging Gateway Version 10.5.1II. ... ... [Published SecurityAlert Database - Vulnerability Database - 22 hours ago]
First reported Apr 22 2014 - Updated 22 hours ago - 2 reports

iDevAffiliate 5.x SQL Injection

Topic: iDevAffiliate 5.x SQL Injection Risk: Medium Text:# Exploit Title: iDevAffiliate <= v5.x SQL Injection Vulnerability # Google Dork: Use your head # Date: 4/21/2014 # Vendor H... ... [Published SecurityAlert Database - Vulnerability Database - 22 hours ago]
First reported Apr 22 2014 - Updated Apr 22 2014 - 2 reports

KnowledgeTree Blind SQL Injection

Topic: KnowledgeTree Blind SQL Injection Risk: Medium Text:Product description:KnowledgeTree is document management system that makes it easy to secure, share, track and manage t... ... [Published SecurityAlert Database - Vulnerability Database - Apr 22 2014]
First reported Apr 22 2014 - Updated Apr 22 2014 - 1 reports

WordPress JS External Link Info Cross Site Scripting

Topic: WordPress JS External Link Info Cross Site Scripting Risk: Low Text:## # Exploit Title : Wordpress Wp Js External link Info Cross Site Scripting # # Exploit Author : Ashiyane Digi... ... [Published SecurityAlert Database - Vulnerability Database - Apr 22 2014]
First reported Apr 22 2014 - Updated Apr 22 2014 - 1 reports

DuBose Web Group CMS Cross Site Scripting

Topic: DuBose Web Group CMS Cross Site Scripting Risk: Low Text:# Cross Site Scripting on DuBose Web Group CMS # Risk: Low # CWE number: CWE-79 # Date: 19/04/2014 # Vendor: www.duboseweb.... ... [Published SecurityAlert Database - Vulnerability Database - Apr 22 2014]
First reported Apr 21 2014 - Updated Apr 21 2014 - 1 reports

phpManufaktur / kitForm <= 0.43 SQL Injection

Topic: phpManufaktur / kitForm <= 0.43 SQL Injection Risk: Medium Text:Happy easter..* Product: phpManufaktur / kitForm * Version: <= 0.43 (2013-11-22) * Date: 2014-04-20 * Criticality: Mediu... ... [Published SecurityAlert Database - Vulnerability Database - Apr 21 2014]
Entities: SQL Injection
First reported Apr 21 2014 - Updated Apr 21 2014 - 1 reports

systemd create or overwrite arbitrary files

Topic: systemd create or overwrite arbitrary files Risk: Medium Text:The session_link_x11_socket function in login/logind-session.c in systemd-logind in systemd, possibly 37 and earlier, allows lo... ... [Published SecurityAlert Database - Vulnerability Database - Apr 21 2014]
First reported Apr 21 2014 - Updated Apr 21 2014 - 2 reports

Wordpress Themes Theagency File Upload Vulnerability

Topic: Wordpress Themes Theagency File Upload Vulnerability Risk: High Text:## Title : Wordpress Themes Theagency File Upload Vulnerability# Author : AnonBoy... ... [Published SecurityAlert Database - Vulnerability Database - Apr 21 2014]
First reported Apr 17 2014 - Updated Apr 17 2014 - 2 reports

Ektron CMS 8.7 Cross Site Scripting

Topic: Ektron CMS 8.7 Cross Site Scripting Risk: Low Text: --BEGIN PGP SIGNED MESSAGE -- Hash: SHA1Stored Cross Site Scripting in Ektron CMS 8.7CVE reference: CVE-2014-2729 Af... ... [Published SecurityAlert Database - Vulnerability Database - Apr 17 2014]

Quotes

Use CVE-2013-7353 for "png_set_unknown_chunks in libpng/pngset.c ... Fixed in lib..."
Topic: BlazeDVD Pro Player 6.1 Buffer Overflow Risk: High Text:## EDB Note, XPSP3 - my $eip = pack( "V',0x7c868667); #jmp ESP on kernel32.dll"

More Content

All (660) | News (0) | Reports (0) | Blogs (660) | Audio/Video (0) | Fact Sheets (0) | Press Releases (0)
sort by: Date | Relevance
Parallels Plesk Panel 12.x Key Disclosure [Published SecurityAlert Database - Vulnerability Database - 22 hours ago]
Sixnet Sixview 2.4.1 Directory Traversal [Published SecurityAlert Database - Vulnerability Database - 22 hours ago]
No-CMS 0.6.6 Rev 1 Account Hijack / Remote Comm... [Published SecurityAlert Database - Vulnerability Database - 22 hours ago]
Symantec Messaging Gateway 10.5.1 Cross Site Sc... [Published SecurityAlert Database - Vulnerability Database - 22 hours ago]
iDevAffiliate 5.x SQL Injection [Published SecurityAlert Database - Vulnerability Database - 22 hours ago]
KnowledgeTree Blind SQL Injection [Published SecurityAlert Database - Vulnerability Database - Apr 22 2014]
WordPress JS External Link Info Cross Site Scri... [Published SecurityAlert Database - Vulnerability Database - Apr 22 2014]
PTCeffect 4.6 Local File Inclusion / SQL Injection [Published SecurityAlert Database - Vulnerability Database - Apr 22 2014]
Wapoweb SQL Injection [Published SecurityAlert Database - Vulnerability Database - Apr 22 2014]
DuBose Web Group CMS Cross Site Scripting [Published SecurityAlert Database - Vulnerability Database - Apr 22 2014]
phpManufaktur / kitForm <= 0.43 SQL Injection [Published SecurityAlert Database - Vulnerability Database - Apr 21 2014]
systemd create or overwrite arbitrary files [Published SecurityAlert Database - Vulnerability Database - Apr 21 2014]
Wordpress Themes Theagency File Upload Vulnerab... [Published SecurityAlert Database - Vulnerability Database - Apr 21 2014]
Media Player Classic Memory Corruption [Published SecurityAlert Database - Vulnerability Database - Apr 21 2014]
WordPress File Disclosure Vulnerability [Published SecurityAlert Database - Vulnerability Database - Apr 21 2014]
CGR BRASIL CMS Sql Injection [Published SecurityAlert Database - Vulnerability Database - Apr 21 2014]
Teracom Modem CSRF Vulnerability [Published SecurityAlert Database - Vulnerability Database - Apr 21 2014]
Adobe Flash Player Regular Expression Heap Over... [Published SecurityAlert Database - Vulnerability Database - Apr 19 2014]
CU3ER 1.24 Cross Site Scripting / Content Spoofing [Published SecurityAlert Database - Vulnerability Database - Apr 19 2014]
Sercomm TCP/32674 Backdoor Reactivation [Published SecurityAlert Database - Vulnerability Database - Apr 19 2014]
Linux group_info Denial Of Service [Published SecurityAlert Database - Vulnerability Database - Apr 19 2014]
vBulletin 5.1 Cross Site Scripting [Published SecurityAlert Database - Vulnerability Database - Apr 19 2014]
Ruby Gem sfpagent 0.4.14 Command Injection [Published SecurityAlert Database - Vulnerability Database - Apr 19 2014]
Nagios Remote Plugin Executor 2.15 Remote Comma... [Published SecurityAlert Database - Vulnerability Database - Apr 18 2014]
ASUS RT Password Disclosure [Published SecurityAlert Database - Vulnerability Database - Apr 18 2014]
McAfee Security Scanner Plus Rogue Binary Execu... [Published SecurityAlert Database - Vulnerability Database - Apr 18 2014]
D-Link DAP-1320 Directory Traversal / Cross Sit... [Published SecurityAlert Database - Vulnerability Database - Apr 18 2014]
CMSimple 4.4.2 Remote File Inclusion [Published SecurityAlert Database - Vulnerability Database - Apr 18 2014]
F-Secure Messaging Security Gateway 7.5.0.892 C... [Published SecurityAlert Database - Vulnerability Database - Apr 18 2014]
Ruby OpenSSL private key spoofing [Published SecurityAlert Database - Vulnerability Database - Apr 17 2014]
1 2 3 4 5 6 7 8 9 10 ...
Content Volume
Document Volume
Network
Network

Blogs

sort by: Date | Relevance
Parallels Plesk Panel 12.x Key Disclosure [Published SecurityAlert Database - Vulnerability Database - 22 hours ago]
Topic: Parallels Plesk Panel 12.x Key Disclosure Risk: High Text:While auditing the source code for Parallels Plesk Panel 12.x on Linux I noticed the following feature that leads to leakage o... ...
Sixnet Sixview 2.4.1 Directory Traversal [Published SecurityAlert Database - Vulnerability Database - 22 hours ago]
Topic: Sixnet Sixview 2.4.1 Directory Traversal Risk: Medium Text:#Exploit Title: Sixnet sixview web console directory traversal #Date: 2014-04-21 #Exploit Author: daniel svartman #Vendor Ho... ...
No-CMS 0.6.6 Rev 1 Account Hijack / Remote Comm... [Published SecurityAlert Database - Vulnerability Database - 22 hours ago]
Topic: No-CMS 0.6.6 Rev 1 Account Hijack / Remote Command Execution Risk: High Text:<?php /* * * Static encryption_key of No-CMS lead to Session Array Injection in order to * hijack administrator account the... ...
Symantec Messaging Gateway 10.5.1 Cross Site Sc... [Published SecurityAlert Database - Vulnerability Database - 22 hours ago]
Topic: Symantec Messaging Gateway 10.5.1 Cross Site Scripting Risk: Low Text:I. VULNERABILITY-Reflected XSS Attacks vulnerability in Symantec Messaging Gateway Version 10.5.1II. ... ...
iDevAffiliate 5.x SQL Injection [Published SecurityAlert Database - Vulnerability Database - 22 hours ago]
Topic: iDevAffiliate 5.x SQL Injection Risk: Medium Text:# Exploit Title: iDevAffiliate <= v5.x SQL Injection Vulnerability # Google Dork: Use your head # Date: 4/21/2014 # Vendor H... ...
1 2 3 4 5 6 7 8 9 10 ...
Contact Us
Sales
Support


Freebase CC-BY Some image thumbnails are sourced from Freebase, licensed under CC-BY

Copyright (C) 2014 Silobreaker Ltd. All rights reserved.
The selection and placement of stories and images on any Silobreaker page are determined automatically by a computer program.
The time or date displayed reflects when an article was added to or updated in Silobreaker.