Bugtraq: by date
RSS Feed
About List
All Lists
Previous period
763 messages
starting Jun 01 06 and
ending Jun 30 06
Date index |
Thread index |
Author index
Thursday, 01 June
multiple file inclusion exploits in ovidentia v5.8.0 black code
FreeBSD Security Advisory FreeBSD-SA-06:16.smbfs FreeBSD Security Advisories
FreeBSD Security Advisory FreeBSD-SA-06:15.ypserv FreeBSD Security Advisories
multiple file inclusion exploits in ovidentia v5.8.0 black-cod3
ishopcart cgi 0day and multiple vulnerabilities bugtraq
TAL RateMyPic v1.0 luny
Snort HTTP Inspect Pre-Processor Uricontent Bypass Christian Swartzbaugh
Squirrelmail local file inclusion brokejunker
SyScan'06 - The Hackers' Conference in Asia thomas48
[SECURITY] [DSA 1085-1] New lynx-cur packages fix several vulnerabilities Martin Schulze
Re: Internet explorer Vulnerbility Alexander Sotirov
Corsaire Security Advisory - VMware ESX Server Cross Site Scripting issue advisories
Re: # MHG Security Team --- PHP NUKE All version Remote File Inc. rgod
[ MDKSA-2006:094 ] - Updated evolution packages fix DoS (crash) vulnerability on certain messages. security
CA Forum Remote SQL Injection omnipresent
Forensic memory dumping intricacies - PhysicalMemory, DD, and caching issues Arne Vidstrom
Joomla/Mambo CMS Component SimpleBoard 1.1 XSS-Vulnerabilities Yannick von Arx
RE: Internet explorer Vulnerbility Peter Kruse
Friday, 02 June
Re: PHPSimple Choose v0.3 prattmic
northstudio Cross Site Scripting Vulnerability CrAzY . CrAcKeR
SMF 1.0.7 and lower plus 1.1rc2 and lower - IP spoofing vulnerability/IP ban evasion vulnerability Jessica Hope
Re: my Web Server << v-1.0 Denial of Service Exploit Steven M. Christey
Re: [SECURITY] [DSA 1085-1] New lynx-cur packages fix several vulnerabilities Thomas Dickey
Re: Re: # MHG Security Team --- PHP NUKE All version Remote File Inc. nukedx
VMSA-2006-0002 - VMware Server sensitive information lifetime issue VMware Security Team
Weblog Oggi v1.0 luny
PHP ManualMaker v1.0 luny
Bytehoard 2.1 Remote File Include beford
Re: Jiwa Financials - Reporting allows execution of arbitrary reports as SQL user with full permissions. mikes
newsfactory Cross Site Scripting & SQL injection CrAzY . CrAcKeR
Re: Squirrelmail local file inclusion Paul Schmehl
Redaxo CMS <= 3.2 Remote File Include beford
New Snort Bypass - Patch - Bypass of Patch Sigint Consulting
aspWebLinks 2.0 Remote SQL Injection / Admin Pass Change Exploit ajannhwt
MyTrueHood.com - XSS luny
[SECURITY] [DSA 1086-1] New xmcd packages fix denial of service Martin Schulze
new bug webmaster
Pro Publish SQL Injection and XSS Vulnerabilities Soothackers
# MHG Security Team --- MyBloggie 2.1.1 version Remote File Include Vulnerabilit erne ayaz
[DRUPAL-SA-2006-005] Drupal 4.6.7 / 4.7.1 fixes SQL injection issue Uwe Hermann
[DRUPAL-SA-2006-007] Drupal 4.6.8 / 4.7.2 fixes arbitrary file execution issue Uwe Hermann
[DRUPAL-SA-2006-008] Drupal 4.6.8 / 4.7.2 fixes XSS issue Uwe Hermann
[DRUPAL-SA-2006-006] Drupal 4.6.7 / 4.7.1 fixes arbitrary file execution issue Uwe Hermann
rPSA-2006-0091-1 firefox thunderbird Justin M. Forbes
Re: Re: # MHG Security Team --- PHP NUKE All version Remote File Inc. Steven M. Christey
Re: New Snort Bypass - Patch - Bypass of Patch M. Dodge Mumford
Sunday, 04 June
Pixelpost <= 1-5rc1-2 multiple vulnerabilities rgod
[SECURITY] [DSA 1087-1] New PostgreSQL packages fix encoding vulnerabilities Martin Schulze
[ECHO_ADV_32$2006] SCart 2.0 Remote Code Execution eufrato
Critical SQL Injection in CoolForum gmdarkfig
[SECURITY] [DSA 1088-1] New centericq packages fix arbitrary code execution Martin Schulze
Blackhat USA 2006 - Review , remarks and proposal agenda newslist () security-briefings com
Re: # MHG Security Team --- MyBloggie 2.1.1 version Remote File Include Vulnerabilit nukedx
LocazoList Classifieds <= v1.05e(viewmsg.asp) Remote SQL Injection Vulnerability ajannhwt
phpBB2 (template.php) Remote File Inclusion canberx
[MajorSecurity #7]dotWidget CMS <= 1.0.6 - Remote File Include Vulnerability admin
[SECURITY] [DSA 1089-1] New freeradius packages fix arbitrary code execution Martin Schulze
Re: New Snort Bypass - Patch - Bypass of Patch M. Dodge Mumford
DotClear <= 1.2.4 'blog_dc_path' (php5) arbitrary remote inclusion rgod
LifeType <=1.0.4 'articleId' SQL injection rgod
Re: WBB<--v2.3.4"misc.php" SQL injection Vulnerability nukedx
Re: OaBoard 1.0 Remote File inclusion Botan Rizgar
Re: [Info Disclosure] Diesel PHP Job Site Latest Version John F Flynn III
Re: Fire fox dos exploit pagvac
RE: Fire fox dos exploit Andy
Re: Fire fox dos exploit Ronald van den Blink
Re: Fire fox dos exploit Yannick von Arx
Re: Re: Fire fox dos exploit vincenzo . ampolo
Re: Fire fox dos exploit Phil Trainor
Re: Internet explorer Vulnerbility Hariharan
Re: phpFoX All Version Login Exploit purefan
VMSA-2006-0001 - VMware ESX Server Cross Site Scripting issue VMware Security Team
Re: Fire fox dos exploit Ronald van den Blink
Re: Fire fox dos exploit Aaron Hopkins
Timberland Search XSS Vulnerability try_og
New <<BackTrack release announcement Max Moser
SMS "messages.php" SQL injection CrAzY . CrAcKeR
XSS in ICQ.com sn4k3 . 23
Monday, 05 June
Client buffer-overflow in Quake 3 engine (1.32c / rev 795) Luigi Auriemma
Bookmark4U Remote File Include selfar2002
# MHG Security Team ---Rumble 1.02 version Remote File Inc. erne
# MHG Security Team ---Rumble 1.02 version Remote File Inc. MSN : erne [at] ernealizm [dot] com
Re: [Full-disclosure] bug in oscomerce Frank Laszlo
CyBoards PHP Lite v1.25 (common.PHP) Remote File Inclusion SpC-x
Multiple Vendor NTFS Data Stream Malware Stealth Technique Joxean Koret
RE: phpBB2 (template.php) Remote File Inclusion Scrouaf _
LabWiki v1.0 luny
Kmita FAQ v1.0 luny
RE: Fire fox dos exploit Sanjay Rawat
TSLSA-2006-0032 - multi Trustix Security Advisor
LocazoList Classifieds <= v1.05e(viewmsg.asp) Remote SQL Injection Vulnerability ajannhwt
FunkBoard CF0.71 (profile.php) Remote User Pass Change Exploit ajannhwt
ewsEngine <= 1.5.0(newscomments.php) Remote SQL Injection Vulnerability ajannhwt
Advisory 04/2006: DokuWiki PHP code execution vulnerability in spellchecker Stefan Esser
Re: [Full Disclosure] [Kil13r-SA-20060520] Microsoft Internet Explorer Crash Vulnerability mac68k
[MajorSecurity #8]DreamAccount <= 3.1 - Remote File Include Vulnerability admin
[MajorSecurity #9]HostAdmin <= 3.1 - Remote File Include Vulnerability admin
Re: phpBB2 (template.php) Remote File Inclusion ad () heapoverflow com
Personal Information Disclosure/Account Hijacking Vulerability in mafia online games Ulrich Keil
Dmx Forum <= v2.1a Remote Passwords Disclosure gmdarkfig
Re: New Snort Bypass - Patch - Bypass of Patch Pukhraj Singh
[Kil13r-SA-20060605] Syworks SafeNET Policy File Vulnerability mac68k
[Kil13r-SA-20060606] ESTsoft InternetDISK Arbitary Code Execution Vulnerability mac68k
[KAPDA::#47] - myNewsletter 1.1.2 SQL_Injection farhadkey
Re: [Full-disclosure] RealVNC 4.1.1 Remote Compromise Tobias Kreidl
Re: Bookmark4U Remote File Include str0ke
ASPScriptz Guest Book 2.0 XSS omnipresent
Re: PCPIN Chat <= 5.0.4 "login/language" remote cmmnds xctn k . reznichak
Tuesday, 06 June
Re: Multiple Vendor NTFS Data Stream Malware Stealth Technique Andreas Marx
file include in Xtreme Downloads v.1.0 gamr-14
Re: phpBB2 (template.php) Remote File Inclusion Jessica Hope
Multiple file include exploits in Xtreme Downloads v.1.0 black code
Re: [Full-disclosure] RealVNC 4.1.1 Remote Compromise Kurt Seifried
Particle Gallery v1.0.0 luny
Partial Links v1.2.2 luny
ParticleSoft Whois v1.0.3 luny
Re: phpBB2 (template.php) Remote File Inclusion Aaron Klein
ParticleSoft Wiki v1.0.2 luny
[ MDKSA-2006:095 ] - Updated libtiff packages fixes tiffsplit vulnerability security
Re: phpBB2 (template.php) Remote File Inclusion Paul Laudanski
Re: # MHG Security Team --- MyBloggie 2.1.1 version Remote File Include Vulnerabilit Steven M. Christey
GANTTy v1.0.3 luny
Asterisk 1.2.9 and Asterisk 1.0.11 Released - Security Fix Matt Riddell (IT)
IRM 019: MailMarshal 6.1 SMTP MTA Content Filter Bypass IRM Advisories
[SECURITY] [DSA 1090-1] New spamassassin packages fix remote command execution Martin Schulze
libgd 2.0.33 infinite loop in GIF decoding ? rocheml
Re: [MajorSecurity #8]DreamAccount <= 3.1 - Remote File Include Vulnerability admin
Re: Squirrelmail local file inclusion Steven M. Christey
Wednesday, 07 June
[ GLSA 200606-02 ] shadow: Privilege escalation Sune Kloppenborg Jeppesen
RE: Fire fox dos exploit Jaroslaw Sajko
Re: Buffer-overflow and crash in Fenice OMS 1.10 giampaolo . mancini
bug on showwich.asp ip . chat
BloggIT <= 1.01 (admin.php) Arbitrary code execution Federico Fazzi
Re: IRM 019: MailMarshal 6.1 SMTP MTA Content Filter Bypass phil . mccracken
TinyPHP forum <= 3.6 Remote Command Execution Exploit hessamx
aWebNews <= 1.0 (login.php) Remote DocumentRoot file disclosure Federico Fazzi
Re: [Full-disclosure] RealVNC 4.1.1 Remote Compromise Ray Van Dolson
Re: Re: Fire fox dos exploit al4321
Re: WebCalendar-1.0.3 reading of any files craig
Re: [Info Disclosure] Diesel PHP Job Site Latest Version Ronald van den Blink
XSS on LarkinWEB & Company spymeta
Re: Squirrelmail local file inclusion pauls
ADVISORY - D-Link Wireless Access-Point news
Re: XSS in ICQ.com 321_321
[HV-LOW] Microsoft NetMeeting memory corruption (Brief) vuln
[ GLSA 200606-03 ] Dia: Format string vulnerabilities Sune Kloppenborg Jeppesen
rPSA-2006-0096-1 spamassassin Justin M. Forbes
Vice Stats 0.5b SQL injection CrAzY . CrAcKeR
[ GLSA 200606-05 ] Pound: HTTP request smuggling Sune Kloppenborg Jeppesen
Re: XSS in ICQ.com 321_321
MyBB 1.1.2 New XSS o . y . 6
[FLSA-2006:189137-1] Updated mozilla packages fix security issues Marc Deslauriers
[ GLSA 200606-04 ] Tor: Several vulnerabilities Sune Kloppenborg Jeppesen
[ GLSA 200606-01 ] Opera: Buffer overflow Sune Kloppenborg Jeppesen
[FLSA-2006:190777] Updated X.org packages fix security issue Marc Deslauriers
MiraksGalerie <= 2.62 Multiple Remote command execution Federico Fazzi
Calendar Express 2 SQL injection CrAzY . CrAcKeR
[FLSA-2006:189137-2] Updated firefox package fixes security issues Marc Deslauriers
Re: XSS in ICQ.com 321_321
[FLSA-2006:190941] Updated ipsec-tools package fixes security issue Marc Deslauriers
Re: [Full-disclosure] RealVNC 4.1.1 Remote Compromise Bojan Zdrnja
[FLSA-2006:190884] Updated squirrelmail package fixes security issues Marc Deslauriers
Thursday, 08 June
[ MDKSA-2006:096 ] - Updated openldap packages fixes buffer overflow vulnerability. security
[ MDKSA-2006:097 ] - Updated MySQL packages fixes SQL injection vulnerability. security
PBL Guestbook v1.31 - XSS luny
[ MDKSA-2006:098 ] - Updated postgresql packages fixes SQL injection vulnerabilities. security
Mafia Moblog Full Path Disclosure / SQL injection simo64
Babykatmedia.com scripts - vSCAL & vREAL - XSS Vulns luny
Chemical Directory - XSS luny
Easy Ad-Manager luny
[NOBYTES.COM: #12] ViArt Shop v2.5.5 - XSS Vulnerability John Cobb
[ GLSA 200606-06 ] AWStats: Remote execution of arbitrary code Sune Kloppenborg Jeppesen
[MajorSecurity #10]i.List <= 1.5 - XSS admin
MiraksGalerie <= 2.62 Multiple Remote command execution Federico Fazzi
E-Dating System from scriptsez.net - XSS luny
[SECURITY] [DSA 1093-1] New xine-ui packages fix denial of service Martin Schulze
Ez Ringtone Manager from scriptez.net - XSS luny
GUESTEX guestbook code execution root
[USN-291-1] FreeType vulnerabilities Martin Pitt
cms-bandits 2.5, Remote command execution Federico Fazzi
Tikiwiki 1.9.3.2 security release marc
Internet Explorer vulnerbility Mr . Niega
Uninformed Journal Release Announcement: Volume 4 Uninformed Journal
Mathcad Area Lock Vulnerability bugtraq
NPDS <= 5.10 Local Inclusion, XSS, Full path disclosure gmdarkfig
Back-end = 0.7.2.1 (jpcache.php) Remote command execution Federico Fazzi
PHP-Nuke <= 7.9 Search XSS Vulnerability try_og
[SECURITY] [DSA 1091-1] New TIFF packages fix arbitrary code execution Martin Schulze
Re: phpBannerExchange 2.0 Directory Traversal Vulnerability mopeygoff
bug of script injection in shoutcast servers mantasjadzevicius
Re: IRM 019: MailMarshal 6.1 SMTP MTA Content Filter Bypass Hayden Searle
Re: Tiny Web Gallery <= 1.4 XSS tinywebgallery
Ie opera dos exploit co296
[USN-289-1] tiff vulnerabilities Martin Pitt
rPSA-2006-0098-1 gdm Justin M. Forbes
'Multiple Sql injection and XSS in integramod portal ahwaz
Re: Multiple Vendor NTFS Data Stream Malware Stealth Technique Gadi Evron
[SECURITY] [DSA 1092-1] New MySQL 4.1 packages fix SQL injection Martin Schulze
Re: [Full-disclosure] RealVNC 4.1.1 Remote Compromise Jose Ramirez
Re: aWebNews <= 1.0 (login.php) Remote DocumentRoot file disclosure str0ke
[security bulletin] HPSBMA02121 SSRT061157 rev.2 - HP OpenView Storage Data Protector Remote Arbitrary Command Execution security-alert
[security bulletin] HPSBUX02090 SSRT051058 rev.2 - HP-UX Secure Shell Remote Denial of Service (DoS) security-alert
SSL VPNs and security Michal Zalewski
Friday, 09 June
[USN-295-1] xine-lib vulnerability Martin Pitt
Re: SSL VPNs and security Amit Klein (AKsecurity)
[ GLSA 200606-07 ] Vixie Cron: Privilege Escalation Sune Kloppenborg Jeppesen
[USN-294-1] courier vulnerability Martin Pitt
[SECURITY] [DSA 1094-1] New gforge packages fix cross-site scripting Moritz Muehlenhoff
okscripts.com - XSS Vulns luny
Dell Openmanage CD Vulnerability wiz561
iFoto v0.20-06/06/06 luny
[USN-292-1] binutils vulnerability Martin Pitt
phazizGuestbook v2.0 - XSS luny
[USN-293-1] gdm vulnerability Martin Pitt
Re: PHP-Nuke <= 7.9 Search XSS Vulnerability try_og
Docebo CMS 3.0.3, Remote command execution Federico Fazzi
Docebo Core 3.0.3, Remote command execution Federico Fazzi
mole.com.ua Booking Script luny
Re: libgd 2.0.33 infinite loop in GIF decoding ? Xavier Roche
mole.com.ua Ticket Booking Script - XSS luny
Re: DGbook v1.0 - XSS diangemilang
Docebo Kms 3.0.3, Remote command execution Federico Fazzi
MobeSpace v2.0 - XSS luny
Docebo Lms 3.0.3, Remote command execution Federico Fazzi
Re: SSL VPNs and security E Mintz
Re: SSL VPNs and security Michal Zalewski
[ GLSA 200606-08 ] WordPress: Arbitrary command execution Sune Kloppenborg Jeppesen
Secunia Research: SelectaPix Cross-Site Scripting and SQL Injection Vulnerabilities Secunia Research
Secunia Research: AutoMate unacev2.dll Buffer Overflow Vulnerability Secunia Research
TinyMuw v1.0 - XSS luny
PHP-Nuke Download Module Remote SQL Injection BuNy-m
CORE-2006-0327: IAXclient truncated frames vulnerabilities Core Security Technologies advisories
Contensis CMS XSS vunerability smigofthedump
Re: IRM 019: MailMarshal 6.1 SMTP MTA Content Filter Bypass alberto
[USN-288-2] PostgreSQL server/client vulnerabilities Martin Pitt
[USN-288-3] PostgreSQL client vulnerabilities Martin Pitt
Windows Software Restriction Policy Protection Bypass 3APA3A
P.A.I.D v2.2 luny
ST AdManager Lite v1 luny
Re: [Full-disclosure] Windows Software Restriction Policy Protection Bypass Dinis Cruz
0verkill 0.6, Remote integer overflow Federico Fazzi
TSLSA-2006-0034 - multi Trustix Security Advisor
[USN-296-1] firefox vulnerabilities Martin Pitt
[Kil13r-SA-20060609-1] Daum Search Cross-Site Scripting Vulnerability mac68k
[Kil13r-SA-20060609-2] DaNaWa Search Cross-Site Scripting Vulnerability mac68k
[Kil13r-SA-20060609-3] DreamWiz Search Cross-Site Scripting Vulnerability mac68k
CORE-2006-0330: Asterisk PBX truncated video frame vulnerability Core Security Technologies advisories
rPSA-2006-0099-1 openldap openldap-clients openldap-servers Justin M. Forbes
Saturday, 10 June
[SECURITY] [DSA 1095-1] New freetype packages fix several vulnerabilities Martin Schulze
Ringlink v3.2 - XSS luny
fx-APP Version 0.0.8.1 luny
AsianXO.com - XSS with cookie data include luny
Tempinbox.com luny
[MajorSecurity #11]OpenCMS<= 6.2.1 - XSS admin
[MajorSecurity #13]Cabacos Web CMS<= 3.8 - XSS admin
[MajorSecurity #14]CFXe-CMS <= 2.0 - XSS admin
Joomla! 1.0 Remote File Inclusion c4nberx
[MajorSecurity #12]ZMS<= 2.9 - XSS admin
ERRATA: [ GLSA 200604-10 ] zgv: Heap overflow Sune Kloppenborg Jeppesen
[KAPDA::#47] - Snitz Forum <= 3.4.05 SQL-Injection Vulnerability farhadkey
Monday, 12 June
[ GLSA 200606-10 ] Cscope: Many buffer overflows Sune Kloppenborg Jeppesen
igloo DoubleSpeak v 0.1 Multiple remote file inclusion aminrayden
Mydeardiary.com - XSS luny
Diaryland.com - XSS luny
[ GLSA 200606-11 ] JPEG library: Denial of Service Sune Kloppenborg Jeppesen
[ GLSA 200606-12 ] Mozilla Firefox: Multiple vulnerabilities Sune Kloppenborg Jeppesen
[ GLSA 200606-13 ] MySQL: SQL Injection Sune Kloppenborg Jeppesen
5 Star Review - review-script.com - XSS w/ cookie output luny
Secunia Research: MyBB "domecode()" PHP Code Execution Vulnerability Secunia Research
Lycos.com - XSS vulnerability admin
Hotbot.com - XSS vulnerability in search engine admin
Re: iFoto v0.20-06/06/06 aizu . ikmal
vbulletin.com Multiple XSS Vulnerabilities chris
WinSCP - URI Handler Command Switch Parsing Jelmer Kuperus
RCblog 1.03 Directory Traversal [index.php] irc0d3r
CS-Forum <= 0.81 Cross Site Scripting, SQL Injection, Full Path Disclosure gmdarkfig
tempnam() Bypass unique file name PHP 5.1.4 cxib
Wanderlist.com - XSS vuln with sessions disclosure luny
Myscrapbook v3.1 - XSS luny
PaintedOver.com, Inc. 2004-2006 Xss Vulnerabilities redl_ine
[KAPDA::48]CopperminePhotoGallery1.4.8~ addhit() function~ SQLinjection attack addmimistrator
Foing (manage_songs.php) Remote File Inclusion[phpBB] darkfire
Opengaia.com - XSS Vuln & Session Include luny
sorry i wrong something, this is original AWF CMS 1.11 adv Federico Fazzi
Nowtalking.com - XSS luny
Wireclub.com - XSS & cookie disclosure luny
cescripts.com - XSS luny
Virtualtourist.com - XSS with cookie disclosure luny
ThWboard 3.0 <= SQL Injection 666
Windows XP Task Scheduler Local Privilege Escalation (Advisory) zipk0der
Stargazer.org - XSS with Session output luny
Onlinenode.com - XSS luny
[ GLSA 200606-14 ] GDM: Privilege escalation Sune Kloppenborg Jeppesen
Re: igloo DoubleSpeak v 0.1 Multiple remote file inclusion str0ke
rPSA-2006-0100-1 freetype Justin M. Forbes
[ MDKSA-2006:099 ] - Updated freetype2 packages fixes multiple vulnerabilities. security
Re: SSL VPNs and security wnorth
RE: Internet Explorer vulnerbility Greg Merideth (Forward Technology)
myPHP Guestbook 2.0.2 XSS Vulnerabilitie x0r_1
Re: SSL VPNs and security thanekamp
Flork.com luny
Vampirefreaks.com - XSS with cookie disclosure luny
# MHG Security Team --- PHORUM 5.1.13 Remote File Inc. erne
[EEYEB-20060524] Symantec Remote Management Stack Buffer Overflow eEye Advisories
[ GLSA 200606-09 ] SpamAssassin: Execution of arbitrary code Sune Kloppenborg Jeppesen
Meefo.com - XSS with cookie include luny
Re: SSL VPNs and security E Mintz
Re: Internet Explorer vulnerbility Andrei Ponomarev
Yourfacesucks.com - XSS & cookie disclosure luny
Blackplanet.com - XSS & cookie disclosure vuln. luny
Re: Ie opera dos exploit Daniel Hoffmann
Re: Windows XP Task Scheduler Local Privilege Escalation (Advisory) Eliah Kagan
Invision Power Board XSS kepche
Re: Internet Explorer vulnerbility Michael N. Telnov
internet explorer vulnerability based on MarjinZ & Mr.Niega discovered Kevin Berkane
[FSA013] phpCMS 1.2.1pl2, Remote command execution Federico Fazzi
Call For Papers - No cON Name 2006 Edition Spain Jose Nicolas Castellano
Emllabs.com - XSS luny
Content-Builder (CMS) 0.7.5, Remote command execution Federico Fazzi
DCP-Portal 6.1.x, Remote command execution Federico Fazzi
Tuesday, 13 June
Re: BUGTRAQ:20060611 ThWboard 3.0 <= SQL Injection Steven M. Christey
Re: SSL VPNs and security Michal Zalewski
VBZooM <<-- V1.11 "show.php" SQL injection CrAzY . CrAcKeR
VBZooM <<--V1.02 "meaning.php" SQL injection CrAzY . CrAcKeR
VBZooM <<--V1.11 "subject.php" SQL injection CrAzY . CrAcKeR
[SECURITY] [DSA 1096-1] New webcalendar packages fix arbitrary code execution Martin Schulze
VBZooM <<--V1.01 "language.php" SQL injection CrAzY . CrAcKeR
multiple Xss exploits in 35mmslidegallery V6 black code
Simpnews <= All version - Remote File Include Vulnerabilities SpC-x
High Risk Vulnerability in Microsoft Windows RASMAN Service Peter Winter-Smith
iDefense Security Advisory 06.13.06: Windows MRXSMB.SYS MRxSmbCscIoctlOpenForCopyChunk Overflow labs-no-reply
iDefense Security Advisory 06.13.06: Microsoft Internet Explorer ART File Heap Corruption Vulnerability labs-no-reply
ZDI-06-017: Microsoft Internet Explorer UTF-8 Decoding Heap Overflow Vulnerability zdi-disclosures
PHP MESSENGER 1.0 Version - Remote File Include Vulnerability SpC-x
Jobline 1 1 1 Version - Remote File Include Vulnerability SpC-x
Amr Talkbox talkbox.PHP - Remote File Include Vulnerabilities SpC-x
S H O U T B O X (v1.5) Version - Remote File Include Vulnerability SpC-x
iDefense Security Advisory 06.13.06: Windows MRXSMB.SYS MrxSmbCscIoctlCloseForCopyChunk DoS labs-no-reply
Re: Shoutpro 1.0 Version - Remote File Include Vulnerability Steven M. Christey
Ltwcalendar 4.1.3 version - Remote File Include Vulnerabilities SpC-x
[REVERSEMODE ADVISORY] MS06-030 - Microsoft Mrxsmb.sys privilege escalation advisory Reversemode
# MHG Security Team --- PHPAskIt v2.0.1 Remote File Inc. erne
Re: Simpnews <= All version - Remote File Include Vulnerabilities str0ke
Web-CMS <<--1.0 "print.php" SQL injection CrAzY . CrAcKeR
[REVERSEMODE ADVISORY] MS06-030 NtClose DeadLock. Reversemode
TikiWiki Sql injection & XSS Vulnerabilities bug () securitynews ir
Re: vbulletin.com Multiple XSS Vulnerabilities contact
blur6ex <= 0.3.462 'ID' blind sql injection rgod
Re: PHP-Nuke <= 7.9 Search XSS Vulnerability Paul Laudanski
REMOTE FILE INCLUSION ( ALL ) SpC-x
iDefense Security Advisory 06.13.06: Windows Media Player PNG Chunk Decoding Stack-Based Buffer Overflow labs-no-reply
RE: Dell Openmanage CD Vulnerability Michael Scheidell
Chipmailer <= 1.09 Multiple Vulnerabilities tamriel
RE: Windows Software Restriction Policy Protection Bypass Roger A. Grimes
GamePlay.co.uk XSS charlie
PhpMyFactures 1.0 Cross Site Scripting, SQL Injection, Full Path Disclosure and others gmdarkfig
Oracle DBMS_STANDARD security problem putosoft softputo
Re: PaintedOver.com, Inc. 2004-2006 Xss Vulnerabilities reports
file include exploits in mcGuestbook 1.3 gamr-14
SYMSA-2006-004: Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution research
Simpleshout 1.6.0 Version - Remote File Include Vulnerability SpC-x
ZDI-06-018: Microsoft Internet Explorer DXImageTransform ActiveX Memory Corruption Vulnerability zdi-disclosures
Shoutpro 1.0 Version - Remote File Include Vulnerability SpC-x
G Shout 1.3.1 Version - Remote File Include Vulnerability SpC-x
[MajorSecurity #17] SixCMS <= 6 - Multiple XSS and directory traversal vulnerabilities admin
Wednesday, 14 June
[USN-297-1] Thunderbird vulnerabilities Martin Pitt
[USN-298-1] libgd2 vulnerability Martin Pitt
[USN-288-4] dovecot regression fix Martin Pitt
Secunia Resaerch: Internet Explorer Exception Handling Memory Corruption Vulnerability Secunia Research
[USN-299-1] dhcdbd vulnerability Martin Pitt
Black Hat Speakers + 2005 Content on-line Jeff Moss
Secunia Research: PicoZip "zipinfo.dll" Multiple Archives Buffer Overflow Secunia Research
[ MDKSA-2006:099-1 ] - Updated freetype2 packages fixes multiple vulnerabilities. security
[ MDKSA-2006:100 ] - Updated gdm packages fix vulnerability security
Re: REMOTE FILE INCLUSION ( ALL ) Steven M. Christey
Freeze Greetings Cards PWD.txt alp_eren
bbrss PhpBB (phpbb_root_path) Remote File Inclusion SpC-x
wbb<<--v 2.2.2 "thread.php" SQL injection CrAzY . CrAcKeR
wbb<<--v 2.2.1 "studienplatztausch.php" SQL injection CrAzY . CrAcKeR
wbb<<--v 2.1.6 "profile.php" SQL injection CrAzY . CrAcKeR
[ GLSA 200606-16 ] DokuWiki: PHP code injection Sune Kloppenborg Jeppesen
SEC Consult SA-20060613-0 :: Outlook Web Access Cross Site Scripting Vulnerability SEC Consult Research
Flipper Poll (root_path) Remote File Inclusion SpC-x
[ GLSA 200606-15 ] Asterisk: IAX2 video frame buffer overflow Sune Kloppenborg Jeppesen
Fusion Polls (xtrphome) Remote File Inclusion SpC-x
[KDE Security Advisory] KDM symlink attack vulnerability Dirk Mueller
[SECURITY] [DSA 1097-1] New Kernel 2.4.27 packages fix several vulnerabilities Moritz Muehlenhoff
PhpBlueDragon CMS 2.9.1, File inclusion vulnerability Federico Fazzi
MySQL DoS Kanatoko
[ MDKSA-2006:101 ] - Updated squirrelmail packages fix vulnerabilities security
[SECURITY] [DSA 1098-1] New horde3 packages fix cross-site scripting Moritz Muehlenhoff
[ MDKSA-2006:102 ] - Updated libtiff packages fixes tiff2pdf vulnerability security
[FSA016] ISPConfig 2.2.3, File inclusion vulnerability Federico Fazzi
[USN-301-1] kdm vulnerability Martin Pitt
[ MDKSA-2006:103 ] - Updated spamassassin packages fix vulnerability security
Secunia Research: CMS Mundo SQL Injection and File Upload Vulnerabilities Secunia Research
EC2ND - Call for Papers Blyth A J C (Comp)
[SECURITY] [DSA 1099-1] New horde2 packages fix cross-site scripting Moritz Muehlenhoff
FreeBSD Security Advisory FreeBSD-SA-06:17.sendmail FreeBSD Security Advisories
Secunia Research: DeluxeBB SQL Injection and File Inclusion Vulnerabilities Secunia Research
[USN-300-1] wv2 vulnerability Martin Pitt
Thursday, 15 June
Re: Amr Talkbox talkbox.PHP - Remote File Include Vulnerabilities Steven M. Christey
ePrayver v.Alpha - XSS luny
APBoard 2.2-r3 <= SQL Injections 666
[ MDKSA-2006:104 ] - Updated sendmail packages fix remotely exploitable vulnerability security
Re: MySQL DoS Tonnerre Lombard
[SECURITY] [DSA 1100-1] New wv2 packages fix integer overflow Martin Schulze
MP3 Search/Archive v1.2 - XSS luny
Advisory: Authentication bypass in phpBannerExchange RedTeam Pentesting
Advisory: Unauthorized password recovery in phpBannerExchange RedTeam Pentesting
HotPlugCMS_1.0 - SQL Injection Vulnerability guest01
Andys Chat 4.5 (action) Remote File Inclusion SpC-x
[USN-297-2] Thunderbird extensions update for recent security update Martin Pitt
[ GLSA 200606-18 ] PAM-MySQL: Multiple vulnerabilities Sune Kloppenborg Jeppesen
Regarding "SMB Invalid Handle Value" - MS06-030. Vulnerability not fixed. Reversemode
[ GLSA 200606-19 ] Sendmail: Denial of Service Sune Kloppenborg Jeppesen
[ GLSA 200606-17 ] OpenLDAP: Buffer overflow Sune Kloppenborg Jeppesen
rPSA-2006-0106-1 kdebase Justin M. Forbes
HotPlugCMS 1.0, Cross-Site Scripting Vulnerabilities Federico Fazzi
rPSA-2006-0105-1 arts Justin M. Forbes
Friday, 16 June
TSLSA-2006-0036 - multi Trustix Security Advisor
dvdwolf SQL injection/XSS CrAzY . CrAcKeR
[USN-303-1] MySQL vulnerability Martin Pitt
Boardhost.com - XSS luny
[security bulletin] HPSBUX02115 SSRT061077 rev.1 - HP-UX running Support Tools Manager (xstm, cstm, stm) Local Denial of Service (DoS) security-alert
Develooping Flash Chat (banned_file) Remote File Inclusion SpC-x
Re: Several flaws in e-business designer (eBD) ebd . soporte
aXentForum II XSS vuLLn SnoBmsn
Indexu v 5.0.01 Multiple Remote File Include Vulnerabilities KARKOR23
file include exploits in nucleus 3.23 gamr-14
Re: [FSA016] ISPConfig 2.2.3, File inclusion vulnerability t . brehm
Chatizens.com - XSS with cookie disclosure luny
Calendarix 0.7.20060401, SQL Injection Vulnerabilities Federico Fazzi
Ji-takz Chat (mycfg) Remote File Inclusion SpC-x
Carspace.com - XSS with cookie disclosure luny
Zeroboard File Upload & extension bypass Vulnerability mins
Cisco Secure ACS Cross Site Scripting Vulnerability. liam . romanis
Blacksingles.com - XSS & cookie disclosure luny
file include exploits in mcGuestbook 1.3 SWEET SWEET
PHP security (or the lack thereof) Darren Reed
[ MDKSA-2006:105 ] - Updated kdebase packages fix local vulnerability in kdm security
PictureDis Products "lang" Parameter File Inclusion Vulnerability root-hacked
Re: Secunia Research: PicoZip "zipinfo.dll" Multiple Archives BufferOverflow c0rrupt
[ MDKSA-2006:106 ] - Updated mdkkdm packages fix local vulnerability security
Re: [Bugtraq ID: 17909] ISPConfig Session.INC.PHP Remote File Include Vulnerability t . brehm
Youtube.com - XSS & cookie disclosure luny
Bingbox.com - XSS & cookie disclosure luny
Saturday, 17 June
RE: Cisco Secure ACS Cross Site Scripting Vulnerability. Paul Oxman (poxman)
file include exploits in dotwidgeta Version 2 SWEET SWEET
Simple PHP Poll Authecnication Admin ByPass alp_eren
Netscape.com - Cross site scripting vulnerability admin
webcrawler.com - Cross site scripting vulnerability admin
GreatDomains.com - XSS with cookie disclosure admin
Re: PHP security (or the lack thereof) Bojan Zdrnja
Re: PHP security (or the lack thereof) Steven M. Christey
bitweaver <= v1.3 multiple vulnerabilities rgod
[ECHO_ADV_33$2006] CMS Faethon 1.3.2 mainpath Remote File Inclusion eufrato
Re: PHP security (or the lack thereof) Jose Nazario
Housecarers.com - XSS & cookie disclosure luny
Dealgates.com - XSS with cookie disclosure luny
Re: Bingbox.com - XSS & cookie disclosure Sven Vetsch
Mambo <= 4.6rc1 sql injection rgod
Cline Communications Sql injection liz0
Hotscripts.com - XSS with cookie disclosure luny
XSS in GardenWeb nanoymaster
Apnaspace.com - XSS with cookie disclosure luny
Cybersocieties.com - XSS & cookie disclosure luny
Re: SSL VPNs and security Eloy Paris
hi5.com - XSS with cookie disclosure luny
Re: GamePlay.co.uk XSS Patrick Morris
Re: RE: Internet Explorer vulnerbility Charles Hamby
ISO.org - XSS vulnerability admin
alipager xss attack s3rv3r_hack3r
Proof of concept: mybb 1.1.2 remote code execution Javier Olascoaga
[Kurdish Security # 8] DCP-Portal Remote File Include Vulnerability [Editor DHTML] botan
Facerave.com - XSS & sessions disclosure luny
animesuki XSS nanoymaster
Re: PHP Advanced Transfer Manager Download users password hashes jn
Windowsitpro.com - XSS with cookie disclosure luny
Ratescene.co.uk - XSS with session disclosure luny
Macworld.com - XSS vulnerability admin
About.com - XSS with cookie disclosure luny
Ratemylook.co.uk - XSS with session disclosure luny
Re: Ie opera dos exploit Nathaniel Hasenfus
Palm.com - XSS vulnerability admin
webcrawler.com - XSS vulnerability in search-engine admin
VampireFreaks journal XSS nanoymaster
Ashop Search Module SQL injection entrika_fs
Facetherating.com - XSS & session disclosure luny
Sunday, 18 June
Confixx <= 3 kr4ch
Confixx <= 3 kr4ch
B3ta.com - XSS with cookie disclosure luny
Biblenet.net - XSS luny
SinFP 2.00 - a major release with many new features GomoR
RahnemaCo Remote File Inclusion Exploit Breeeeh
Re: REMOTE FILE INCLUSION ( ALL ) eufrato
Blogspot.com - XSS with cookie disclosure luny
43things.com - XSS with cookie disclosure luny
Technorati.com - XSS with cookie disclosure luny
Re: MySQL DoS xhire
PTT.yu Guestbook Vulnebility us3rg0d
vbzoom V1.11 forum.php SQL Injection Vulnerabilities KARKOR23
mp3.com - Cross site scripting vulnerability admin
XSS in http://www.newscientist.com/ - Search viz . security
Monday, 19 June
MPCS v0.2 - XSS luny
Microsoft Excel 0-day Vulnerability FAQ document written Juha-Matti Laurio
[security bulletin] HPSBTU02116 SSRT061135 rev.2 - HP Tru64 UNIX and HP Internet Express for Tru64 UNIX Running sendmail, Remote Execution of Arbitrary Code or Denial of Service (DoS) security-alert
e107 v0.7.5 XSS securityconnection
Re: [MajorSecurity #17] SixCMS <= 6 - Multiple XSS and directory traversal vulnerabilities ellinger
VBZooM <<--V1.00 "rank.php" SQL injection CrAzY . CrAcKeR
XSS Vulnerability in Maximus SchoolMAX Fixer
VBZooM <<--V1.11 "message.php" SQL injection CrAzY . CrAcKeR
vuBB <= 0.2.1 [BFA] SQL Injection Exploit + Advisory link gmdarkfig
VBZooM <<--V1.00 "lng.php" SQL injection CrAzY . CrAcKeR
SaphpLesson<<--1.1 "misc.php" SQL injection CrAzY . CrAcKeR
PHP Live Helper <=([abs_path]) Remote File Include Vulnerabilities selfar2002
[ GLSA 200606-21 ] Mozilla Thunderbird: Multiple vulnerabilities Sune Kloppenborg Jeppesen
onedotoh xss atack alijsb
[ GLSA 200606-20 ] Typespeed: Remote execution of arbitrary code Sune Kloppenborg Jeppesen
Re: PHP security (or the lack thereof) Geo.
Easy CMS 0.1.2 Php Shell Upload Vulnerabilities liz0
singapore gallery <= 0.10.0 Multiple Vulnerabilities simo64
WeBBoA Hosting Script SQL Injection entrika_fs
Re: PHP Live Helper <=([abs_path]) Remote File Include Vulnerabilities stormhacker
Dragons Kingdom v1.0 - XSS & cookie disclosure luny
Re: PHP security (or the lack thereof) Neil Neely
Vm ware 0day dos exploit by n00b. co296
qtofilemanager xss attack ! alijsb
V3Chat Instant Messenger - XSS luny
Input Validation/Output Encoding Vulnerabilities in Cisco CallManager Allow Script Injection Attacks Reynolds, Jake
Tuesday, 20 June
Janus Contact Charles Hamby
Re: Vm ware 0day dos exploit by n00b. Paul Szabo
Re: Vm ware 0day dos exploit by n00b. Eliah Kagan
trifinite Security Advisory: Buffer Overrun in Toshiba Bluetooth Stack for Windows Martin Herfurt
display.cgi soltan_defacer
Multiple Bypass and Integrity Lost Vulnerabilities egavriil
vBulletin<<--v3.5.X "member.php" Cross Site Scripting CrAzY . CrAcKeR
[MajorSecurity #18] Ralf Image Gallery <=0.7.4 - Multiple XSS, Remote File Include and directory traversal vulnerabilities admin
Re: MAXDEV CMS Multiple vulnerabilities pete
Module's Name Downloads <<--V 7 SQL injection CrAzY . CrAcKeR
Module's Name Content<<--V1.0 SQL injection CrAzY . CrAcKeR
RahnemaCo "page.php" Remote File Inclusion[2] CrAzY . CrAcKeR
ULtimate PHP Board <= 1.96 GOLD Code Execution (exploit code) mbrooks
Wednesday, 21 June
[ MDKSA-2006:107 ] - Updated arts packages fix vulnerability in artswrapper security
JEdit ActiveX Control Information Disclosure vulnerability bulten
Sendmail MIME DoS vulnerability Jain, Siddhartha
Re: Vacation Retal Script v1.0 radu
[ MDKSA-2006:108 ] - Updated xine-lib packages fix buffer overflow vulnerabilities security
Opera 9 DoS PoC N9
Bypassing of web filters by using ASCII k . huwig
Re: display.cgi eufrato
Re: Bypassing of web filters by using ASCII Fixer
[ MDKSA-2006:110 ] - Updated gnupg packages fix vulnerability security
Re: possible SQL injection in Subdreamer ziad
Re: file include exploits in nucleus 3.23 nukedx
Re: # MHG Security Team --- PHORUM 5.1.13 Remote File Inc. brian
Re: PHP security (or the lack thereof) Jessica Hope
Eduha Meeting php shell upload Vulnerabilities liz0
Re: PHP security (or the lack thereof) Alan J Rosenthal
Re: PHP security (or the lack thereof) kicktd
Re: PHP security (or the lack thereof) Geo.
Digital Armaments July-August Hacking Challange: Microsoft info
cjGuestbook v1.3 - XSS luny
Excel 0-day FAQ updated with Microsoft advisory information Juha-Matti Laurio
Somechess v1.5 rc1 - XSS luny
Re: Bypassing of web filters by using ASCII Paul
[ MDKSA-2006:109 ] - Updated wv2 packages fix vulnerability security
Thursday, 22 June
Re: Bypassing of web filters by using ASCII Kurt Huwig
Re: Bypassing of web filters by using ASCII RSnake
Re: Bypassing of web filters by using ASCII Kurt Huwig
Re: PHP security (or the lack thereof) Crispin Cowan
MS Excel Remote Code Execution POC Exploit naveed
Re: aXentForum II XSS vuLLn Steven M. Christey
Re: Bypassing of web filters by using ASCII Amit Klein (AKsecurity)
Re: V3Chat Instant Messenger - XSS support
Re: Bypassing of web filters by using ASCII Kurt Huwig
VigilantMinds Advisory: Opera JPEG Processing Integer Overflow Vulnerability (VMSA-20060621-01) VigilantMinds Advisories
Re: Bypassing of web filters by using ASCII Hubert Seiwert
[ GLSA 200606-22 ] aRts: Privilege escalation Sune Kloppenborg Jeppesen
RE: MS Excel Remote Code Execution POC Exploit Jain, Siddhartha
Re: MS Excel Remote Code Execution POC Exploit naveed
[ GLSA 200606-23 ] KDM: Symlink vulnerability Sune Kloppenborg Jeppesen
Re: Bypassing of web filters by using ASCII Amit Klein (AKsecurity)
Friday, 23 June
flock d0s exploit remote. beta 1 (v0.7) co296
[SECURITY] [DSA 1101-1] New courier packages fix denial of service Martin Schulze
Re: MS Excel Remote Code Execution POC Exploit Steven M. Christey
vlbook 1.2 XSS Bug omnipresent
[SNS Advisory No.88] Webmin Directory Traversal Vulnerability snsadv () lac co jp
QaTraq 6.5 RC: Multiple XSS Vulnerabilities enji
[KAPDA]Coppermine 1.4.8~Parameter Cleanup System ByPass~Registering Global Varables addmimistrator
[security bulletin] HPSBUX02127 SSRT051056 - rev.1 HP-UX Kernel Local Denial of Service (DoS) security-alert
RE: Bypassing of web filters by using ASCII James C. Slora Jr.
TSLSA-2006-0037 - multi Trustix Security Advisor
aeDating 4.1 XSS securityconnection
Trend Micro Control Manager (TMCM) Persistent XSS Vulnerability Darren Bounds
Dating Agent PRO 4.7.1 Vulnerability securityconnection
Cisco Secure ACS Weak Session Management Vulnerability Darren Bounds
Re: Bypassing of web filters by using ASCII Amit Klein (AKsecurity)
Re: Re: PHP security (or the lack thereof) nabiy
[ GLSA 200606-24 ] wv2: Integer overflow Stefan Cornelius
DREAMACCOUNT V3.1 Remote Command Execution Exploit KARKOR23
[Kil13r-SA-20060622-1] NetSoft SmartNet 2.0 Cross-Site Scripting Vulnerability mac68k
Linux VNC evil client patch - BID 17978 embyte
rPSA-2006-0110-1 kernel Justin M. Forbes
Re: Digital Armaments July-August Hacking Challange: Microsoft Alexander Sotirov
productcart soltan_defacer soltan_defacer
Dating biz@ dating script v1.0 - XSS luny
WBB<<---v1.2 "showmods.php" SQL Injection CrAzY . CrAcKeR
[KAPDA]MyBB1.1.3~Option update for code buttons~Sql Injection Admin Access addmimistrator
Re: Opera 9 DoS PoC Darren Clarke
Re: PHP security (or the lack thereof) Crispin Cowan
Calendar ( Provided by Codewalkers ) - SQL Injection Silitix
Re: PHP security (or the lack thereof) john mullee
[ECHO_ADV_34$2006] W-Agora (Web-Agora) <= 4.2.0 (inc_dir) Remote File Inclusion the_day
WBB<<---v2.3.1"report.php" SQL Injection CrAzY . CrAcKeR
SYMSA-2006-005 research
phpBlueDragon CMS 2.9.1 multiple remote file inclusion vuln rozowa . landrynka
Re: Bypassing of web filters by using ASCII Thor (Hammer of God)
[Kil13r-SA-20060622-2] Namo DeepSearch 4.5 Cross-Site Scripting Vulnerability mac68k
Re: Sendmail MIME DoS vulnerability Gadi Evron
Re: PHP security (or the lack thereof) Geo.
Re: Opera 9 DoS PoC Bruno Lustosa
Saturday, 24 June
WBB<<---v2.0 RC2 "newthread.php" SQL Injection CrAzY . CrAcKeR
Re: Re: MS Excel Remote Code Execution POC Exploit Juha-Matti Laurio
Softbiz Dating 1.0 SQL injection securityconnection
Re: Cisco Secure ACS Weak Session Management Vulnerability Clayton Kossmeyer
Monday, 26 June
Re: PHP security (or the lack thereof) Ronald Chmara
ERNW Security Advisory 01/2006 mozilla
[Kurdish Security # 9] MyMail Directory Traversal And XSS Attacking Vulnerability botan
Re: Opera 9 DoS PoC Laurent
RE: PHP security (or the lack thereof) Geo.
Claroline Cross-Site Scripting Vulnerabilities bug () securitynews ir
DeluxeBB 1.07 Create admin Exploit Hessamx
Planetnews Authecnication Admin ByPass alp_eren
[SECURITY] [DSA 1102-1] New pinball packages fix privilege escalation Steve Kemp
[USN-304-1] gnupg vulnerability Martin Pitt
Re: Bypassing of web filters by using ASCII Vincent Archer
XSS in Cpanel 10 preth00nker
[ GLSA 200606-25 ] Hashcash: Possible heap overflow Thierry Carrez
[ GLSA 200606-26 ] EnergyMech: Denial of Service Thierry Carrez
RE: Bypassing of web filters by using ASCII James C. Slora Jr.
Re: PHP security (or the lack thereof) Paul Schmehl
Re: PHP security (or the lack thereof) Matthias Kestenholz
Re: PHP security (or the lack thereof) Mrten
Re: vBulletin<<--v3.5.X "member.php" Cross Site Scripting scott
Re: flock d0s exploit remote. beta 1 (v0.7) Chris Rothecker
[ MDKSA-2006:111 ] - Updated MySQL packages fixes authorized user DoS(crash) vulnerability. security
Re: Bypassing of web filters by using ASCII David Huecking
[KAPDA]MyBB1.1.3~Option update for code buttons~Sql Injection Admin Access addmimistrator
Re: MS Excel Remote Code Execution POC Exploit naveed
Re: Linux VNC evil client patch - BID 17978 embyte
RE: Bypassing of web filters by using ASCII Amit Klein (AKsecurity)
GlobeTrotter Mobility Manager - security issue dzelek
Mailenable SMTP Service DoS db0
RE: Bypassing of web filters by using ASCII RSnake
Re: PHP security (or the lack thereof) Daniel Hulme
Undisclosed cross site scripting vulnerabilities in domaintools.com - requesting contacts admin
Re: Opera 9 DoS PoC Bastian Ahrens
Re: Opera 9 DoS PoC Eric Furman
Amazon and Msn vulnerabilities dcrab
OpenGuestbook Cross Site Scripting & SQL Injection simo64
[OpenPKG-SA-2006.010] OpenPKG Security Advisory (gnupg) OpenPKG
Amazon, MSN vulns and.. Yes, we know! Most sites have vulnerabilities Gadi Evron
Re: PHP security (or the lack thereof) Darren Reed
Universal Hooker - Tool release Hernan Ochoa
Re: PHP security (or the lack thereof) Tobias J. Kreidl
Taking Over Laptops by Fuzzing Wireless Drivers Gadi Evron
Re: Bypassing of web filters by using ASCII Balazs Attila-Mihaly (Cd-MaN)
Tuesday, 27 June
Re: Bypassing of web filters by using ASCII Hubert Seiwert
Re: PHP security (or the lack thereof) Glynn Clements
Winged Gallery v1.0 luny
Re: Sendmail MIME DoS vulnerability Claus Assmann
error_log() Safe Mode Bypass PHP 5.1.4 and 4.4.2 cxib
Jaws <= 0.6.2 'Search gadget' SQL injection rgod
Windows Live Messenger 8.0 ( Contact List *.ctt ) Heap Overflow Alexander Hristov
Usenet Script v0.5 luny
[USN-306-1] MySQL 4.1 vulnerability Martin Pitt
[USN-305-1] OpenLDAP vulnerability Martin Pitt
[SECURITY] [DSA 1103-1] New Linux kernel 2.6.8 packages fix several vulnerabilities Moritz Muehlenhoff
Re: [ECHO_ADV_34$2006] W-Agora (Web-Agora) <= 4.2.0 (inc_dir) Remote File Inclusion Steven M. Christey
CrisoftRicette<<--1.0pre15b Remote File Inclusion CrAzY . CrAcKeR
SYMSA-2006-006: Lotus Domino SMTP Based Denial of Service research
phpvillage "funshow.php" SQL Injection CrAzY . CrAcKeR
[Kurdish Security # 11] SiteBar Cross-Site Scripting botan
Re: [MajorSecurity #18] Ralf Image Gallery <=0.7.4 - Multiple XSS, Remote File Include and directory traversal vulnerabilities Marc MERLIN
Re: XSS in Cpanel 10 bug
Re: Re: PHP security (or the lack thereof) nabiy
Re: PHP security (or the lack thereof) Ronald Chmara
Re: Is Windows TCP/IP source routing PoC code available? 3APA3A
RE: PHP security (or the lack thereof) Geo.
SUSE Security Announcement: freetype2 (SUSE-SA:2006:037) Thomas Biege
[Kurdish Security # 10 ] MF Piadas 1.0 Remote File Include Vulnerability botan
CAID 34325 - CA ITM, eAV, ePP scan job description field format string vulnerability Williams, James K
Files and cvars overwriting in Quake 3 engine (1.32c / rev 803 / ...) Luigi Auriemma
[Kil13r-SA-20060628] Hanaro Search Cross-Site Scripting Vulnerability mac68k
Wednesday, 28 June
smartsite cms v1.0 Remote File include KARKOR23
Layered Defense Advisory: Format String Vuln in CA eTrust dh
[KAPDA]MyBB 1.1.4~function_post.php~XSS Attack In URL tag addmimistrator
vCard PRO SQL Injection CrAzY . CrAcKeR
[ MDKSA-2006:112 ] - Updated gd packages fix DoS vulnerability. security
[ MDKSA-2006:114 ] - Updated libwmf packages fixes embedded GD vulnerability security
Re: Calendar ( Provided by Codewalkers ) - SQL Injection krustevs
PHP-Nuke Module's Name Sections<<--V3 SQL Injection CrAzY . CrAcKeR
Secunia Research: DeluxeBB SQL Injection and File Inclusion Vulnerabilities Secunia Research
BLOG:CMS <= 4.0.0k sql injection rgod
[USN-307-1] mutt vulnerability Martin Pitt
[ GLSA 200606-27 ] Mutt: Buffer overflow Sune Kloppenborg Jeppesen
AzDGDatingPlatinum<<--v1.1.0 "view.php" SQL Injection CrAzY . CrAcKeR
SyScan'06 Highlight - Is Phone Banking Safe? thomas48
Re[2]: Is Windows TCP/IP source routing PoC code available? Ìèíàåâ_Àíäðåé
MKPortal 1.0.1 Final ($ind) File Include Vulnerability (perl) stormhacker
PHP iCalendar Cross Site Scripting botan
Cisco Security Advisory: Multiple Vulnerabilities in Wireless Control System Cisco Systems Product Security Incident Response Team
Microsoft's Real Test with Vista is Vulnerabilities Gadi Evron
[OpenPKG-SA-2006.011] OpenPKG Security Advisory (png) OpenPKG
RE: PHP security (or the lack thereof) Geo.
Re: [MajorSecurity #18] Ralf Image Gallery <=0.7.4 - Multiple XSS, Remote File Include and directory traversal vulnerabilities Ralf
Re: [funsec] Microsoft's Real Test with Vista is Vulnerabilities thomas48
Cisco Security Advisory: Access Point Web-Browser Interface Vulnerability Cisco Systems Product Security Incident Response Team
RE: [funsec] Microsoft's Real Test with Vista is Vulnerabilities Larry Seltzer
[ MDKSA-2006:113 ] - Updated tetex packages fix embedded GD vulnerabilities security
Re: PHP security (or the lack thereof) Tonnerre Lombard
Secunia Research: Opera SSL Certificate "Stealing" Weakness Secunia Research
Presentation: AT&T ISNN - "Case Studies in Finding Previously Unknown Vulnerabilities in Web Applications." Kenneth F. Belva
Re: PHP security (or the lack thereof) Darren Reed
PHPClassifieds General luny
Re: Files and cvars overwriting in Quake 3 engine (1.32c / rev 803 / ...) Luigi Auriemma
[KAPDA]http://myimei.com/security/2006-06-24/mybb104archive-modelight-parameter-extractionvarable-overwriting.html addmimistrator
Thursday, 29 June
DMA[2006-0628a] - 'Apple OSX launchd unformatted syslog() vulnerability' K F (lists)
[ GLSA 200606-29 ] Tikiwiki: SQL injection and multiple XSS vulnerabilities Sune Kloppenborg Jeppesen
CSRF in Nuked Klan 1.7 SP4.2 blwood
[ MDKSA-2006:115 ] - Updated mutt packages fix buffer overflow vulnerability security
Softbiz Banner Exchange 1.0 XSS securityconnection
Secunia Research: phpRaid SQL Injection and File Inclusion Vulnerabilities Secunia Research
[ GLSA 200606-28 ] Horde Web Application Framework: XSS vulnerability Sune Kloppenborg Jeppesen
Digital Armaments Security Advisory 29.06.2006: Siemens Speedstream Wireless Router Password Protection Bypass Vulnerability info
rPSA-2006-0116-1 mutt Justin M. Forbes
Novell Security contact address change Roman Drahtmueller
Multiple Vulnerabilities in PatchLink Update Server 6 Chris Steipp
Novell Security Announcement NOVELL-SA:2006:001 Jim Short
[security bulletin] HPSBTU02125 SSRT061105 rev.1 - HP Tru64 UNIX Running Perl 5.8.2 and earlier, Local Unauthorized Code Execution security-alert
[security bulletin] HPSBUX02122 SSRT061158 rev.2 - HP-UX Mozilla Remote Execution of Arbitrary Code, Denial of Service (DoS) security-alert
[ MDKSA-2006:114 ] - Updated libwmf packages fixes embedded GD vulnerability security
Msie 7.0 beta Crash Mr . Niega
rPSA-2006-0120-1 gnupg Justin M. Forbes
Friday, 30 June
Browser bugs hit IE, Firefox today (SANS) Bill Stout
Re: [Full-disclosure] Browser bugs hit IE, Firefox today (SANS) Juha-Matti Laurio
ezWaiter v3.0 - XSS luny
[SECURITY] [DSA 1104-1] New OpenOffice.org packages fix several vulnerabilities Martin Schulze
libwmf integer/heap overflow sean
[ GLSA 200606-30 ] Kiax: Arbitrary code execution Sune Kloppenborg Jeppesen
Zen-Cart 1.3.0.2 Full Path Disclosure o . y . 6
[Kil13r-SA-20060701-1] Ahnlab Search Cross-Site Scripting Vulnerability mac68k
[Kil13r-SA-20060701-2] MoniWiki 1.1.1 Cross-Site Scripting Vulnerability mac68k
[Kil13r-SA-20060701-3] Massting Cross-Site Scripting Vulnerability mac68k
ISC: Firefox immune to outerHTML flaw in MSIE [Was: Browser bugs hit IE, Firefox] Juha-Matti Laurio
ZDI-06-020: Apple iTunes AAC File Parsing Integer Overflow Vulnerability zdi-disclosures
FreeHost "misc.php & news.php" SQL Injection CrAzY . CrAcKeR
MyNewsGroups<<--v. 0.6 "tree.php" SQL Injection CrAzY . CrAcKeR
CDJ<<--V NITKID 2.0 "category.php" SQL Injection CrAzY . CrAcKeR
Module's Name "Classifieds" SQL Injection CrAzY . CrAcKeR
My smiles "browse.php" SQL Injection CrAzY . CrAcKeR
Hobbit monitor: Security issue with Hobbit 4.2-beta client Henrik Stoerner