Bugtraq: by date
RSS Feed
About List
All Lists
Previous period
460 messages
starting Feb 01 08 and
ending Feb 29 08
Date index |
Thread index |
Author index
Friday, 01 February
[ MDVSA-2008:030 ] - Updated pcre packages fix vulnerability security
LiveCart XSS vulnerability fixed since version 1.1.0 info
[ MDVSA-2008:031 ] - security
LightBlog Remote File Upload Vulnerability omnipresent
SQL in Archimede Net 2000 "E-Guest_show.php" Sw33t . h4cK3r
Saturday, 02 February
Titan FTP Server Remote Heap Overflow (USER/PASS) securfrog
Youtube Clone Xross Site Scripting (load_message.php) ciucciamilcalzino
Sun JRE / JDK bug introduces XXE possibilities Chris Evans
The Everything Development System - SQL Injection sub
Wordpress Plugin dmsguestbook 1.7.0 Multiple Remote Vulnerabilities nbbn
[ MDVSA-2008:032 ] - Updated boost packages fix DoS vulnerabilities security
Domain Trader v2.0 Xss Vulnerable cybermilitan
ITech Classifieds Multiple Remote Vulnerabilities cybermilitan
phpShop <= v 0.8.1 Remote SQL injection / Filter Bypass theredc0ders
[ MDVSA-2008:033 ] - Updated ruby-gnome2 packages fix arbitrary code execution vulnerability security
Wordpress Pluging wp-footnotes 2.2 (admin_panel.php) Multiple Vulnerabilites nbbn
IpSwitch WS_FTPSERVER with SSH remote Buffer Overflow securfrog
Monday, 04 February
[security bulletin] HPSBUX02308 SSRT080010 rev.1 - HP-UX Running Apache, Remote Execution of Arbitrary Code security-alert
Anon Proxy Server <= 0.102 remote buffer overflow L4teral
[DSECRG-08-009] xoops 2.0.18 Local File Include Digital Security Research Group
[DSECRG-08-010] VHD Web Pack 2.0 Local File Include Digital Security Research Group
[OPENADS-SA-2008-001] Openads 2.4.2 vulnerability fixed Matteo Beccati
[DSECRG-08-011] Astrosoft HelpDesk Multiple XSS Digital Security Research Group
[DSECRG-08-008] Textpattern 4.0.5 Multiple Security Vulnerabilities Digital Security Research Group
CORE-2008-0122: MPlayer arbitrary pointer dereference CORE Security Technologies Advisories
CORE-2007-1218: MPlayer 1.0rc2 buffer overflow vulnerability CORE Security Technologies Advisories
Socket termination in FTP Log Server 7.9.14.0 Luigi Auriemma
Multiple vulnerabilities in SAPlpd 6.28 Luigi Auriemma
Multiple vulnerabilities in WinCom LPD Total 3.0.2.623 Luigi Auriemma
iDefense Security Advisory 01.31.08: IBM Informix Dynamic Server SQLIDEBUG File Creation Vulnerability iDefense Labs
iDefense Security Advisory 01.31.08: IBM Informix Dynamic Server onedcu File Creation Vulnerability iDefense Labs
Tuesday, 05 February
[USN-575-1] Apache vulnerabilities Jamie Strandboge
Re: Re: PIX Privilege Escalation Vulnerability rvandenbrink
NERO Media Player <= 1.4.0.35b Remote Buffer Overflow( .M3U) Securfrog
Re: Multiple vulnerabilities in SAPlpd 6.28 robert . ingruber
[ MDVSA-2008:034 ] - Updated emacs packages fix vulnerabilities security
[security bulletin] HPSBMA02307 SSRT071420 rev.1 - HP OpenView Network Node Manager (OV NNM) Remote Denial of Service (DoS) security-alert
Re: PR07-38: XSS on sIFR hk
[SECURITY] [DSA 1481-1] New python-cherrypy packages fix denial of service Moritz Muehlenhoff
[DSECRG-08-012] Multiple LFI in Azucar CMS 1.3 Digital Security Research Group [DSecRG]
[SECURITY] [DSA 1486-1] New gnatsweb packages fix cross-site scripting Steve Kemp
[SECURITY] [DSA 1480-1] New poppler packages fix several vulnerabilities Moritz Muehlenhoff
CYBSEC Security Advisory: Arbitrary file overwrite in Documentum Administrator / Documentum Webtop CYBSEC Advisories
dBpowerAMP Audio Player Release 2 Remote Buffer Overflow Securfrog
rPSA-2008-0040-1 mysql mysql-bench mysql-server rPath Update Announcements
Apple iPhone 1.1.3 remote DoS exploit morin . josh
[ MDVSA-2008:035 ] - Updated libcdio packages fix DoS vulnerability security
Wednesday, 06 February
[security bulletin] HPSBST02302 SSRT071474 rev.1 - HP Storage Essentials SRM, Remote Unauthorized Access security-alert
[security bulletin] HPSBGN02310 SSRT080007 rev.1 - HP Virtual Rooms Running on Windows, Remote Execution of Arbitrary Code security-alert
A paper by Amit Klein (Trusteer): "OpenBSD DNS Cache Poisoning and Multiple O/S Predictable IP ID Vulnerability" Amit Klein
Tested on Webmin 1.390 no-reply
[SECURITY] [DSA 1482-1] New squid packages fix denial of service Moritz Muehlenhoff
Re: A paper by Amit Klein (Trusteer): "OpenBSD DNS Cache Poisoning and Multiple O/S Predictable IP ID Vulnerability" Tim Newsham
rPSA-2008-0043-1 icu rPath Update Announcements
Re: Tested on Webmin 1.390 ivangaravito
rPSA-2008-0046-1 gd rPath Update Announcements
Logs visualization in WS_FTP Server Manager 6.1.0.0 Luigi Auriemma
[ MDVSA-2008:036 ] - Updated CUPS packages fix SNMP vulnerability security
iDefense Security Advisory 02.04.08: Hewlett-Packard Network Node Manager Topology Manager Service DoS Vulnerability iDefense Labs
[SECURITY] [DSA 1483-1] New net-snmp packages fix denial of service vulnerability Noah Meyerhans
Chat vulnerabilities in TinTin++ 1.97.9 Luigi Auriemma
ZDI-08-003: Symantec Backup Exec Remote File Upload Vulnerability zdi-disclosures
[ GLSA 200802-02 ] Doomsday: Multiple vulnerabilities Pierre-Yves Rofes
RE: A paper by Amit Klein (Trusteer): "OpenBSD DNS Cache Poisoning and Multiple O/S Predictable IP ID Vulnerability" Amit Klein
[ GLSA 200802-01 ] SDL_image: Two buffer overflow vulnerabilities Raphael Marichez
Thursday, 07 February
[security bulletin] HPSBMA02309 SSRT080013 rev.1 - HP Select Identity Software, Remote Unauthorized Access security-alert
mini-pub 0.3 multiple vulnerabilities muuratsalo experimental hack lab
Re: Logs visualization in WS_FTP Server Manager 6.1.0.0 Steve Shockley
[DSECRG-08-013] Modx 0.9.6.1, 0.9.6.1p1 Multiple Security Vulnerabilities Digital Security Research Group [DSecRG]
Checkpoint SecuRemote/Secure Client NGX Auto Local Logon Vulnerability Michael Neal Vasquez
[ MDVSA-2008:037 ] - Updated libcdio packages fix DoS vulnerability security
Multiple vulnerabilities in Ipswitch Instant Messaging 2.0.8.1 Luigi Auriemma
iDefense Security Advisory 02.07.08: IBM DB2 Universal Database db2pd Arbitrary Library Loading Vulnerability iDefense Labs
Friday, 08 February
iDefense Security Advisory 02.07.08: IBM DB2 Universal Database Administration Server Memory Corruption Vulnerability iDefense Labs
[ MDVSA-2008:041 ] - Updated tk packages fix buffer overflow vulnerability security
[USN-576-1] Firefox vulnerabilities Jamie Strandboge
[ MDVSA-2008:040 ] - Updated SDL_image packages fix vulnerabilities security
Web Hacking Incidenets Database 2007 annual Report is out Ofer Shezaf
[ MDVSA-2008:042 ] - Updated Qt4 packages fix vulnerability in QSslSocket security
Adobe Reader/Acrobat Remote PDF Print Silently Vulnerability cocoruder
[DSECRG-08-014] Multiple LFI in PowerNews (Newsscript) 2.5.6 Digital Security Research Group [DSecRG]
Husrev Forums v2.0.1:PoWerBoard (tr) (id) Remote SQL Injection crazy_kinq
Blackboard (id) Remote SQL Injection crazy_kinq
[ MDVSA-2008:038 ] - Updated gd packages fix buffer overflow vulnerability security
Joovili <= v.2.1 (members_help.php) Remote File İnclude Vulnerability crazy_kinq
Joomla <= v1.0.14-RC1(Index.php) Remote File Inclusion Exploit alex_zooz_zooz
ASUS Eee PC rooted out of the box RISE Security
[ MDVSA-2008:039 ] - Updated netpbm packages fix buffer overflow vulnerability security
Buffer Overflow Vulnerability in AxRUploadServer.dll, Activex Method (SetLogging) david130490
[SECURITY] [DSA 1487-1] New libexif packages fix several vulnerabilities Moritz Muehlenhoff
Re: Buffer Overflow Vulnerability in AxRUploadServer.dll, Activex Method (SetLogging) david130490
jetAudio <= 7.0.5 (.ASX) Remote Stack Overflow laurent . gaffie
rPSA-2008-0048-1 kernel rPath Update Announcements
Re: RE: ASUS Eee PC rooted out of the box RISE Security
RE: ASUS Eee PC rooted out of the box Bug traq
NULL byte writing in Emerald, RadiusNT/X and Air Marshal Luigi Auriemma
SECURITY ADVISORY - Level Platforms, Inc. Service Center Install Data HTTP Vulnerability Brook Powers
CVE-2008-0002: Tomcat information disclosure vulnerability Mark Thomas
Saturday, 09 February
[SECURITY] CVE-2007-5333: Tomcat Cookie handling vulnerabilities Mark Thomas
[SECURITY] CVE-2007-6286: Tomcat duplicate request processing vulnerability Mark Thomas
[SECURITY] [DSA 1488-1] New phpbb2 packages fix several vulnerabilities Thijs Kinkhorst
rPSA-2008-0051-1 firefox rPath Update Announcements
Some interesting hashes Open Phugu
iDefense Security Advisory 02.08.08: Adobe Reader and Acrobat JavaScript Insecure Method Exposure Vulnerability iDefense Labs
iDefense Security Advisory 02.08.08: Adobe Reader Security Provider Unsafe Libary Path Vulnerability iDefense Labs
iDefense Security Advisory 02.08.08: Adobe Reader and Acrobat Multiple Stack-based Buffer Overflow Vulnerabilities iDefense Labs
PKs Movie Database version 3.0.3 (SQL/XSS) houssamix
Monday, 11 February
F5 BIG-IP Web Management Console CSRF nnposter
F5 BIG-IP Web Management Console CSRF (with example) nnposter
Vwar 1.5.0 p_s3rver
Default Multiple Joomla! Component com_rapidrecipe "user_id=" Remote SQL Inj. staad1
پيش گزيده Website Design Chat Software Remote Cross-Site Scripting no-reply
hi f10
Final CFP: EuroSec Workshop (March 31st, 2008) Stefano Zanero
[SECURITY] [DSA 1485-1] New icedove packages fix several vulnerabilities Moritz Muehlenhoff
[SECURITY] [DSA 1484-1] New xulrunner packages fix several vulnerabilities Moritz Muehlenhoff
[SECURITY] [DSA 1489-1] New iceweasel packages fix several vulnerabilities Moritz Muehlenhoff
[SECURITY] [DSA 1492-1] New wml packages fix denial of service Moritz Muehlenhoff
[SECURITY] [DSA 1491-1] New tk8.4 packages fix arbitrary code execution Moritz Muehlenhoff
[SECURITY] [DSA 1490-1] New tk8.3 packages fix arbitrary code execution Moritz Muehlenhoff
[SECURITY] [DSA 1493-1] New sdl-image1.2 packages fix arbitrary code execution Moritz Muehlenhoff
Simple Machines Forum "SMF Shoutbox" Mod Persistent XSS enterth3dragon
Mercury v1.1.5 Send Message Cross-Site Scripting No-reply
aliboard Beta Upload Shell From ControlPanel رومانسي هكر
[SECURITY] [DSA 1494-1] New linux-2.6 packages fix privilege escalation Florian Weimer
ExtraOutlook 1.2 Released Thor (Hammer of God)
Multiple vulnerabilities in EztremeZ-IP File and Printer Server 5.1.2x15 Luigi Auriemma
Directory traversal in SafeNet Sentinel Protection and Key Server 7.4.1.0 Luigi Auriemma
Format string and DoS in Opium OPI and cyanPrintIP servers 4.10.x Luigi Auriemma
Format string and buffer-overflow in Lst Network Print Server 9.4.2 build 105 Luigi Auriemma
Tuesday, 12 February
[ GLSA 200802-03 ] Horde IMP: Security bypass Pierre-Yves Rofes
IOActive Security Advisory: Legacy mod_jk2 Buffer Overflow IOActive Advisories
FLEA-2008-0003-1 nss_ldap Foresight Linux Essential Announcement Service
[ GLSA 200802-04 ] Gallery: Multiple vulnerabilities Pierre-Yves Rofes
FLEA-2008-0006-1 tetex tetex-dvips tetex-fonts Foresight Linux Essential Announcement Service
my little forum XSS db
joomla (k12.tr)(com_iomezun)SQL Injection hackturkiye . hackturkiye
FLEA-2008-0002-1 python Foresight Linux Essential Announcement Service
Kommentare zum Download script SQL Injection hackturkiye . hackturkiye
FLEA-2008-0004-1 rsync Foresight Linux Essential Announcement Service
CSA-L03: Linux kernel vmsplice unchecked user-pointer dereference Wojciech Purczynski
joomll(k12.tr)(com_mezun)SQL Injection hackturkiye . hackturkiye
[ MDVSA-2008:043 ] - Updated kernel packages fix multiple vulnerabilities and bugs security
Re: Directory traversal in SafeNet Sentinel Protection and Key Server 7.4.1.0 jfvanmeter
FLEA-2008-0005-1 e2fsprogs Foresight Linux Essential Announcement Service
FLEA-2008-0001-1 firefox Foresight Linux Essential Announcement Service
ZDI-08-004: Adobe AcrobatReader Javascript for PDF Integer Overflow Vulnerability zdi-disclosures
IOActive Security Advisory: Multiple Remote SiteScope Vulnerabilities IOActive Advisories
ZDI-08-005: Novell Client NWSPOOL.DLL EnumPrinters Stack Overflow Vulnerability zdi-disclosures
[ MDVSA-2008:044 ] - Updated kernel packages fix multiple vulnerabilities and bugs security
artmedic weblog multiple xss vulnerabilities muuratsalo experimental hack lab
gkrellweather forensec
rPSA-2008-0052-1 kernel rPath Update Announcements
Re: Directory traversal in SafeNet Sentinel Protection and Key Server 7.4.1.0 Luigi Auriemma
Re: Directory traversal in SafeNet Sentinel Protection and Key Server 7.4.1.0 jfvanmeter
Unicode buffer-overflow in RPM Remote Print Manager 4.5.1.11 Luigi Auriemma
iDefense Security Advisory 02.12.08: ClamAV libclamav PE File Integer Overflow Vulnerability iDefense Labs
FLEA-2008-0007-1 gd Foresight Linux Essential Announcement Service
cacti -- Multiple security vulnerabilities have been discovered Mario Sergio Candian
LI-countdown SQL Injection Vulnerability sex
Cacti 0.8.7a Multiple Vulnerabilities s4tan
Directory traversal and DoS in WinIPDS G52-33-021 Luigi Auriemma
Re: Directory traversal in SafeNet Sentinel Protection and Key Server 7.4.1.0 Luigi Auriemma
Re: Directory traversal in SafeNet Sentinel Protection and Key Server 7.4.1.0 jfvanmeter
Re: Directory traversal in SafeNet Sentinel Protection and Key Server 7.4.1.0 Luigi Auriemma
[ GLSA 200802-05 ] Gnumeric: User-assisted execution of arbitrary code Pierre-Yves Rofes
[ GLSA 200802-06 ] scponly: Multiple vulnerabilities Pierre-Yves Rofes
[SECURITY] [DSA 1495-1] New nagios-plugins packages fix several vulnerabilities Moritz Muehlenhoff
Wednesday, 13 February
iDefense Security Advisory 02.12.08: Microsoft Office Works Converter Heap Overflow Vulnerability iDefense Labs
iDefense Security Advisory 02.12.08: Microsoft Office Works Converter Stack-based Buffer Overflow Vulnerability iDefense Labs
QuickTime <= 7.4.1 QTPlugin.ocx Multiple Remote Stack Overflow laurent . gaffie
[SECURITY] [DSA 1496-1] New mplayer packages fix arbitrary code execution Moritz Muehlenhoff
iDefense Security Advisory 02.12.08: Microsoft Internet Explorer Property Memory Corruption Vulnerability iDefense Labs
Thanks to all, ExploitSearch in Top5 security must-have Security Basic
iDefense Security Advisory 02.12.08: Adobe Flash Media Server 2 Multiple Integer Overflow Vulnerabilities iDefense Labs
SyScan'08 Call for Paper/Training organiser () syscan org
ZDI-08-006: Microsoft Internet Explorer SVG animateMotion.by Code Execution Vulnerability zdi-disclosures
[SECURITY] [DSA 1494-2] New linux-2.6 packages fix privilege escalation dann frazier
iDefense Security Advisory 02.12.08: Adobe Flash Media Server 2 Memory Corruption Vulnerability iDefense Labs
Re: XSS on Obedit v3.03 richard
Vwar New Bug p_s3rver
[Reversemode Advisory] February Advisories : Microsoft Word 2003 + Fortinet Forticlient Reversemode
rPSA-2008-0054-1 tk rPath Update Announcements
Netkom Internet Solutions (folder_id) Remote SQL Injection Vulnerability crazy_kinq
[security bulletin] HPSBUX02249 SSRT071442 rev.3 - HP-UX Running the Ignite-UX or the DynRootDisk (DRD) get_system_info Command, Local Unqualified Configuration Change security-alert
rPSA-2008-0061-1 SDL_image rPath Update Announcements
[security bulletin] HPSBMA02274 SSRT071445 rev.3 - HP System Management Homepage (SMH) for HP-UX, Remote Cross Site Scripting (XSS) security-alert
[security bulletin] HPSBUX02313 SSRT080015 rev.1 - HP-UX Running Apache, Remote Execution of Arbitrary Code security-alert
Provided By Development Solutions SQL Injection Exploit(panel) hackturkiye . hackturkiye
ALL VERSİON PHPAUTOVİDEO c99 shell hackturkiye . hackturkiye
all forums.asp hack hackturkiye . hackturkiye
joomla upload php code or picture (com_uhp) hackturkiye . hackturkiye
joomla "com_model" hackturkiye . hackturkiye
joomla "com_omnirealestate" S@L Injection hackturkiye . hackturkiye
Cisco Security Advisory: SQL injection in Cisco Unified Communications Manager Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Cisco Unified IP Phone Overflow and Denial of Service Vulnerabilities Cisco Systems Product Security Incident Response Team
rPSA-2008-0063-1 boost rPath Update Announcements
Thursday, 14 February
Search Unleashed 0.2.10 JavaScript injection (Wordpress plugin) Krzysztof Burghardt
JSPWiki Multiple Vulnerabilities Trancer
ELFdump crash when analyzing crafted ELF file. david . reguera
[DSECRG-08-011 | FIX INFORMATION] Astrosoft HelpDesk Multiple XSS Digital Security Research Group [DSecRG]
artmedic weblog multiple local file inclusion vulnerabilities muuratsalo experimental hack lab
Re: Vwar New Bug packet
[ GLSA 200802-07 ] Pulseaudio: Privilege escalation Pierre-Yves Rofes
etomite xss th3 . r00k . nospam
Apache web server 2.2: htpasswd predictable salt weakness Peter Watkins
[USN-578-1] Linux kernel vulnerabilities Jamie Strandboge
Joomla 1.0.13 - 1.0.14 / (remote) PHP file inclusion possible if old configuration.php Hendrik Jan Verheij
Philips VOIP841 Multiple Vulnerabilities luca . carettoni
FreeBSD Security Advisory FreeBSD-SA-08:03.sendfile FreeBSD Security Advisories
FreeBSD Security Advisory FreeBSD-SA-08:04.ipsec FreeBSD Security Advisories
Rosoft Media Player 4.1.8 Buffer Overflow ( .M3U) securfrog
DOINGSOFT-2008-02-11 - IPDiva VPN SSL Brute force attack eagle
PlutoStatus Locator v1.0pre (alpha) local file inclusion vulnerability muuratsalo experimental hack lab
Re: UniversalFtp Server 1.0.44 Multiple Remote Denial of service securfrog
DOINGSOFT-2008-02-11-002 IP Diva VPN SSL many XSS attacks eagle
scribe 0.2 local file inclusion vulnerability muuratsalo experimental hack lab
UniversalFtp Server 1.0.44 Multiple Remote Denial of service securfrog
Friday, 15 February
StatCounteX 3.0 & 3.1 Admin Vulnerability Sekomirza
Re: Joomla 1.0.13 - 1.0.14 / (remote) PHP file inclusion possible if old configuration.php manuel . no_spam . bruneau
Re: DOINGSOFT-2008-02-11-002 IP Diva VPN SSL many XSS attacks rose-of-a
Re: Philips VOIP841 Multiple Vulnerabilities mattyg
[INFIGO-2008-02-13]: SOPHOS Email Security Appliance Cross Site Scripting Vulnerability infocus
Re: SECURITY ADVISORY - Level Platforms, Inc. Service Center Install Data HTTP Vulnerability cmiyazaki
Sami FTP Server 2.0.* Multiple Remote Vulnerabilities securfrog
SellOwnHouse login SQL Injection hackturkiye . hackturkiye
Simple Forum Version 1.10-1.11 SQL Injection hackturkiye . hackturkiye
Re: Apache web server 2.2: htpasswd predictable salt weakness 3APA3A
[ MDVSA-2008:045 ] - Updated MPlayer packages fix a few vulnerabilities security
artmedic_weblog Cross Site Scriptting Vulnerbility hadihadi_zedehal_2006
engineering Neoteric UK LTD S@L İNJECTİON hackturkiye . hackturkiye
joomla "com_smslist" sql injecton hackturkiye . hackturkiye
Ecommerce Websites from b1st.com SQL Injection hackturkiye . hackturkiye
Re: [Full-disclosure] rPSA-2008-0052-1 kernel Tonnerre Lombard
[ GLSA 200802-08 ] Boost: Denial of Service Raphael Marichez
joomla com_activities sql injection hackturkiye . hackturkiye
joomla faq SQL Injection hackturkiye . hackturkiye
all version Wordpress FORUM S@L injection hackturkiye . hackturkiye
Re: Apache web server 2.2: htpasswd predictable salt weakness Peter Watkins
Re: ACER Travelmate 600 and 800 series - Smartcard flawed Implementation linke_z
Simple Forum Version 1.7-1.9(pagename) hackturkiye . hackturkiye
rPSA-2008-0056-1 mailman rPath Update Announcements
Re: rPSA-2008-0052-1 kernel gregory
rPSA-2008-0059-1 openldap openldap-clients openldap-servers rPath Update Announcements
[ MDVSA-2008:046 ] - Updated xine-lib package fixes arbitrary code execution vulnerability security
Re: artmedic_weblog Cross Site Scriptting Vulnerbility jyvaeskylae
Saturday, 16 February
[HISPASEC] FireFox 2.0.0.11 and Opera 9.50 beta Remote Memory Information Leak, FireFox 2.0.0.11 Remote Denial of Service Gynvael Coldwind
Re[2]: Apache web server 2.2: htpasswd predictable salt weakness 3APA3A
joomla SQL Injection(com_salesrep) hackturkiye . hackturkiye
joomla SQL Injection( com_scheduling) hackturkiye . hackturkiye
banpro-dms 1.0 local file inclusion vulnerability muuratsalo experimental hack lab
joomla SQL Injection(com_lexikon) hackturkiye . hackturkiye
joomla SQL Injection(com_filebase) hackturkiye . hackturkiye
joomla SQL Injection(com_emcompose) hackturkiye . hackturkiye
joomla SQL Injection(com_sg) hackturkiye . hackturkiye
[SECURITY] [DSA 1497-1] New clamav packages fix several vulnerabilities Moritz Muehlenhoff
Monday, 18 February
joomla SQL Injection(com_profile) hackturkiye . hackturkiye
WordPress forumaction (PAGE_id)(user)SQL Injection hackturkiye . hackturkiye
Wordpress Plugin (wp-content/recipe) SQL Injection hackturkiye . hackturkiye
joomla SQL Injection(com_detail) hackturkiye . hackturkiye
lightblog 9.6 local file inclusion vulnerability muuratsalo experimental hack lab
joomla SQL Injection(com_filebase) hackturkiye . hackturkiye
joomla SQL Injection(com_galeria) hackturkiye . hackturkiye
Crafty Syntax Xss Vulnerability Ozgur Ozdemircili
RunCMS 1.6.1 Multiple XSS and XSRF Vulnerabilties nbbn
Simple CMS <= 1.0.3 (indexen.php area) Remote SQL Injection Exploit sys-project
WordPress SQL Injection(wp-content-simple-forum) hackturkiye . hackturkiye
Wordpress Plugin (wp-people) SQL Injection hackturkiye . hackturkiye
joomla SQL Injection(com_jooget) hackturkiye . hackturkiye
WordPress album PHOTO SQL Injection hackturkiye . hackturkiye
RUXCON 2008 CALL FOR PAPERS cfp
joomla SQL Injection (cat)(com_downloads) hackturkiye . hackturkiye
joomla SQL Injection(com_ricette) hackturkiye . hackturkiye
ATutor <= 1.5.5 Cross Site Scripting L4teral
ProjectPier <= 0.80 Cross Site Scripting and Request Forgery L4teral
(tip=sollinkicerik)SQL Injection Vulnerability hackturkiye . hackturkiye
[SECURITY] [DSA 1495-2] New nagios-plugins packages fix regression Moritz Muehlenhoff
Re: etomite xss ralph
Re: etomite xss dean
Tuesday, 19 February
[DSECRG-08-015] Multiple Security Vulnerabilities in Dokeos 1.8.4 Digital Security Research Group
XOOPS Module section SQL Injection(articleid) hackturkiye . hackturkiye
joomla SQL Injection(com_iigcatalog) hackturkiye . hackturkiye
joomla SQL Injection(com_formtool) hackturkiye . hackturkiye
SmarterMail Enterprise 4.3 - malformed mail XSS jplopezy
joomla SQL Injection(com_team hackturkiye . hackturkiye
joomla SQL Injection(com_detail) hackturkiye . hackturkiye
joomla SQL Injection(com_geoboerse) hackturkiye . hackturkiye
XOOPS Module wflinks SQL Injection(cid) hackturkiye . hackturkiye
XOOPS Module myTopics-print SQL Injection(articleid) hackturkiye . hackturkiye
joomla SQL Injection(com_facileforms) hackturkiye . hackturkiye
PR08-01: Several XSS, a cross-domain redirect and a webroot disclosure on Spyce - Python Server Pages (PSP) ProCheckUp Research
joomla SQL Injection(com_listoffreeads) hackturkiye . hackturkiye
[DSECRG-08-016] Jinzora 2.7.5 Multiple XSS Digital Security Research Group
joomla SQL Injection(com_genealogy) hackturkiye . hackturkiye
SYMSA-2008-001: Lyris ListManager - Multiple Vulnerabilities research
WoltLab Burning Board 3.0.3 PL1 SQL-Injection Vulnerability nbbn
PR06-12: XSS on BEA Plumtree Foundation and AquaLogic Interaction portals ProCheckUp Research
joomla SQL Injection(com_foevpartners) hackturkiye . hackturkiye
XOOPS Module vacatures SQL Injection hackturkiye . hackturkiye
XOOPS Module events SQL Injection hackturkiye . hackturkiye
XOOPS Module badliege SQL Injection hackturkiye . hackturkiye
XOOPS Module seminars SQL Injection hackturkiye . hackturkiye
joomla SQL Injection(com_magazine) hackturkiye . hackturkiye
[SECURITY] [DSA 1498-1] New libimager-perl packages fix arbitrary code execution Steve Kemp
Re: CSA-L03: Linux kernel vmsplice unchecked user-pointer dereference si0uxsecurity
XOOPS Module classifieds SQL Injection(cid) hackturkiye . hackturkiye
XOOPS Module eEmpregos SQL Injection(cid) hackturkiye . hackturkiye
XOOPS Module wflinks SQL Injection(cid) hackturkiye . hackturkiye
PHP-Nuke Module Web_Links SQL Injection(cid) hackturkiye . hackturkiye
[ MDVSA-2007:047 ] - Updated Thunderbird packages fix multiple vulnerabilities security
NULL pointer crash in freeSSHd 1.20 Luigi Auriemma
Multiple buffer-overflow in NowSMS v2007.06.27 Luigi Auriemma
Two heap overflow in Foxit WAC Server 2.0 Build 3503 Luigi Auriemma
Access violation and limited informations disclosure in webcamXP 3.72.440.0 Luigi Auriemma
[SECURITY] [DSA 1499-1] New pcre3 packages fix arbitrary code execution Florian Weimer
Wednesday, 20 February
[security bulletin] HPSBTU02311 SSRT080001 rev.1 - HP Tru64 UNIX running Perl, Remote Execution of Arbitrary Code security-alert
Web Hacking Incidents Database Update for Feb 20th Ofer Shezaf
Xoops-2.0.16 Remote File Inclusion f10
Re: XOOPS Module wflinks SQL Injection(cid) packet
Advisory SE-2008-01: PunBB Blind Password Recovery Vulnerability Stefan Esser
iDefense Security Advisory 02.19.08: EMC RepliStor Multiple Heap Overflow Vulnerabilities iDefense Labs
Heap overflow in Sybase MobiLink 10.0.1.3629 Luigi Auriemma
Thursday, 21 February
ZDI-08-007: Symantec VERITAS Storage Foundation Administrator Service Heap Overflow Vulnerability zdi-disclosures
[USN-579-1] Qt vulnerability Jamie Strandboge
[security bulletin] HPSBST02314 SSRT080016 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-003 to MS08-013 security-alert
[ MDVSA-2008:046-1 ] - Updated xine-lib package fixes arbitrary code execution vulnerability security
aeries browser interface(ABI) 3.8.2.8 XSS admin
joomla SQL Injection(com_asortyment)katid hackturkiye . hackturkiye
aeries browser interface(ABI) 3.7.2.2 Remote SQL Injection admin
ZyXEL Gateways Vulnerability Research: http://www.procheckup.com/Hacking_ZyXEL_Gateways.pdf ProCheckUp Research
iDefense Security Advisory 02.20.08: Symantec Veritas Storage Foundation Scheduler Service DoS Vulnerability iDefense Labs
PHP-Nuke Module Classifieds SQL Injection(Details) hackturkiye . hackturkiye
[USN-580-1] libcdio vulnerability Jamie Strandboge
Re: iDefense Security Advisory 02.19.08: EMC RepliStor Multiple Heap Overflow Vulnerabilities iDefense Labs
joomla SQL Injection(com_referenzen) hackturkiye . hackturkiye
CFP: Workshop on Open Source Software for Computer and Network Forensics Stefano Zanero
joomla SQL Injection(com_joomlavvz) hackturkiye . hackturkiye
PHP-Nuke Module BenchmarkNewsInjection(sid) hackturkiye . hackturkiye
joomla SQL Injection(com_idvnews) hackturkiye . hackturkiye
XOOPS Module tinyevent-print SQL Injection(id) hackturkiye . hackturkiye
PHP-Nuke Siir SQL Injection(id) hackturkiye . hackturkiye
SQL-injection, XSS in OSSIM (Open Source Security Information Management) marcin . kopec
Announce: RFIDIOt credit card sub-module: ChAP.py Adam Laurie
PHP-Nuke Module Dossiers Injection(did) hackturkiye . hackturkiye
PHP-Nuke genaral print SQL Injection(id) hackturkiye . hackturkiye
PHP-Nuke Module Downloads SQL Injection(sid) hackturkiye . hackturkiye
joomla SQL Injection(com_mygallery) hackturkiye . hackturkiye
joomla SQL Injection(com_most)secid hackturkiye . hackturkiye
VMSA-2008-0003 Moderate: Updated aacraid driver and samba and python service console updates VMware Security team
aeries browser interface(ABI) 3.8.2.8 Remote SQL Injection admin
XOOPS Module prayerlist SQL Injection(cid) hackturkiye . hackturkiye
joomla SQL Injection(com_asortyment)katid hackturkiye . hackturkiye
joomla SQL Injection(com_cms) hackturkiye . hackturkiye
[SECURITY] [DSA 1500-1] New splitvt packages fix privilege escalation Steve Kemp
Academic Computer Security Conference Jon R. Kibler
[SECURITY] [DSA 1501-1] New dspam packages fix information disclosure Thijs Kinkhorst
Friday, 22 February
[ GLSA 200802-09 ] ClamAV: Multiple vulnerabilities Pierre-Yves Rofes
Cold Boot Attacks on Disk Encryption Jacob Appelbaum
CanSecWest 2008 Mar 26-28 Dragos Ruiu
Certification for Web Application Security Professionals Anurag Agarwal
EDLGraph 1.0 subere
[SECURITY] [DSA 1502-1] New wordpress packages fix multiple vulnerabilities Noah Meyerhans
[USN-581-1] PCRE vulnerability Kees Cook
IBM Quickr 8 Calendar Xss Injection (Bypass Quickr 8.0 Xss Filter) goldshlager19
Re: SQL-injection, XSS in OSSIM (Open Source Security Information Management) Dominique Karg
Tool release: extract Windows credentials from registry hives Brendan Dolan-Gavitt
[security bulletin] HPSBGN02298 SSRT071502 rev.3 - HP Notebook PC Quick Launch Button (QLB) Software Running on Windows, Remote Execution of Arbitrary Code, Gain Privileged Access security-alert
[SECURITY] [DSA 1503-1] New Linux kernel 2.4.27 packages fix several issues dann frazier
Multiple vulnerabilities in Double-Take 5.0.0.2865 Luigi Auriemma
[SECURITY] [DSA 1504-1] New Linux kernel 2.6.8 packages fix several issues dann frazier
[SECURITY] [DSA 1505-1] New alsa-driver packages fix kernel memory leak dann frazier
Saturday, 23 February
[Aria-Security.Net] BestWebApp Dating System SQL Injection no-reply
joomla com_product SQL Injection(catid) hackturkiye . hackturkiye
joomla com_hello_world SQL Injection(id) hackturkiye . hackturkiye
[ MDVSA-2008:048 ] - Updated Firefox packages fix multiple vulnerabilities security
php nuke Sections SQL Injection(print) hackturkiye . hackturkiye
php-nuke Recipes SQL Injection(recipeid) hackturkiye . hackturkiye
php-nuke Kuran SQL Injection(surano) hackturkiye . hackturkiye
php nuke gallery SQL Injection(aid) hackturkiye . hackturkiye
aura cms lihatberita SQL Injection(id) hackturkiye . hackturkiye
CastleCops Six Years Old Paul Laudanski
php-nuke Quran SQL Injection(surano) hackturkiye . hackturkiye
phpechocms v 2.0 rc3 RFI beenudel1986
Monday, 25 February
[ MDVSA-2008:049 ] - Updated nss_ldap package fixes race condition allowing user data theft security
Joomla com_stat "id" Remote SQL Injection no-reply
joomla com_garyscookbook SQL Injection(id) hackturkiye . hackturkiye
joomla com_wines SQL Injection(id) hackturkiye . hackturkiye
Re: Re: SQL-injection, XSS in OSSIM (Open Source Security Information Management) dcid
joomla com_simpleshop SQL Injection(section) # hackturkiye . hackturkiye
Joomla Com_blog "pid" Remote SQL Injection no-reply
Joomla com_inter "id" Remote SQL Injection no-reply
Softbiz jokes and funny pictures (index.php) sql injection Hamza Almersoumi
Pigyard Art Gallery Multiple SQL Injection No-Reply
[SECURITY] [DSA 1507-1] New turba2 packages fix permission testing Steve Kemp
Alkacon OpenCms tree_files.jsp resource XSS nnposter
S21SEC-040-en: Infinite invalid authentication attempts possible in BEA WebLogic Server S21sec labs
[SECURITY] [DSA 1506-1] New iceape packages fix several vulnerabilities Moritz Muehlenhoff
Php Nuke "Sell" module SQL Injection ("cid") no-reply
Packeteer Products File Listing XSS nnposter
[ GLSA 200802-10 ] Python: PCRE Integer overflow Robert Buchholz
CORE-2007-0930 Path Traversal vulnerability in VMware's shared folders implementation Core Security Technologies Advisories
Aria-Security.Net: Joomla Com_publication "pid" Remote SQL Injection No-Reply
Wordpress Plugin Sniplets 1.1.2 Multiple Vulnerabilities nbbn
Powered by Pagetool Ver (1.04-05-06-07) turkish-warrorr
[SECURITY] [DSA 1508-1] New diatheke packages fix arbirary shell command execution Thijs Kinkhorst
Format string and buffer-overflow in SurgeMail 38k4 Luigi Auriemma
Re: Powered by Pagetool Ver (1.04-05-06-07) packet
NULL pointer in SurgeFTP 2.3a2 Luigi Auriemma
Tuesday, 26 February
Nortel IP Phone DoS sipherr
php-nuke sql injection reportaj [secid] lovebug
[SECURITY] [DSA 1509-1] New koffice packages fix multiple vulnerabilities Noah Meyerhans
Bypassing OfficeScan Trend Micro AV Danux
SandMan 1.0.080226 is out! Matthieu Suiche
Re: Nortel IP Phone DoS amarkov
Re: Re: Nortel IP Phone DoS sipherr
[ MDVSA-2008:050 ] - Updated cups packages fix multiple vulnerabilities security
[ GLSA 200802-12 ] xine-lib: User-assisted execution of arbitrary code Robert Buchholz
[ GLSA 200802-11 ] Asterisk: Multiple vulnerabilities Pierre-Yves Rofes
[ MDVSA-2008:051 ] - Updated cups packages fix vulnerabilities security
Wednesday, 27 February
iDefense Security Advisory 02.26.08: Symantec Scan Engine 5.1.2 RAR File Denial of Service Vulnerability iDefense Labs
iDefense Security Advisory 02.26.08: Symantec Scan Engine 5.1.2 RAR File Buffer Overflow Vulnerability iDefense Labs
[SECURITY] [DSA 1510-1] New ghostscript packages fix arbitrary code execution Thijs Kinkhorst
iDefense Security Advisory 02.26.08: Mozilla Thunderbird MIME External-Body Heap Overflow Vulnerability iDefense Labs
CFP - ekoparty 4th edition ekoparty
Re: Mambo 4.6.3 Path Disclosure, XSS , XSRF, DOS jamboomla
Buffer-overflow in the passwords handling of Trend Micro OfficeScan 8.0 and possibly other products Luigi Auriemma
[ MDVSA-2008:052 ] - Updated cacti packages fix multiple vulnerabilities security
CORE-2008-0130: VLC media player chunk context validation error Core Security Technologies Advisories
[ MDVSA-2008:053 ] - Updated pcre packages fix vulnerability security
Thursday, 28 February
security and aluminum foil hats Pete Herzog
Urulu 2.1 Blind SQL Injection Vulnerability (CVE-2008-0385) Daniel Roethlisberger
123 Flash Chat Module for phpBB f10
PHP-Nuke My_eGallery "gid" Remote SQL Injection no-reply
PR07-42: Webroot disclosure on Juniper Networks Secure Access 2000 ProCheckUp Research
PR07-41: XSS on Juniper Networks Secure Access 2000 ProCheckUp Research
Re: 123 Flash Chat Module for phpBB f10
RE: Buffer-overflow in the passwords handling of Trend Micro OfficeScan 8.0 and possibly other products Raymond_Villafania
XSS on XRMS- open source CRM vijayv
rPSA-2008-0084-1 lighttpd rPath Update Announcements
rPSA-2008-0086-1 pcre rPath Update Announcements
rPSA-2008-0088-1 am-utils rPath Update Announcements
rPSA-2008-0082-1 espgs rPath Update Announcements
Loginwindow.app and Mac OS X Jacob Appelbaum
[ MDVSA-2008:054 ] - Updated dbus packages fix vulnerability security
Friday, 29 February
Beehive/SendFile.NET - Secure File Transfer Appliance Hardcoded Credentials brad . antoniewicz
Re: Loginwindow.app and Mac OS X oc photon
Re: Loginwindow.app and Mac OS X Jacob Appelbaum
Re: Loginwindow.app and Mac OS X Matt Johnston
PHPMyTourney Remote file include Vulnerability security
[ MDVSA-2008:055 ] - Updated ghostscript packages fix arbitrary code execution vulnerability security
Ghostscript buffer overflow Chris Evans
Centreon <= 1.4.2.3 (index.php) Remote File Disclosure sys-project
netOffice Dwins 1.3 Remote code execution. db
rPSA-2008-0091-1 cups rPath Update Announcements
rPSA-2008-0092-1 tshark wireshark rPath Update Announcements
Release: Pass-The-Hash toolkit v1.3 Hernan Ochoa
rPSA-2008-0093-1 thunderbird rPath Update Announcements
rPSA-2008-0094-1 kernel rPath Update Announcements
[USN-582-1] Thunderbird vulnerabilities Jamie Strandboge
[ MDVSA-2008:056 ] - Updated gnumeric packages fix vulnerability security