- iDefense Security Advisory 11.08.06: Cisco Secure Desktop Privilege
- knowledgeBuilder v.2.2.php.NuLL-WDYL=> Remote File Include
- Speedwiki 2.0 Arbitrary File Upload Vulnerability
- [ MDKSA-2006:202 ] - Updated wv packages fix vulnerabilities
- Immediacy .NET CMS possibly vulnerable to Cross Site Scripting through
- FreeWebshop <=2.2.2 [local file include & xss]
- FreeBSD Security Advisory FreeBSD-SA-06:24.libarchive
- Antwort: Joomla 1.0.11 Remote File Include
- [ MDKSA-2006:204 ] - Updated openssh packages fix vulnerability
- bitweaver <=1.3.1 [injection sql (post) & xss (post)]
- GNU gv Stack Overflow Vulnerability
- [SECURITY] [DSA 1207-1] New phpmyadmin packages fix several vulnerabilities
- LandShop Real Estate [multiple injection sql & xss]
- [USN-379-1] texinfo vulnerability
- Re: Multiple vulnerabilities in SAP Web Application Server 6.40
- Wheatblog [multiple xss (post) & full path disclosure]
- [security bulletin] HPSBMA02167 SSRT061262 rev.2 - HP OpenView Client Configuration Manager (CCM), Remote Unauthorized Arbitrary Code Execution or Denial of Service (DoS)
- [ GLSA 200611-04 ] Bugzilla: Multiple Vulnerabilities
- rPSA-2006-0204-1 kernel
- rPSA-2006-0205-1 php php-mysql php-pgsql
- rPSA-2006-0206-1 firefox thunderbird
- rPSA-2006-0207-1 openssh openssh-client openssh-server
- [ MDKSA-2006:205 ] - Updated Firefox packages fix multiple vulnerabilities
- [ MDKSA-2006:206 ] - Updated Thunderbird packages fix multiple vulnerabilities
- [OpenPKG-SA-2006.033] OpenPKG Security Advisory (openldap)
- [ GLSA 200611-05 ] Netkit FTP Server: Privilege escalation
- [x0n3-h4ck]Essentia Web Server v.2.15 Buffer Overflow
- [x0n3-h4ck]Drake CMS v 0.2 XSS exploit
- ZDI-06-039: Marshal MailMarshal ARJ Extraction Directory Traversal
- encapscms 0.3.6 - Remote File Include by Firewall
- PHPKit 1.6.1 RC2 (faq/faq.php) Remote SQL Injection Exploit
- Mega Mall [ multiples injection sql & full path disclosure ]
- MyStats <=1.0.8 [injection sql, multiples xss, array & full path
- Exophpdesk V1.2 - Remote File Include
- [SECURITY] [DSA 1209-1] New trac packages fix cross-site request forgery
- Wordpress File Inclusion
- TOPSTORY BASIC Version 1.0 => Remote File Include Vulnerability
- [MajorSecurity Advisory #33]ShopSystems - SQL Injection Issue
- phpManta - Mdoc <= 1.0.2 (view-sourcecode.php) Local File Include
- AspPired2 Poll <= 1.0 (MoreInfo.asp) Remote SQL Injection Exploit
- UStore 1.0 (detail.asp) Remote SQL Injection Vulnerability
- NuCommunity 1.0 (cl_CatListing.asp) Remote SQL Injection Exploit
- Re: [ GLSA 200611-03 ] NVIDIA binary graphics driver: Privilege escalation vulnerability
- NuRems 1.0 Remote XSS/SQL Injection Exploit
- NuStore 1.0 (Products.asp) Remote SQL Injection Vulnerability
- Re: feedsplitter considered harmful
- NuSchool 1.0 (CampusNewsDetails.asp) Remote SQL Injection Exploit
- Re: Wordpress File Inclusion
- [SECURITY] [DSA 1208-1] New bugzilla packages fix several vulnerabilities
- XSS in Email Signature Script
- infinicart [ multiples injection sql & xss (post) ]
- shambo2 Component For Mambo 4.5 Remote File Inclusion Exploit
- Re: Cross Site Scripting (XSS) Vulnerability in Netquery by "VIRtech"
- Web Interface remote file inclusion
- VBulletin DoS Exploit [ all Versions ]
- Digipass Go3 Token Dumper (at least for 2006)
- ZDI-06-038: Citrix MetaFrame IMA Management Module Remote Heap Overflow
- Phpjobscheduler 3.0 - Multiple Remote File Include
- Phpdebug 1.1.0 - Remote File Include by Firewall
- ELOG Web Logbook Remote Denial of Service Vulnerability
- UltraSite 1.0 (update.asp) Remote SQL Injection Vulnerability
- Asp Scripter Products (cpLogin.asp) Remote SQL ByPass Injection
- CPanel Multiple Cross Site Scription
- Old SAP exploits
- Property Pro v1.0 (vir_Login.asp) Remote Login ByPass SQL
- Re: [x0n3-h4ck]Essentia Web Server v.2.15 Buffer Overflow
- ASPPortal <= 4.0.0 (default1.asp) Remote SQL Injection Exploit
- UPublisher 1.0 (viewarticle.asp) Remote SQL Injection Vulnerability
- [FLSA-2006:211760] Updated gzip package fixes security issues
- Estate Agent Manager <= v1.3 (default.asp) Remote Login ByPass
- [SECURITY] [DSA 1209-2] New trac packages fix cross-site request forgery
- Challenges faced by automated web application security assessment tools
- DirectAdmin Multiple Cross Site Scription
- VMSA-2006-0006 - VMware ESX Server 2.5.3 Upgrade Patch 4
- [ GLSA 200611-06 ] OpenSSH: Multiple Denial of Service vulnerabilities
- SinFP 2.04 release, works under Windows
- Re: [ GLSA 200611-03 ] NVIDIA binary graphics driver: Privilege escalation vulnerability
- iDefense Security Advisory 11.09.06: Citrix Presentation Server 4.0
- [ GLSA 200611-08 ] RPM: Buffer overflow
- VMSA-2006-0007 - VMware ESX Server 2.1.3 Upgrade Patch 2
- New Bug MiniBB Forum <= 2 Remote File Include (index.php)
- VMSA-2006-0005 - VMware ESX Server 2.5.4 Upgrade Patch 1
- Online Event Registration <= v2.0 (save_profile.asp) Remote User
- VMSA-2006-0009 - VMware ESX Server 3.0.0 AMD fxsave/restore issue
- VMSA-2006-0008 - VMware ESX Server 2.0.2 Upgrade Patch 2
- [ GLSA 200611-07 ] GraphicsMagick: PALM and DCM buffer overflows
- Re: Wordpress File Inclusion
- Re: GNU gv Stack Overflow Vulnerability
- [SECURITY] [DSA 1210-1] New Mozilla Firefox packages fix several vulnerabilities
- Real Estate Listing System SQL Injection
- ASPintranet SQL Injection
- SiteXpress SQL Injection
- WWWeb Cocepts SQL Injection
- Ustore SQL Injection
- eShopping SQL Injection
- ECommerce Store Shop Builder
- Engine Manager SQL Injection
- Advisory 14/2006: Dotdeb PHP Email Header Injection Vulnerability
- BPG Content Management System SQL Injection
- Apple Safari "match" Buffer Overflow Vulnerability
- Re: [ GLSA 200611-03 ] NVIDIA binary graphics driver: Privilege
- Re: [ GLSA 200611-03 ] NVIDIA binary graphics driver: Privilege escalation vulnerability
- Inventory Manager [injection sql & xss (get)]
- Evolve Merchant[ injection sql ]
- Re: New Bug MiniBB Forum <= 2 Remote File Include (index.php)
- FunkyASP Glossary v1.0 [injection sql]
- Blogme v3 [admin login bypass & xss (post)]
- Property Site Manager [login bypass ,multiples injection sql &
- [Fwd: DMA[2006-1031a] - 'Intego VirusBarrier X4 definition bypass
- Re: [Full-disclosure] ZDI-06-040: WinZip FileView ActiveX Control Unsafe Method Exposure Vulnerability
- [Fwd: OpenBase SQL multiple vulnerabilities Part Deux]
- EEYE: Workstation Service NetpManageIPCConnect Buffer Overflow
- ZDI-06-040: WinZip FileView ActiveX Control Unsafe Method Exposure
- ZDI-06-041: Microsoft Internet Explorer CSS Float Property Memory
- A+ Store E-Commerce[ injection sql & xss (post) ]
- A-Cart pro[ injection sql (post&get)]
- hpecs shopping cart[login bypass & injection sql (post)]
- Car Site Manager [injection sql & xss (get)]
- Dragon calendar [ login bypass & injection sql ]
- [SECURITY] [DSA 1211-1] New pdns packages fix arbitrary code execution
- MultiCalendars [ multiples injection sql ]
- NetBSD all versions FireWire IOCTL kernel integer overflow information disclousure
- [OpenPKG-SA-2006.034] OpenPKG Security Advisory (texinfo)
- DragonFlyBSD all versions FireWire IOCTL kernel integer overflow information disclousure
- TrustedBSD* all versions FireWire IOCTL kernel integer overflow information disclousure
- TSLSA-2006-0063 - multi
- [ MDKSA-2006:207 ] - Updated bind packages fixes RSA signature verification vulnerability
- [SECURITY] [DSA 1212-1] New openssh packages fix denial of service
- E-Calendar Pro 3.0 [ login bypass & injection sql (post)]
- Outpost Multiple insufficient argument validation of hooked SSDT
- Helm Cross-Site Scripting (XSS)
- FreeBSD all versions FireWire IOCTL kernel integer overflow information disclousure
- [ MDKSA-2006:208 ] - Updated openldap packages fixes Bind vulnerability
- Bloo => 1.00 Cross Site Scripting
- E-commerce Kit 1 PayPal Edition [ injection sql ]
- MetaCart e-Shop [multiples injection sql (get & post)]
- Xtreme ASP Photo Gallery Cross Site Scripting And SQL Injection
- discloser => 0.0.4 Remote File Include Vulnerabilities
- Hot Links download backup authorized vulnerabilities
- PhpMyAdmin all version [multiples vulnerability]
- OdysseusBlog => 1.0.0 Cross Site Scripting
- Bloo => 1.00 Remote File Include Vulnerability
- [MajorSecurity Advisory #34]Plesk 8 - Multiple Cross Site
- Team Evil - Incident #2
- Chetcpasswd 2.x: multiple vulnerabilities
- Secunia Research: MDaemon Insecure Default Directory Permissions
- Re: Apple Safari "match" Buffer Overflow Vulnerability
- dev_wms => 1.5 Remote File Include Vulnerabilities
- discloser => 0.0.4 Remote File Include Vulnerability Exploit
- Etomite CMS 0.6.1.2 Multiple Vulnerabilities ( Sql Injection + Local
- Re: Advisory 14/2006: Dotdeb PHP Email Header Injection Vulnerability
- eShopping Cart [injection sql]
- Whitepaper: Implementing and Detecting a PCI Rootkit
- Vulnerabilities in Client Service for NetWare
- CandyPress Store[ multiples injection sql ]
- BaalAsp forum [login bypass ,injections sql(post), xss(post)]
- ZDI-06-042: Verity Ultraseek Request Proxying Vulnerability
- Helm Cross Site Scripting
- Myphotos => Remote File Include Vulnerability Exploit
- i-Gallery 3.4 Cross Site Scripting
- Sphpblog => 0.8 Cross Site Scripting
- BlogTorrent-preview => 0.92 Cross Site Scripting
- Comdev One Admin Pro.v4.1 ( path[skin] ) Remote File include
- ASP Cart [multiples injection sql (post & get)]
- worksystem => Remote File Include Vulnerability Exploit
- Re: FreeBSD all versions FireWire IOCTL kernel integer overflow
- Hot Links download backup authorized vulnerabilities (re-post
- eggblog=> 3.1.0 Cross Site Scripting
- Secunia Research: Panda ActiveScan Multiple Vulnerabilities
- RE: VBulletin DoS Exploit [ all Versions ]
- UK Security Convention - Continuity 2006
- Links smbclient command execution
- rPSA-2006-0211-1 libpng
- Image gallery with Access Database SQL Injection
- My-BIC => 0.6.5 Remote File Include Vulnerability Exploit
- ASPintranet SQL Injection
- blogcms => 4.0.0 Remote File Include
- RED Blog => Remote File Include Vulnerability Exploit
- Storystream => 4.0 Remote File Include Vulnerability Exploit
- Pilot Cart V.7.2 [ injection sql (post) ]
- [ MDKSA-2006:209 ] - Updated libpng packages fix vulnerabilities
- Kerio WebSTAR local privilege escalation
- [ MDKSA-2006:211 ] - Updated pxelinux packages to fix embedded libpng vulnerabilities
- [ MDKSA-2006:210 ] - Updated syslinux packages to fix embedded libpng vulnerabilities
- [OpenPKG-SA-2006.035] OpenPKG Security Advisory (proftpd)
- Active News Manager [ injection sql (post&get)]
- [ MDKSA-2006:212 ] - Updated doxygen packages to fix embedded libpng vulnerabilities
- [ MDKSA-2006:213 ] - Updated chromium packages to fix embedded libpng vulnerabilities
- [OpenPKG-SA-2006.036] OpenPKG Security Advisory (png)
- [USN-383-1] libpng vulnerability
- [security bulletin] HPSBMA02088 SSRT051026 rev. 2 - HP-UX running WBEM Services Denial of Service (DoS)
- [ GLSA 200611-09 ] libpng: Denial of Service
- TSLSA-2006-0065 - libpng
- [ GLSA 200611-10 ] WordPress: Multiple vulnerabilities
- Re: Etomite CMS 0.6.1.2 Multiple Vulnerabilities ( Sql Injection
- [Aria-Security] CPanel Network Tools Cross Site Scripting [Advisory]
- 20/20 auto gallery [ multiples injection sql ]
- 20/20 real estate [ multiples injection sql ]
- TFTPD32 v3.01 TFTP Server Long File Name Buffer Overflow
- [Reversemode advisory] Computer Associates HIPS Drivers - multiple
- Sphpblog => 0.8 Remote File Include Vulnerabilities
- Aspmforum [ multiples injection sql (get&post)]
- igital Armaments November-Decemberr Hacking Challenge: KERNEL Remote
- 20/20 datashed [ multiples injection sql ]
- XSS vBulletin 3.6.X Admin Control Painel
- MosReporter Joomla Component Remote File Inclusion Exploi
- Dating Site [ login bypass & xss]
- Re: blogcms => 4.0.0 Remote File Include
- Re: Airmagnet management interfaces multiple vulnerabilities
- Infinitytechs Restaurants CM
- [ MDKSA-2006:214 ] - Updated gv packages fix buffer overflow vulnerability
- Re: dev_wms => 1.5 Remote File Include Vulnerabilities
- ehomes [multiples injections sql]
- Serious crypto problem fixed by envelope HMAC method insteadof currently used prefix
- Rialto 1.6[admin login bypass & multiples injections sql]
- PhpQuickGallery <= 1.9 Remote File Inclusion Exploit
- gNews Publisher SQL Injection Vulnerabilites
- RE: FreeBSD all versions FireWire IOCTL kernel integer overflow information disclousure
- Shopping_Catalog Remote File Include exploit
- dicshunary 0.1 alpha Remote File Inclusion Exploit
- DodosMail <= 2.0.1(dodosmail.php) Remote File Inclusion Exploit
- klf-realty [injection sql]
- enomphp => 4.0 Remote Traversal Directory
- iPrimal Forums (index.php) Remote File Include Exploit
- mg.applanix <= 1.3.1 Remote File Include Exploit
- mxBB calsnails module 1.06 Remote File Inclusion Exploit
- Telaen => 1.1.0 Remote File Include Vulnerability
- [SECURITY] [DSA 1214-1] New gv packages fix arbitrary code execution
- [ MDKSA-2006:217 ] - Updated proftpd packages fix vulnerabilities
- LoudMouth => 2.4 Remote File Include Vulnerabilities
- The Week of Oracle Database Bugs
- [ GLSA 200611-13 ] Avahi: "netlink" message vulnerability
- [SECURITY] [DSA 1217-1] New linux-ftpd packages fix access control bypass
- [ GLSA 200611-12 ] Ruby: Denial of Service vulnerability
- Re: Serious crypto problem fixed by envelope HMAC method insteadof currently used prefix
- MyAlbum <= 3.02 (langs_dir) Remote File Inclusion Exploit
- [ GLSA 200611-14 ] TORQUE: Insecure temproary file creation
- [SECURITY] [DSA 1216-1] New flexbackup packages fix denial of service
- BirdBlog => v1.4.0 Cross Site Scripting
- [ MDKSA-2006:215 ] - Updated avahi packages fix netlink vulnerability
- Wabbit PHP Gallery => 0.9 Remote Traversal Directory
- [SECURITY] [DSA 1215-1] New xine-lib packages fix execution of arbitrary code
- mAlbum v0.3 Multiple vulnerabilitizzz
- my little weblog => Cross Site Scripting
- [ GLSA 200611-11 ] TikiWiki: Multiple vulnerabilities
- Classified System [injection sql]
- Correction: Re: Serious crypto problem fixed by envelope HMAC method insteadof currently used prefix
- Re: GPhotos 1.5 Multiple vulnerabilities
- ltwCalendar => 4.2.1 Remote File Include Vulnerabilities
- [SECURITY] [DSA 1207-2] New phpmyadmin packages fix regression