Security - Ravens PHP Scripts

Ravens PHP Scripts: Security

The Classified Ad System default.asp Cross-Site Scripting and SQL Injection

Posted on Friday, December 08, 2006 @ 22:40:12 CST in Security
by Raven

SECUNIA ADVISORY ID: SA23289

VERIFY ADVISORY: http://secunia.com/advisories/23289/

CRITICAL: Moderately critical

IMPACT: Cross Site Scripting, Manipulation of data

SOFTWARE: The Classified Ad System - http://secunia.com/product/12857/

DESCRIPTION: Laurent Gaffié and Benjamin Mossé have reported some vulnerabilities in The Classifieds Ad System, which can be exploited by malicious people conduct SQL injection and cross-site scripting vulnerabilities. Read More...

Windows Media Player ASX Playlist Buffer Overflow Vulnerability

Posted on Friday, December 08, 2006 @ 07:01:58 CST in Security
by Raven

SECUNIA ADVISORY ID: SA22971

VERIFY ADVISORY: http://secunia.com/advisories/22971/

CRITICAL: Highly critical

IMPACT: DoS, System access

SOFTWARE: Microsoft Windows Media Player 10.x - http://secunia.com/product/4208/

DESCRIPTION: sehato has reported a vulnerability in Windows Media Player, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a user's system. Read More...

AOL CDDBControl ActiveX Control SetClientInfo() Buffer Overflow

Posted on Friday, December 08, 2006 @ 07:00:32 CST in Security
by Raven

SECUNIA ADVISORY ID: SA23043

VERIFY ADVISORY: http://secunia.com/advisories/23043/

CRITICAL: Highly critical

IMPACT: System access

SOFTWARE:
AOL 9.x - http://secunia.com/product/6840/
AOL 8.x - http://secunia.com/product/6839/
AOL 7.x - http://secunia.com/product/585/

DESCRIPTION: Secunia Research has discovered a vulnerability in AOL, which can be exploited by malicious people to compromise a user's system. Read More...

Joomla JCE Admin Component Multiple Vulnerabilities

Posted on Friday, December 08, 2006 @ 06:58:17 CST in Security
by Raven

SECUNIA ADVISORY ID: SA23160

VERIFY ADVISORY: http://secunia.com/advisories/23160/

CRITICAL: Moderately critical

IMPACT: Cross Site Scripting, Exposure of sensitive information

SOFTWARE: JCE Admin Component 1.x (component for Joomla) - http://secunia.com/product/12839/

DESCRIPTION: Gummiente has discovered some vulnerabilities in the JCE Admin component for Joomla, which can be exploited by malicious people to conduct cross-site scripting attacks and disclose sensitive information. Read More...

phpBB privmsg.php Cross-Site Request Forgery and Cross-Site Scripting

Posted on Friday, December 08, 2006 @ 06:56:39 CST in Security
by Raven

SECUNIA ADVISORY ID: SA23283

VERIFY ADVISORY: http://secunia.com/advisories/23283/

CRITICAL: Less critical

IMPACT: Cross Site Scripting

SOFTWARE: phpBB 2.x - http://secunia.com/product/463/

DESCRIPTION: Some vulnerabilities have been discovered in phpBB, which can be exploited by malicious people to conduct cross-site request forgery attacks and cross-site scripting attacks. Read More...

DenyHosts hosts.deny Denial of Service

Posted on Wednesday, December 06, 2006 @ 23:41:26 CST in Security
by Raven

SECUNIA ADVISORY ID: SA23236

VERIFY ADVISORY: http://secunia.com/advisories/23236/

CRITICAL: Moderately critical

IMPACT: DoS

SOFTWARE: DenyHosts 2.x - http://secunia.com/product/12830/

DESCRIPTION: Tavis Ormandy has discovered a vulnerability in DenyHosts, which can be exploited by malicious people to cause a DoS (Denial of Service). Read More...

The Classified Ad System default.asp Cross-Site Scripting and SQL Injection

Windows Media Player ASX Playlist Buffer Overflow Vulnerability

AOL CDDBControl ActiveX Control SetClientInfo() Buffer Overflow

Joomla JCE Admin Component Multiple Vulnerabilities

phpBB privmsg.php Cross-Site Request Forgery and Cross-Site Scripting

DenyHosts hosts.deny Denial of Service

Site Info

Site Navigation

Partners

Recommended Sites

Old Articles

The Classified Ad System default.asp Cross-Site Scripting and SQL Injection

Windows Media Player ASX Playlist Buffer Overflow Vulnerability

AOL CDDBControl ActiveX Control *SetClientInfo()* Buffer Overflow

Joomla JCE Admin Component Multiple Vulnerabilities

phpBB privmsg.php Cross-Site Request Forgery and Cross-Site Scripting

DenyHosts *hosts.deny* Denial of Service

Site Info

Site Navigation

Partners

Recommended Sites

Old Articles

AOL CDDBControl ActiveX Control SetClientInfo() Buffer Overflow

DenyHosts hosts.deny Denial of Service