| Subject | Author | Date |
| Mambo com_Musica "id" Remote SQL Injection | no-reply_at_nospam | |
| [ MDVSA-2008:056 ] - Updated gnumeric packages fix vulnerability | security_at_nospam | |
| [USN-582-1] Thunderbird vulnerabilities | Jamie Strandboge | |
| rPSA-2008-0094-1 kernel | rPath Update Announcements | |
| rPSA-2008-0093-1 thunderbird | rPath Update Announcements | |
| Release: Pass-The-Hash toolkit v1.3 | Hernan Ochoa | |
| rPSA-2008-0092-1 tshark wireshark | rPath Update Announcements | |
| rPSA-2008-0091-1 cups | rPath Update Announcements | |
| netOffice Dwins 1.3 Remote code execution. | db_at_nospam | |
| [ MDVSA-2008:055 ] - Updated ghostscript packages fix arbitrary code execution vulnerability | security_at_nospam | |
| Centreon <= 1.4.2.3 (index.php) Remote File Disclosure | sys-project_at_nospam | |
| Re: Loginwindow.app and Mac OS X | Matt Johnston | |
| Ghostscript buffer overflow | Chris Evans | |
| PHPMyTourney Remote file include Vulnerability | security_at_nospam | |
| Re: Loginwindow.app and Mac OS X | Jacob Appelbaum | |
| Re: Loginwindow.app and Mac OS X | oc photon | |
| Beehive/SendFile.NET - Secure File Transfer Appliance Hardcoded Credentials | brad.antoniewicz_at_nospam | |
| [ MDVSA-2008:054 ] - Updated dbus packages fix vulnerability | security_at_nospam | |
| rPSA-2008-0082-1 espgs | rPath Update Announcements | |
| Loginwindow.app and Mac OS X | Jacob Appelbaum | |
| rPSA-2008-0088-1 am-utils | rPath Update Announcements | |
| rPSA-2008-0086-1 pcre | rPath Update Announcements | |
| rPSA-2008-0084-1 lighttpd | rPath Update Announcements | |
| XSS on XRMS- open source CRM | vijayv_at_nospam | |
| Re: 123 Flash Chat Module for phpBB | f10_at_nospam | |
| RE: Buffer-overflow in the passwords handling of Trend Micro OfficeScan 8.0 and possibly other products | Raymond_Villafania_at_nospam | |
| PR07-41: XSS on Juniper Networks Secure Access 2000 | ProCheckUp Research | |
| PR07-42: Webroot disclosure on Juniper Networks Secure Access 2000 | ProCheckUp Research | |
| PHP-Nuke My_eGallery "gid" Remote SQL Injection | no-reply_at_nospam | |
| 123 Flash Chat Module for phpBB | f10_at_nospam | |
| Urulu 2.1 Blind SQL Injection Vulnerability (CVE-2008-0385) | Daniel Roethlisberger | |
| security and aluminum foil hats | Pete Herzog | |
| [ MDVSA-2008:053 ] - Updated pcre packages fix vulnerability | security_at_nospam | |
| [ MDVSA-2008:052 ] - Updated cacti packages fix multiple vulnerabilities | security_at_nospam | |
| Buffer-overflow in the passwords handling of Trend Micro OfficeScan 8.0 and possibly other products | Luigi Auriemma | |
| Re: Mambo 4.6.3 Path Disclosure, XSS , XSRF, DOS | jamboomla_at_nospam | |
| CFP - ekoparty 4th edition | ekoparty | |
| iDefense Security Advisory 02.26.08: Mozilla Thunderbird MIME External-Body Heap Overflow Vulnerability | iDefense Labs | |
| [SECURITY] [DSA 1510-1] New ghostscript packages fix arbitrary code execution | Thijs Kinkhorst | |
| iDefense Security Advisory 02.26.08: Symantec Scan Engine 5.1.2 RAR File Buffer Overflow Vulnerability | iDefense Labs | |
| iDefense Security Advisory 02.26.08: Symantec Scan Engine 5.1.2 RAR File Denial of Service Vulnerability | iDefense Labs | |
| [ MDVSA-2008:051 ] - Updated cups packages fix vulnerabilities | security_at_nospam | |
| [ GLSA 200802-11 ] Asterisk: Multiple vulnerabilities | Pierre-Yves Rofes | |
| Re: Re: Nortel IP Phone DoS | sipherr_at_nospam | |
| [ GLSA 200802-12 ] xine-lib: User-assisted execution of arbitrary code | Robert Buchholz | |
| [ MDVSA-2008:050 ] - Updated cups packages fix multiple vulnerabilities | security_at_nospam | |
| Re: Nortel IP Phone DoS | amarkov_at_nospam | |
| SandMan 1.0.080226 is out! | Matthieu Suiche | |
| Bypassing OfficeScan Trend Micro AV | Danux | |
| [SECURITY] [DSA 1509-1] New koffice packages fix multiple vulnerabilities | Noah Meyerhans | |
| php-nuke sql injection reportaj [secid] | lovebug_at_nospam | |
| Nortel IP Phone DoS | sipherr_at_nospam | |
| NULL pointer in SurgeFTP 2.3a2 | Luigi Auriemma | |
| Re: Powered by Pagetool Ver (1.04-05-06-07) | packet_at_nospam | |
| Format string and buffer-overflow in SurgeMail 38k4 | Luigi Auriemma | |
| [SECURITY] [DSA 1508-1] New diatheke packages fix arbirary shell command execution | Thijs Kinkhorst | |
| Powered by Pagetool Ver (1.04-05-06-07) | turkish-warrorr_at_nospam | |
| Wordpress Plugin Sniplets 1.1.2 Multiple Vulnerabilities | nbbn_at_nospam | |
| Aria-Security.Net: Joomla Com_publication "pid" Remote SQL Injection | No-Reply_at_nospam | |
| Php Nuke "Sell" module SQL Injection ("cid") | no-reply_at_nospam | |
| [ GLSA 200802-10 ] Python: PCRE Integer overflow | Robert Buchholz | |
| S21SEC-040-en: Infinite invalid authentication attempts possible in BEA WebLogic Server | S21sec labs | |
| Packeteer Products File Listing XSS | nnposter_at_nospam | |
| [SECURITY] [DSA 1506-1] New iceape packages fix several vulnerabilities | Moritz Muehlenhoff | |
| [SECURITY] [DSA 1507-1] New turba2 packages fix permission testing | Steve Kemp | |
| Alkacon OpenCms tree_files.jsp resource XSS | nnposter_at_nospam | |
| Pigyard Art Gallery Multiple SQL Injection | No-Reply_at_nospam | |
| Softbiz jokes and funny pictures (index.php) sql injection | Hamza Almersoumi | |
| [ MDVSA-2008:049 ] - Updated nss_ldap package fixes race condition allowing user data theft | security_at_nospam | |
| Joomla com_inter "id" Remote SQL Injection | no-reply_at_nospam | |
| Joomla Com_blog "pid" Remote SQL Injection | no-reply_at_nospam | |
| joomla com_simpleshop SQL Injection(section) # | hackturkiye.hackturkiye_at_nospam | |
| Re: Re: SQL-injection, XSS in OSSIM (Open Source Security Information Management) | dcid_at_nospam | |
| joomla com_wines SQL Injection(id) | hackturkiye.hackturkiye_at_nospam | |
| joomla com_garyscookbook SQL Injection(id) | hackturkiye.hackturkiye_at_nospam | |
| Joomla com_stat "id" Remote SQL Injection | no-reply_at_nospam | |
| phpechocms v 2.0 rc3 RFI | beenudel1986_at_nospam | |
| php-nuke Quran SQL Injection(surano) | hackturkiye.hackturkiye_at_nospam | |
| CastleCops Six Years Old | Paul Laudanski | |
| aura cms lihatberita SQL Injection(id) | hackturkiye.hackturkiye_at_nospam | |
| php nuke Sections SQL Injection(print) | hackturkiye.hackturkiye_at_nospam | |
| php-nuke Kuran SQL Injection(surano) | hackturkiye.hackturkiye_at_nospam | |
| php nuke gallery SQL Injection(aid) | hackturkiye.hackturkiye_at_nospam | |
| php-nuke Recipes SQL Injection(recipeid) | hackturkiye.hackturkiye_at_nospam | |
| [ MDVSA-2008:048 ] - Updated Firefox packages fix multiple vulnerabilities | security_at_nospam | |
| joomla com_hello_world SQL Injection(id) | hackturkiye.hackturkiye_at_nospam | |
| joomla com_product SQL Injection(catid) | hackturkiye.hackturkiye_at_nospam | |
| [Aria-Security.Net] BestWebApp Dating System SQL Injection | no-reply_at_nospam | |
| [SECURITY] [DSA 1505-1] New alsa-driver packages fix kernel memory leak | dann frazier | |
| [SECURITY] [DSA 1504-1] New Linux kernel 2.6.8 packages fix several issues | dann frazier | |
| Multiple vulnerabilities in Double-Take 5.0.0.2865 | Luigi Auriemma | |
| [SECURITY] [DSA 1503-1] New Linux kernel 2.4.27 packages fix several issues | dann frazier | |
| [security bulletin] HPSBGN02298 SSRT071502 rev.3 - HP Notebook PC Quick Launch Button (QLB) Software Running on Windows, Remote Execution of Arbitrary Code, Gain Privileged Access | security-alert_at_nospam | |
| Tool release: extract Windows credentials from registry hives | Brendan Dolan-Gavitt | |
| IBM Quickr 8 Calendar Xss Injection (Bypass Quickr 8.0 Xss Filter) | goldshlager19_at_nospam | |
| Re: SQL-injection, XSS in OSSIM (Open Source Security Information Management) | Dominique Karg | |
| Certification for Web Application Security Professionals | Anurag Agarwal | |
| [USN-581-1] PCRE vulnerability | Kees Cook | |
| [SECURITY] [DSA 1502-1] New wordpress packages fix multiple vulnerabilities | Noah Meyerhans | |
| EDLGraph 1.0 | subere_at_nospam | |
| Cold Boot Attacks on Disk Encryption | Jacob Appelbaum | |
| [ GLSA 200802-09 ] ClamAV: Multiple vulnerabilities | Pierre-Yves Rofes | |
| [SECURITY] [DSA 1501-1] New dspam packages fix information disclosure | Thijs Kinkhorst | |
| Academic Computer Security Conference | Jon R. Kibler | |
| [SECURITY] [DSA 1500-1] New splitvt packages fix privilege escalation | Steve Kemp | |
| joomla SQL Injection(com_cms) | hackturkiye.hackturkiye_at_nospam | |
| joomla SQL Injection(com_asortyment)katid | hackturkiye.hackturkiye_at_nospam | |
| XOOPS Module prayerlist SQL Injection(cid) | hackturkiye.hackturkiye_at_nospam | |
| VMSA-2008-0003 Moderate: Updated aacraid driver and samba and python service console updates | VMware Security team | |
| aeries browser interface(ABI) 3.8.2.8 Remote SQL Injection | admin_at_nospam | |
| joomla SQL Injection(com_most)secid | hackturkiye.hackturkiye_at_nospam | |
| PHP-Nuke Module Downloads SQL Injection(sid) | hackturkiye.hackturkiye_at_nospam | |
| joomla SQL Injection(com_mygallery) | hackturkiye.hackturkiye_at_nospam | |
| PHP-Nuke Module Dossiers Injection(did) | hackturkiye.hackturkiye_at_nospam | |
| PHP-Nuke genaral print SQL Injection(id) | hackturkiye.hackturkiye_at_nospam | |
| XOOPS Module tinyevent-print SQL Injection(id) | hackturkiye.hackturkiye_at_nospam | |
| Announce: RFIDIOt credit card sub-module: ChAP.py | Adam Laurie | |
| SQL-injection, XSS in OSSIM (Open Source Security Information Management) | marcin.kopec_at_nospam | |
| PHP-Nuke Siir SQL Injection(id) | hackturkiye.hackturkiye_at_nospam | |
| Re: iDefense Security Advisory 02.19.08: EMC RepliStor Multiple Heap Overflow Vulnerabilities | iDefense Labs | |
| joomla SQL Injection(com_idvnews) | hackturkiye.hackturkiye_at_nospam | |
| PHP-Nuke Module BenchmarkNewsInjection(sid) | hackturkiye.hackturkiye_at_nospam | |
| joomla SQL Injection(com_joomlavvz) | hackturkiye.hackturkiye_at_nospam | |
| CFP: Workshop on Open Source Software for Computer and Network Forensics | Stefano Zanero | |
| joomla SQL Injection(com_referenzen) | hackturkiye.hackturkiye_at_nospam | |
| PHP-Nuke Module Classifieds SQL Injection(Details) | hackturkiye.hackturkiye_at_nospam | |
| [USN-580-1] libcdio vulnerability | Jamie Strandboge | |
| joomla SQL Injection(com_asortyment)katid | hackturkiye.hackturkiye_at_nospam | |
| aeries browser interface(ABI) 3.7.2.2 Remote SQL Injection | admin_at_nospam | |
| iDefense Security Advisory 02.20.08: Symantec Veritas Storage Foundation Scheduler Service DoS Vulnerability | iDefense Labs | |
| ZyXEL Gateways Vulnerability Research: http://www.procheckup.com/Hacking_ZyXEL_Gateways.pdf | ProCheckUp Research | |
| [ MDVSA-2008:046-1 ] - Updated xine-lib package fixes arbitrary code execution vulnerability | security_at_nospam | |
| aeries browser interface(ABI) 3.8.2.8 XSS | admin_at_nospam | |
| [security bulletin] HPSBST02314 SSRT080016 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-003 to MS08-013 | security-alert_at_nospam | |
| ZDI-08-007: Symantec VERITAS Storage Foundation Administrator Service Heap Overflow Vulnerability | zdi-disclosures_at_nospam | |
| [USN-579-1] Qt vulnerability | Jamie Strandboge | |
| Heap overflow in Sybase MobiLink 10.0.1.3629 | Luigi Auriemma | |
| Advisory SE-2008-01: PunBB Blind Password Recovery Vulnerability | Stefan Esser | |
| iDefense Security Advisory 02.19.08: EMC RepliStor Multiple Heap Overflow Vulnerabilities | iDefense Labs | |
| Xoops-2.0.16 Remote File Inclusion | f10_at_nospam | |
| Web Hacking Incidents Database Update for Feb 20th | Ofer Shezaf | |
| [security bulletin] HPSBTU02311 SSRT080001 rev.1 - HP Tru64 UNIX running Perl, Remote Execution of Arbitrary Code | security-alert_at_nospam | |
| [SECURITY] [DSA 1499-1] New pcre3 packages fix arbitrary code execution | Florian Weimer | |
| Access violation and limited informations disclosure in webcamXP 3.72.440.0 | Luigi Auriemma | |
| Two heap overflow in Foxit WAC Server 2.0 Build 3503 | Luigi Auriemma | |
| Multiple buffer-overflow in NowSMS v2007.06.27 | Luigi Auriemma | |
| NULL pointer crash in freeSSHd 1.20 | Luigi Auriemma | |
| [ MDVSA-2007:047 ] - Updated Thunderbird packages fix multiple vulnerabilities | security_at_nospam | |
| PHP-Nuke Module Web_Links SQL Injection(cid) | hackturkiye.hackturkiye_at_nospam | |
| XOOPS Module eEmpregos SQL Injection(cid) | hackturkiye.hackturkiye_at_nospam | |
| [SECURITY] [DSA 1498-1] New libimager-perl packages fix arbitrary code execution | Steve Kemp | |
| XOOPS Module classifieds SQL Injection(cid) | hackturkiye.hackturkiye_at_nospam | |
| Re: CSA-L03: Linux kernel vmsplice unchecked user-pointer dereference | si0uxsecurity_at_nospam | |
| joomla SQL Injection(com_magazine) | hackturkiye.hackturkiye_at_nospam | |
| XOOPS Module seminars SQL Injection | hackturkiye.hackturkiye_at_nospam | |
| joomla SQL Injection(com_foevpartners) | hackturkiye.hackturkiye_at_nospam | |
| XOOPS Module events SQL Injection | hackturkiye.hackturkiye_at_nospam | |
| XOOPS Module badliege SQL Injection | hackturkiye.hackturkiye_at_nospam | |
| XOOPS Module vacatures SQL Injection | hackturkiye.hackturkiye_at_nospam | |
| PR06-12: XSS on BEA Plumtree Foundation and AquaLogic Interaction portals | ProCheckUp Research | |
| WoltLab Burning Board 3.0.3 PL1 SQL-Injection Vulnerability | nbbn_at_nospam | |
| SYMSA-2008-001: Lyris ListManager - Multiple Vulnerabilities | research_at_nospam | |
| joomla SQL Injection(com_genealogy) | hackturkiye.hackturkiye_at_nospam | |
| joomla SQL Injection(com_listoffreeads) | hackturkiye.hackturkiye_at_nospam | |
| PR08-01: Several XSS, a cross-domain redirect and a webroot disclosure on Spyce - Python Server Pages (PSP) | ProCheckUp Research | |
| joomla SQL Injection(com_facileforms) | hackturkiye.hackturkiye_at_nospam | |
| joomla SQL Injection(com_geoboerse) | hackturkiye.hackturkiye_at_nospam | |
| joomla SQL Injection(com_team | hackturkiye.hackturkiye_at_nospam | |
| joomla SQL Injection(com_iigcatalog) | hackturkiye.hackturkiye_at_nospam | |
| XOOPS Module myTopics-print SQL Injection(articleid) | hackturkiye.hackturkiye_at_nospam | |
| joomla SQL Injection(com_detail) | hackturkiye.hackturkiye_at_nospam | |
| joomla SQL Injection(com_formtool) | hackturkiye.hackturkiye_at_nospam | |
| XOOPS Module section SQL Injection(articleid) | hackturkiye.hackturkiye_at_nospam | |
| Re: etomite xss | dean_at_nospam | |
| Re: etomite xss | ralph_at_nospam | |
| (tip=sollinkicerik)SQL Injection Vulnerability | hackturkiye.hackturkiye_at_nospam | |
| [SECURITY] [DSA 1495-2] New nagios-plugins packages fix regression | Moritz Muehlenhoff | |
| ATutor <= 1.5.5 Cross Site Scripting | L4teral | |
| joomla SQL Injection (cat)(com_downloads) | hackturkiye.hackturkiye_at_nospam | |
| ProjectPier <= 0.80 Cross Site Scripting and Request Forgery | L4teral | |
| Wordpress Plugin (wp-people) SQL Injection | hackturkiye.hackturkiye_at_nospam | |
| Crafty Syntax Xss Vulnerability | Ozgur Ozdemircili | |
| joomla SQL Injection(com_ricette) | hackturkiye.hackturkiye_at_nospam | |
| Simple CMS <= 1.0.3 (indexen.php area) Remote SQL Injection Exploit | sys-project_at_nospam | |
| joomla SQL Injection(com_jooget) | hackturkiye.hackturkiye_at_nospam | |
| WordPress SQL Injection(wp-content-simple-forum) | hackturkiye.hackturkiye_at_nospam | |
| RunCMS 1.6.1 Multiple XSS and XSRF Vulnerabilties | nbbn_at_nospam | |
| joomla SQL Injection(com_galeria) | hackturkiye.hackturkiye_at_nospam | |
| joomla SQL Injection(com_filebase) | hackturkiye.hackturkiye_at_nospam | |
| lightblog 9.6 local file inclusion vulnerability | muuratsalo experimental hack lab | |
| joomla SQL Injection(com_detail) | hackturkiye.hackturkiye_at_nospam | |
| Wordpress Plugin (wp-content/recipe) SQL Injection | hackturkiye.hackturkiye_at_nospam | |
| joomla SQL Injection(com_profile) | hackturkiye.hackturkiye_at_nospam | |
| WordPress forumaction (PAGE_id)(user)SQL Injection | hackturkiye.hackturkiye_at_nospam | |
| joomla SQL Injection(com_emcompose) | hackturkiye.hackturkiye_at_nospam | |
| [SECURITY] [DSA 1497-1] New clamav packages fix several vulnerabilities | Moritz Muehlenhoff | |
| joomla SQL Injection(com_sg) | hackturkiye.hackturkiye_at_nospam | |
| joomla SQL Injection(com_filebase) | hackturkiye.hackturkiye_at_nospam | |
| joomla SQL Injection(com_lexikon) | hackturkiye.hackturkiye_at_nospam | |
| banpro-dms 1.0 local file inclusion vulnerability | muuratsalo experimental hack lab | |
| joomla SQL Injection( com_scheduling) | hackturkiye.hackturkiye_at_nospam | |
| joomla SQL Injection(com_salesrep) | hackturkiye.hackturkiye_at_nospam | |
| [HISPASEC] FireFox 2.0.0.11 and Opera 9.50 beta Remote Memory Information Leak, FireFox 2.0.0.11 Remote Denial of Service | Gynvael Coldwind | |
| Re: artmedic_weblog Cross Site Scriptting Vulnerbility | jyvaeskylae_at_nospam | |
| [ MDVSA-2008:046 ] - Updated xine-lib package fixes arbitrary code execution vulnerability | security_at_nospam | |
| rPSA-2008-0059-1 openldap openldap-clients openldap-servers | rPath Update Announcements | |
| Re: rPSA-2008-0052-1 kernel | gregory | |
| rPSA-2008-0056-1 mailman | rPath Update Announcements | |
| Simple Forum Version 1.7-1.9(pagename) | hackturkiye.hackturkiye_at_nospam | |
| Re: ACER Travelmate 600 and 800 series - Smartcard flawed Implementation | linke_z_at_nospam | |
| Re: Apache web server 2.2: htpasswd predictable salt weakness | Peter Watkins | |
| all version Wordpress FORUM S@L injection | hackturkiye.hackturkiye_at_nospam | |
| joomla faq SQL Injection | hackturkiye.hackturkiye_at_nospam | |
| joomla com_activities sql injection | hackturkiye.hackturkiye_at_nospam | |
| [ GLSA 200802-08 ] Boost: Denial of Service | Raphael Marichez | |
| Re: [Full-disclosure] rPSA-2008-0052-1 kernel | Tonnerre Lombard | |
| Ecommerce Websites from b1st.com SQL Injection | hackturkiye.hackturkiye_at_nospam | |
| joomla "com_smslist" sql injecton | hackturkiye.hackturkiye_at_nospam | |
| artmedic_weblog Cross Site Scriptting Vulnerbility | hadihadi_zedehal_2006_at_nospam | |
| [ MDVSA-2008:045 ] - Updated MPlayer packages fix a few vulnerabilities | security_at_nospam | |
| Re: Apache web server 2.2: htpasswd predictable salt weakness | 3APA3A | |
| Simple Forum Version 1.10-1.11 SQL Injection | hackturkiye.hackturkiye_at_nospam | |
| SellOwnHouse login SQL Injection | hackturkiye.hackturkiye_at_nospam | |
| Re: DOINGSOFT-2008-02-11-002 IP Diva VPN SSL many XSS attacks | rose-of-a_at_nospam | |
| Sami FTP Server 2.0.* Multiple Remote Vulnerabilities | securfrog_at_nospam | |
| Re: SECURITY ADVISORY - Level Platforms, Inc. Service Center Install Data HTTP Vulnerability | cmiyazaki_at_nospam | |
| [INFIGO-2008-02-13]: SOPHOS Email Security Appliance Cross Site Scripting Vulnerability | infocus | |
| Re: Philips VOIP841 Multiple Vulnerabilities | mattyg_at_nospam | |
| Re: Joomla 1.0.13 - 1.0.14 / (remote) PHP file inclusion possible if old configuration.php | manuel.no_spam.bruneau_at_nospam | |
| StatCounteX 3.0 & 3.1 Admin Vulnerability | Sekomirza_at_nospam | |
| UniversalFtp Server 1.0.44 Multiple Remote Denial of service | securfrog_at_nospam | |
| scribe 0.2 local file inclusion vulnerability | muuratsalo experimental hack lab | |
| DOINGSOFT-2008-02-11-002 IP Diva VPN SSL many XSS attacks | eagle | |
| Re: UniversalFtp Server 1.0.44 Multiple Remote Denial of service | securfrog_at_nospam | |
| PlutoStatus Locator v1.0pre (alpha) local file inclusion vulnerability | muuratsalo experimental hack lab | |
| DOINGSOFT-2008-02-11 - IPDiva VPN SSL Brute force attack | eagle | |
| Rosoft Media Player 4.1.8 Buffer Overflow ( .M3U) | securfrog_at_nospam | |
| FreeBSD Security Advisory FreeBSD-SA-08:04.ipsec | FreeBSD Security Advisories | |
| FreeBSD Security Advisory FreeBSD-SA-08:03.sendfile | FreeBSD Security Advisories | |
| Philips VOIP841 Multiple Vulnerabilities | luca.carettoni_at_nospam | |
| Joomla 1.0.13 - 1.0.14 / (remote) PHP file inclusion possible if old configuration.php | Hendrik Jan Verheij | |
| [USN-578-1] Linux kernel vulnerabilities | Jamie Strandboge | |
| Apache web server 2.2: htpasswd predictable salt weakness | Peter Watkins | |
| etomite xss | th3.r00k.nospam_at_nospam | |
| [ GLSA 200802-07 ] Pulseaudio: Privilege escalation | Pierre-Yves Rofes | |
| Re: Vwar New Bug | packet_at_nospam | |
| artmedic weblog multiple local file inclusion vulnerabilities | muuratsalo experimental hack lab | |
| ELFdump crash when analyzing crafted ELF file. | david.reguera_at_nospam | |
| JSPWiki Multiple Vulnerabilities | Trancer | |
| Search Unleashed 0.2.10 JavaScript injection (Wordpress plugin) | Krzysztof Burghardt | |
| rPSA-2008-0063-1 boost | rPath Update Announcements | |
| Cisco Security Advisory: Cisco Unified IP Phone Overflow and Denial of Service Vulnerabilities | Cisco Systems Product Security Incident Response Team | |
| Cisco Security Advisory: SQL injection in Cisco Unified Communications Manager | Cisco Systems Product Security Incident Response Team | |
| joomla "com_omnirealestate" S@L Injection | hackturkiye.hackturkiye_at_nospam | |
| joomla "com_model" | hackturkiye.hackturkiye_at_nospam | |
| joomla upload php code or picture (com_uhp) | hackturkiye.hackturkiye_at_nospam | |
| all forums.asp hack | hackturkiye.hackturkiye_at_nospam | |
| Provided By Development Solutions SQL Injection Exploit(panel) | hackturkiye.hackturkiye_at_nospam | |
| [security bulletin] HPSBUX02313 SSRT080015 rev.1 - HP-UX Running Apache, Remote Execution of Arbitrary Code | security-alert_at_nospam | |
| [security bulletin] HPSBMA02274 SSRT071445 rev.3 - HP System Management Homepage (SMH) for HP-UX, Remote Cross Site Scripting (XSS) | security-alert_at_nospam | |
| [security bulletin] HPSBUX02249 SSRT071442 rev.3 - HP-UX Running the Ignite-UX or the DynRootDisk (DRD) get_system_info Command, Local Unqualified Configuration Change | security-alert_at_nospam | |
| rPSA-2008-0061-1 SDL_image | rPath Update Announcements | |
| Netkom Internet Solutions (folder_id) Remote SQL Injection Vulnerability | crazy_kinq_at_nospam | |
| rPSA-2008-0054-1 tk | rPath Update Announcements | |
| [Reversemode Advisory] February Advisories : Microsoft Word 2003 + Fortinet Forticlient | Reversemode | |
| iDefense Security Advisory 02.12.08: Adobe Flash Media Server 2 Memory Corruption Vulnerability | iDefense Labs | |
| Vwar New Bug | p_s3rver_at_nospam | |
| Re: XSS on Obedit v3.03 | richard_at_nospam | |
| iDefense Security Advisory 02.12.08: Adobe Flash Media Server 2 Multiple Integer Overflow Vulnerabilities | iDefense Labs | |
| [SECURITY] [DSA 1494-2] New linux-2.6 packages fix privilege escalation | dann frazier | |
| QuickTime <= 7.4.1 QTPlugin.ocx Multiple Remote Stack Overflow | laurent.gaffie_at_nospam | |
| iDefense Security Advisory 02.12.08: Microsoft Office Works Converter Heap Overflow Vulnerability | iDefense Labs | |
| ZDI-08-006: Microsoft Internet Explorer SVG animateMotion.by Code Execution Vulnerability | zdi-disclosures_at_nospam | |
| SyScan'08 Call for Paper/Training | organiser_at_nospam | |
| Thanks to all, ExploitSearch in Top5 security must-have | Security Basic | |
| iDefense Security Advisory 02.12.08: Microsoft Office Works Converter Stack-based Buffer Overflow Vulnerability | iDefense Labs | |
| [SECURITY] [DSA 1496-1] New mplayer packages fix arbitrary code execution | Moritz Muehlenhoff | |
| iDefense Security Advisory 02.12.08: Microsoft Internet Explorer Property Memory Corruption Vulnerability | iDefense Labs | |
| [SECURITY] [DSA 1495-1] New nagios-plugins packages fix several vulnerabilities | Moritz Muehlenhoff | |
| Re: Directory traversal in SafeNet Sentinel Protection and Key Server 7.4.1.0 | Luigi Auriemma | |
| [ GLSA 200802-06 ] scponly: Multiple vulnerabilities | Pierre-Yves Rofes | |
| [ GLSA 200802-05 ] Gnumeric: User-assisted execution of arbitrary code | Pierre-Yves Rofes | |
| LI-countdown SQL Injection Vulnerability | sex_at_nospam | |
| Re: Directory traversal in SafeNet Sentinel Protection and Key Server 7.4.1.0 | jfvanmeter_at_nospam | |
| Re: Directory traversal in SafeNet Sentinel Protection and Key Server 7.4.1.0 | Luigi Auriemma | |
| Directory traversal and DoS in WinIPDS G52-33-021 | Luigi Auriemma | |
| Cacti 0.8.7a Multiple Vulnerabilities | s4tan | |
| Re: Directory traversal in SafeNet Sentinel Protection and Key Server 7.4.1.0 | Luigi Auriemma | |
| cacti -- Multiple security vulnerabilities have been discovered | Mario Sergio Candian | |
| FLEA-2008-0007-1 gd | Foresight Linux Essential Announcement Service | |
| artmedic weblog multiple xss vulnerabilities | muuratsalo experimental hack lab | |
| iDefense Security Advisory 02.12.08: ClamAV libclamav PE File Integer Overflow Vulnerability | iDefense Labs | |
| Unicode buffer-overflow in RPM Remote Print Manager 4.5.1.11 | Luigi Auriemma | |
| Re: Directory traversal in SafeNet Sentinel Protection and Key Server 7.4.1.0 | jfvanmeter_at_nospam | |
| rPSA-2008-0052-1 kernel | rPath Update Announcements | |
| gkrellweather | forensec_at_nospam | |
| ZDI-08-005: Novell Client NWSPOOL.DLL EnumPrinters Stack Overflow Vulnerability | zdi-disclosures_at_nospam | |
| [ MDVSA-2008:044 ] - Updated kernel packages fix multiple vulnerabilities and bugs | security_at_nospam | |
| FLEA-2008-0001-1 firefox | Foresight Linux Essential Announcement Service | |
| IOActive Security Advisory: Multiple Remote SiteScope Vulnerabilities | IOActive Advisories | |
| ZDI-08-004: Adobe AcrobatReader Javascript for PDF Integer Overflow Vulnerability | zdi-disclosures_at_nospam | |
| FLEA-2008-0005-1 e2fsprogs | Foresight Linux Essential Announcement Service | |
| Re: Directory traversal in SafeNet Sentinel Protection and Key Server 7.4.1.0 | jfvanmeter_at_nospam | |
| [ MDVSA-2008:043 ] - Updated kernel packages fix multiple vulnerabilities and bugs | security_at_nospam | |
| FLEA-2008-0004-1 rsync | Foresight Linux Essential Announcement Service | |
| joomll(k12.tr)(com_mezun)SQL Injection | hackturkiye.hackturkiye_at_nospam | |
| FLEA-2008-0003-1 nss_ldap | Foresight Linux Essential Announcement Service | |
| CSA-L03: Linux kernel vmsplice unchecked user-pointer dereference | Wojciech Purczynski | |
| Kommentare zum Download script SQL Injection | hackturkiye.hackturkiye_at_nospam | |
| FLEA-2008-0002-1 python | Foresight Linux Essential Announcement Service | |
| joomla (k12.tr)(com_iomezun)SQL Injection | hackturkiye.hackturkiye_at_nospam | |
| my little forum XSS | db_at_nospam | |
| FLEA-2008-0006-1 tetex tetex-dvips tetex-fonts | Foresight Linux Essential Announcement Service | |
| [ GLSA 200802-04 ] Gallery: Multiple vulnerabilities | Pierre-Yves Rofes | |
| IOActive Security Advisory: Legacy mod_jk2 Buffer Overflow | IOActive Advisories | |
| [ GLSA 200802-03 ] Horde IMP: Security bypass | Pierre-Yves Rofes | |
| Format string and buffer-overflow in Lst Network Print Server 9.4.2 build 105 | Luigi Auriemma | |
| Format string and DoS in Opium OPI and cyanPrintIP servers 4.10.x | Luigi Auriemma | |
| Directory traversal in SafeNet Sentinel Protection and Key Server 7.4.1.0 | Luigi Auriemma | |
| Multiple vulnerabilities in EztremeZ-IP File and Printer Server 5.1.2x15 | Luigi Auriemma | |
| ExtraOutlook 1.2 Released | Thor (Hammer of God) | |
| [SECURITY] [DSA 1494-1] New linux-2.6 packages fix privilege escalation | Florian Weimer | |
| aliboard Beta Upload Shell From ControlPanel | رومانسي هكر | |
| Mercury v1.1.5 Send Message Cross-Site Scripting | No-reply_at_nospam | |
| Simple Machines Forum "SMF Shoutbox" Mod Persistent XSS | enterth3dragon_at_nospam | |
| [SECURITY] [DSA 1493-1] New sdl-image1.2 packages fix arbitrary code execution | Moritz Muehlenhoff | |
| [SECURITY] [DSA 1490-1] New tk8.3 packages fix arbitrary code execution | Moritz Muehlenhoff | |
| [SECURITY] [DSA 1491-1] New tk8.4 packages fix arbitrary code execution | Moritz Muehlenhoff | |
| [SECURITY] [DSA 1492-1] New wml packages fix denial of service | Moritz Muehlenhoff | |
| [SECURITY] [DSA 1489-1] New iceweasel packages fix several vulnerabilities | Moritz Muehlenhoff | |
| [SECURITY] [DSA 1484-1] New xulrunner packages fix several vulnerabilities | Moritz Muehlenhoff | |
| [SECURITY] [DSA 1485-1] New icedove packages fix several vulnerabilities | Moritz Muehlenhoff | |
| Final CFP: EuroSec Workshop (March 31st, 2008) | Stefano Zanero | |
| hi | f10_at_nospam | |
| پيش گزيده Website Design Chat Software Remote Cross-Site Scripting | no-reply_at_nospam | |
| Default Multiple Joomla! Component com_rapidrecipe "user_id=" Remote SQL Inj. | staad1_at_nospam | |
| Vwar 1.5.0 | p_s3rver_at_nospam | |
| F5 BIG-IP Web Management Console CSRF (with example) | nnposter_at_nospam | |
| F5 BIG-IP Web Management Console CSRF | nnposter_at_nospam | |
| PKs Movie Database version 3.0.3 (SQL/XSS) | houssamix_at_nospam | |
| iDefense Security Advisory 02.08.08: Adobe Reader and Acrobat Multiple Stack-based Buffer Overflow Vulnerabilities | iDefense Labs | |
| iDefense Security Advisory 02.08.08: Adobe Reader Security Provider Unsafe Libary Path Vulnerability | iDefense Labs | |
| iDefense Security Advisory 02.08.08: Adobe Reader and Acrobat JavaScript Insecure Method Exposure Vulnerability | iDefense Labs | |
| Some interesting hashes | Open Phugu | |
| rPSA-2008-0051-1 firefox | rPath Update Announcements | |
| [SECURITY] [DSA 1488-1] New phpbb2 packages fix several vulnerabilities | Thijs Kinkhorst | |
| [SECURITY] CVE-2007-6286: Tomcat duplicate request processing vulnerability | Mark Thomas | |
| [SECURITY] CVE-2007-5333: Tomcat Cookie handling vulnerabilities | Mark Thomas | |
| CVE-2008-0002: Tomcat information disclosure vulnerability | Mark Thomas | |
| SECURITY ADVISORY - Level Platforms, Inc. Service Center Install Data HTTP Vulnerability | Brook Powers | |
| NULL byte writing in Emerald, RadiusNT/X and Air Marshal | Luigi Auriemma | |
| RE: ASUS Eee PC rooted out of the box | Bug traq | |
| Re: RE: ASUS Eee PC rooted out of the box | RISE Security | |
| rPSA-2008-0048-1 kernel | rPath Update Announcements | |
| jetAudio <= 7.0.5 (.ASX) Remote Stack Overflow | laurent.gaffie_at_nospam | |
| Re: Buffer Overflow Vulnerability in AxRUploadServer.dll, Activex Method (SetLogging) | david130490_at_nospam | |
| [SECURITY] [DSA 1487-1] New libexif packages fix several vulnerabilities | Moritz Muehlenhoff | |
| Buffer Overflow Vulnerability in AxRUploadServer.dll, Activex Method (SetLogging) | david130490_at_nospam | |
| [ MDVSA-2008:039 ] - Updated netpbm packages fix buffer overflow vulnerability | security_at_nospam | |
| ASUS Eee PC rooted out of the box | RISE Security | |
| Joomla <= v1.0.14-RC1(Index.php) Remote File Inclusion Exploit | alex_zooz_zooz_at_nospam | |
| [ MDVSA-2008:038 ] - Updated gd packages fix buffer overflow vulnerability | security_at_nospam | |
| Joovili <= v.2.1 (members_help.php) Remote File İnclude Vulnerability | crazy_kinq_at_nospam | |
| Blackboard (id) Remote SQL Injection | crazy_kinq_at_nospam | |
| Husrev Forums v2.0.1:PoWerBoard (tr) (id) Remote SQL Injection | crazy_kinq_at_nospam | |
| Adobe Reader/Acrobat Remote PDF Print Silently Vulnerability | cocoruder | |
| [ MDVSA-2008:042 ] - Updated Qt4 packages fix vulnerability in QSslSocket | security_at_nospam | |
| Web Hacking Incidenets Database 2007 annual Report is out | Ofer Shezaf | |
| [ MDVSA-2008:040 ] - Updated SDL_image packages fix vulnerabilities | security_at_nospam | |
| [USN-576-1] Firefox vulnerabilities | Jamie Strandboge | |
| [ MDVSA-2008:041 ] - Updated tk packages fix buffer overflow vulnerability | security_at_nospam | |
| iDefense Security Advisory 02.07.08: IBM DB2 Universal Database Administration Server Memory Corruption Vulnerability | iDefense Labs | |
| iDefense Security Advisory 02.07.08: IBM DB2 Universal Database db2pd Arbitrary Library Loading Vulnerability | iDefense Labs | |
| Multiple vulnerabilities in Ipswitch Instant Messaging 2.0.8.1 | Luigi Auriemma | |
| [ MDVSA-2008:037 ] - Updated libcdio packages fix DoS vulnerability | security_at_nospam | |
| Checkpoint SecuRemote/Secure Client NGX Auto Local Logon Vulnerability | Michael Neal Vasquez | |
| Re: Logs visualization in WS_FTP Server Manager 6.1.0.0 | Steve Shockley | |
| mini-pub 0.3 multiple vulnerabilities | muuratsalo experimental hack lab | |
| [security bulletin] HPSBMA02309 SSRT080013 rev.1 - HP Select Identity Software, Remote Unauthorized Access | security-alert_at_nospam | |
| RE: A paper by Amit Klein (Trusteer): "OpenBSD DNS Cache Poisoning and Multiple O/S Predictable IP ID Vulnerability" | Amit Klein | |
| [ GLSA 200802-01 ] SDL_image: Two buffer overflow vulnerabilities | Raphael Marichez | |
| ZDI-08-003: Symantec Backup Exec Remote File Upload Vulnerability | zdi-disclosures_at_nospam | |
| [ GLSA 200802-02 ] Doomsday: Multiple vulnerabilities | Pierre-Yves Rofes | |
| Chat vulnerabilities in TinTin++ 1.97.9 | Luigi Auriemma | |
| [SECURITY] [DSA 1483-1] New net-snmp packages fix denial of service vulnerability | Noah Meyerhans | |
| iDefense Security Advisory 02.04.08: Hewlett-Packard Network Node Manager Topology Manager Service DoS Vulnerability | iDefense Labs | |
| [ MDVSA-2008:036 ] - Updated CUPS packages fix SNMP vulnerability | security_at_nospam | |
| Logs visualization in WS_FTP Server Manager 6.1.0.0 | Luigi Auriemma | |
| rPSA-2008-0046-1 gd | rPath Update Announcements | |
| Re: Tested on Webmin 1.390 | ivangaravito_at_nospam | |
| rPSA-2008-0043-1 icu | rPath Update Announcements | |
| Re: A paper by Amit Klein (Trusteer): "OpenBSD DNS Cache Poisoning and Multiple O/S Predictable IP ID Vulnerability" | Tim Newsham | |
| [security bulletin] HPSBGN02310 SSRT080007 rev.1 - HP Virtual Rooms Running on Windows, Remote Execution of Arbitrary Code | security-alert_at_nospam | |
| Tested on Webmin 1.390 | no-reply_at_nospam | |
| [SECURITY] [DSA 1482-1] New squid packages fix denial of service | Moritz Muehlenhoff | |
| A paper by Amit Klein (Trusteer): "OpenBSD DNS Cache Poisoning and Multiple O/S Predictable IP ID Vulnerability" | Amit Klein | |
| [security bulletin] HPSBST02302 SSRT071474 rev.1 - HP Storage Essentials SRM, Remote Unauthorized Access | security-alert_at_nospam | |
| [ MDVSA-2008:035 ] - Updated libcdio packages fix DoS vulnerability | security_at_nospam | |
| Apple iPhone 1.1.3 remote DoS exploit | morin.josh_at_nospam | |
| rPSA-2008-0040-1 mysql mysql-bench mysql-server | rPath Update Announcements | |
| dBpowerAMP Audio Player Release 2 Remote Buffer Overflow | Securfrog_at_nospam | |
| CYBSEC Security Advisory: Arbitrary file overwrite in Documentum Administrator / Documentum Webtop | CYBSEC Advisories | |
| [SECURITY] [DSA 1486-1] New gnatsweb packages fix cross-site scripting | Steve Kemp | |
| [SECURITY] [DSA 1480-1] New poppler packages fix several vulnerabilities | Moritz Muehlenhoff | |
| [SECURITY] [DSA 1481-1] New python-cherrypy packages fix denial of service | Moritz Muehlenhoff | |
| Re: Multiple vulnerabilities in SAPlpd 6.28 | robert.ingruber_at_nospam | |
| Re: PR07-38: XSS on sIFR | hk_at_nospam | |
| [security bulletin] HPSBMA02307 SSRT071420 rev.1 - HP OpenView Network Node Manager (OV NNM) Remote Denial of Service (DoS) | security-alert_at_nospam | |
| Re: Re: PIX Privilege Escalation Vulnerability | rvandenbrink_at_nospam | |
| [ MDVSA-2008:034 ] - Updated emacs packages fix vulnerabilities | security_at_nospam | |
| NERO Media Player <= 1.4.0.35b Remote Buffer Overflow( .M3U) | Securfrog_at_nospam | |
| [USN-575-1] Apache vulnerabilities | Jamie Strandboge | |
| iDefense Security Advisory 01.31.08: IBM Informix Dynamic Server SQLIDEBUG File Creation Vulnerability | iDefense Labs | |
| Multiple vulnerabilities in SAPlpd 6.28 | Luigi Auriemma | |
| iDefense Security Advisory 01.31.08: IBM Informix Dynamic Server onedcu File Creation Vulnerability | iDefense Labs | |
| Multiple vulnerabilities in WinCom LPD Total 3.0.2.623 | Luigi Auriemma | |
| Socket termination in FTP Log Server 7.9.14.0 | Luigi Auriemma | |
| CORE-2007-1218: MPlayer 1.0rc2 buffer overflow vulnerability | CORE Security Technologies Advisories | |
| [OPENADS-SA-2008-001] Openads 2.4.2 vulnerability fixed | Matteo Beccati | |
| Anon Proxy Server <= 0.102 remote buffer overflow | L4teral | |
| [security bulletin] HPSBUX02308 SSRT080010 rev.1 - HP-UX Running Apache, Remote Execution of Arbitrary Code | security-alert_at_nospam | |
| IpSwitch WS_FTPSERVER with SSH remote Buffer Overflow | securfrog_at_nospam | |
| Wordpress Pluging wp-footnotes 2.2 (admin_panel.php) Multiple Vulnerabilites | nbbn_at_nospam | |
| [ MDVSA-2008:033 ] - Updated ruby-gnome2 packages fix arbitrary code execution vulnerability | security_at_nospam | |
| phpShop <= v 0.8.1 Remote SQL injection / Filter Bypass | theredc0ders_at_nospam | |
| ITech Classifieds Multiple Remote Vulnerabilities | cybermilitan_at_nospam | |
| Domain Trader v2.0 Xss Vulnerable | cybermilitan_at_nospam | |
| [ MDVSA-2008:032 ] - Updated boost packages fix DoS vulnerabilities | security_at_nospam | |
| Wordpress Plugin dmsguestbook 1.7.0 Multiple Remote Vulnerabilities | nbbn_at_nospam | |
| The Everything Development System - SQL Injection | sub | |
| Sun JRE / JDK bug introduces XXE possibilities | Chris Evans | |
| Youtube Clone Xross Site Scripting (load_message.php) | ciucciamilcalzino_at_nospam | |
| Titan FTP Server Remote Heap Overflow (USER/PASS) | securfrog_at_nospam | |
| SQL in Archimede Net 2000 "E-Guest_show.php" | Sw33t.h4cK3r_at_nospam | |
| LightBlog Remote File Upload Vulnerability | omnipresent_at_nospam | |
| LiveCart XSS vulnerability fixed since version 1.1.0 | info_at_nospam | |
| [ MDVSA-2008:031 ] - | security_at_nospam | |
| Re: PIX Privilege Escalation Vulnerability | Aaron Collins | |
