Member Login

Login
No account yet? Register
 

Search

Tell your friends about the Arcane Security Portal.

Search The Web


Who's Online

Latest Vulnerabilities

  • CVE-2008-3257 (weblogic_server, WebLogic Server, apache_connector_in_weblogic_server)
    Stack-based buffer overflow in the Apache Connector (mod_wl) in Oracle WebLogic Server (formerly BEA WebLogic Server) 10.3 and earlier allows remote attackers to execute arbitrary...
  • CVE-2008-3253 (xenserver)
    Cross-site scripting (XSS) vulnerability in the XenAPI HTTP interfaces in Citrix XenServer Express, Standard, and Enterprise Edition 4.1.0; Citrix XenServer Dell Edition (Express and Enterprise)...
  • CVE-2008-3262 (Claroline)
    Cross-site request forgery (CSRF) vulnerability in Claroline before 1.8.10 allows remote attackers to change passwords, related to lack of a requirement for the previous password.
  • CVE-2008-3255 (webproxy)
    Cross-site scripting (XSS) vulnerability in LunarNight Laboratory WebProxy 1.7.8 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
  • CVE-2008-3261 (Claroline)
    Open redirect vulnerability in claroline/redirector.php in Claroline before 1.8.10 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a...
  • CVE-2008-3258 (Zoph)
    Multiple SQL injection vulnerabilities in Zoph before 0.7.0.5 allow remote attackers to execute arbitrary SQL commands via unspecified vectors.
  • CVE-2008-3260 (Claroline)
    Multiple cross-site scripting (XSS) vulnerabilities in Claroline before 1.8.10 allow remote attackers to inject arbitrary web script or HTML via (1) the cwd parameter in...
  • CVE-2008-3256 (Siteframe Beaumont, siteframe_cms)
    SQL injection vulnerability in folder.php in Siteframe CMS 3.2.3 and earlier, and Siteframe Beaumont 5.0.5 and earlier, allows remote attackers to execute arbitrary SQL commands...
  • CVE-2008-3259 (OpenSSH)
    OpenSSH before 5.1 sets the SO_REUSEADDR socket option when the X11UseLocalhost configuration setting is disabled, which allows local users on some platforms to hijack the...
  • CVE-2008-3254 (precms)
    SQL injection vulnerability in index.php in preCMS 1 allows remote attackers to execute arbitrary SQL commands via the id parameter in a UserProfil action.
  • CVE-2008-3188 (libxcrypt)
    libxcrypt in SUSE openSUSE 11.0 uses the DES algorithm when the configuration specifies the MD5 algorithm, which makes it easier for attackers to conduct brute-force...
  • CVE-2008-3263 (Asterisk)
    Asterisk allows remote attackers to cause a denial of service (CPU consumption) by quickly sending a large number of IAX POKE requests.
  • CVE-2008-3237 (iTechBids)
    Cross-site scripting (XSS) vulnerability in forward_to_friend.php in ITechBids 7.0 Gold allows remote attackers to inject arbitrary web script or HTML via the productid parameter.
  • CVE-2008-3235 (WebSphere Application Server)
    Unspecified vulnerability in the PropFilePasswordEncoder utility in the Security component in IBM WebSphere Application Server (WAS) 5.1 before 5.1.1.19 has unknown impact and attack vectors.
  • CVE-2008-3245 (phphoo3)
    SQL injection vulnerability in phpHoo3.php in phpHoo3 4.3.9, 4.3.10, 4.4.8, and 5.2.6 allows remote attackers to execute arbitrary SQL commands via the viewCat parameter.
  • CVE-2008-3243 (F-Prot Antivirus, scanning_engine)
    Multiple unspecified vulnerabilities in the scanning engine before 4.4.4 in F-Prot Antivirus before 6.0.9.0 allow remote attackers to cause a denial of service via (1)...

Latest Exploits

  • bailiwicked_host.rb.txt
    This exploit targets a fairly ubiquitous flaw in DNS implementations which allow the insertion of malicious DNS records into the cache of the target nameserver....
  • emc-sql.txt
    EMC's Centera Universal Access product version CUA4.0_4735.p4 suffers from a SQL injection vulnerability.
  • joomlamamml-upload.txt
    The Joomla Mamml component suffers from a remote file disclosure vulnerability.
  • oss-bypass.txt
    Outpost Security Suite Pro version 2009 suffers from multiple bypass vulnerabilities when using special characters.
  • PR08-16.txt
    Moodle versions 1.7.4 and below suffer from a cross site request forgery vulnerability.
  • PR08-13.txt
    A cross site scripting vulnerability exists in Moodle versions 1.7.4 and below.
  • presurveypoll-sql.txt
    Pre Survey Poll suffers from a SQL injection vulnerability in default.asp.
  • ezwebalbum-cookie.txt
    EZWebAlbum suffers from an insecure cookie handling vulnerability that allows anyone to be an administrator.
  • minix-dos.txt
    Minix version 3.1.2a suffers from a tty panic local denial of service vulnerability.
  • intellitamper207-exec.txt
    IntelliTamper version 2.07 server header remote code execution exploit.
There are no Items to display