[bugtraq] Thread Index

• Chronological Index · RSS feed

• ERRATA (Re: "Host header cannot be trusted as an anti anti DNS-pinning measure"), Amit Klein   (December 25, 2006)
  • Re: ERRATA (Re: "Host header cannot be trusted as an anti anti DNS-pinning measure"), Martin Johns   (December 26, 2006)  
   
• XSS with Vbulletin (new idea !), ashraf1984   (December 25, 2006)
  • <Possible follow-ups>
  • Re: XSS with Vbulletin (new idea !), bas   (December 27, 2006)  
  • Re: XSS with Vbulletin (new idea !), l . d . 0   (December 28, 2006)  
  • Re: XSS with Vbulletin (new idea !), micmast   (December 28, 2006)  
  • Re: XSS with Vbulletin (new idea !), marco . van . herwaarden   (January 01, 2007)  
   
• [SECURITY] [DSA 1241-1] New squirrelmail packages fix cross-site scripting, Moritz Muehlenhoff   (December 25, 2006)
• PHP Live! 3.2.2 Multiple Cross-Site Scripting Vulnerabilities, DoZ   (December 25, 2006)
• Cahier de texte V2.2 Bypass general access protection exploit, gmdarkfig   (December 26, 2006)
• phpcms <=- 1.1.7 Remote File Inclusion, Zarloule04   (December 26, 2006)
  • Re: phpcms <=- 1.1.7 Remote File Inclusion, Hugo van der Kooij   (December 27, 2006)  
  • <Possible follow-ups>
  • Re: phpcms <=- 1.1.7 Remote File Inclusion, Stuart Moore   (December 26, 2006)  
   
• PhpbbXtra v2.0 (phpbb_root_path) Remote File Include Vulnerability, xorontr   (December 26, 2006)
• HLStats Remote SQL Injection Exploit, nospam   (December 26, 2006)
• XSS - CMS Made Simple v1.0.2, Curtis Zimmerman   (December 26, 2006)
  • <Possible follow-ups>
  • Re: XSS - CMS Made Simple v1.0.2, nanoymaster   (December 28, 2006)  
   
• logahead UNU edition 1.0 Remote File Upload & code execution, corrado . liotta   (December 26, 2006)
• LuckyBot v3 Remote File Include, i-k-t   (December 26, 2006)
  • <Possible follow-ups>
  • Re: LuckyBot v3 Remote File Include, Stuart Moore   (December 27, 2006)  
  • Re: LuckyBot v3 Remote File Include, info   (June 07, 2007)  
   
• [OpenPKG-SA-2006.042] OpenPKG Security Advisory (openser), OpenPKG GmbH   (December 26, 2006)
• [OpenPKG-SA-2006.043] OpenPKG Security Advisory (links), OpenPKG GmbH   (December 26, 2006)
• Host directory full disclosure and input error, hack2prison   (December 27, 2006)
• Secure Login Manager Multiple Input Validation Vulnerabilities, DoZ   (December 27, 2006)
• NtRaiseHardError Csrss.exe memory Disclosure exploit, Reversemode   (December 27, 2006)
• ShmooCon Announcement, B Potter   (December 27, 2006)
• [SECURITY] [DSA 1242-1] New elog packages fix arbitrary code execution, Moritz Muehlenhoff   (December 28, 2006)
• Limbo CMS event module (lm_absolute_path) Remote File Include Vulnerabilities, xorontr   (December 28, 2006)
• [SECURITY] [DSA 1243-1] New evince packages fix arbitrary code execution, Moritz Muehlenhoff   (December 28, 2006)