Scrollout version 2012-10-03 allows authenticated remote attackers to execute arbitrary commands as the 'www-data' user.

ZoneMinder Video Server version 1.24.0 to 1.25.0 allows authenticated remote attackers to execute arbitrary commands as the web server user.

eXtplorer versions 2.1.2, 2.1.1, 2.1.0 and 2.1.0RC5 allow an unauthenticated user to bypass authentication and execute arbitrary files as the webserver user.

ZEN Load Balancer v2.0 and v3.0-rc1 allows authenticated remote attackers to execute arbitrary commands as the 'root' user.

Openfiler v2.x allows authenticated remote attackers to gain root access.

There are multiple security vulnerabilities in SugarCRM Community Edition 6.5.2 (Build 8410) which may allow an attacker to take control of the software.

There are multiple security vulnerabilities in TestLink 1.9.3 which may allow an unauthenticated user to execute arbitrary commands as the web server user.

WANem v2.3 allows unauthenticated remote attackers to gain root access.

QLogic SANsurfer Fibre Channel (FC) Host Bus Adapter (HBA) Manager uses Fizmez Web Server for the web server component. Fizmez Web Server is vulnerable to directory traversal. The web server is not enabled by default.

Fizmez Web Server is vulnerable to directory traversal.

There are multiple security vulnerabilities in Zenoss <= 3.2.1 which may allow an attacker to take control of the software.

There are multiple security vulnerabilities in CuteFlow 2.11.2 which may allow an attacker to take control of the software.

ActiveX, Remote DoS and XSS - because I've been busy and couldn't think of a better title for this post.

Howdy folks. Today I'll be introducing you to the EXTRAnet Collaboration Tool (EXTRACT) 0.5.1. We'll explore leveraging EXTRACT to escalate privileges with a 0day bug. I'll also show you how you can enjoy some remote shell goodness thanks to inter-protocol exploitation (with some luck and a little user interaction).

Time for some more fun with browser URL handlers! This time we'll take a look into abusing the handlers for news/snews/nntp.

There are multiple security vulnerabilities in ActivDesk 3.0 which may allow an attacker to take control of the software.

There is a SQL Injection vulnerability in iSupport 1.8 which may allow an attacker to take control of the software.

There are multiple security vulnerabilities in BrewBlogger 2.3.2 which may allow an attacker to take control of the software.

There is an SQL Injection vulnerability in iGiveTest 2.1.0 which may allow an attacker to take control of the software.

Bitcoin - fun, profit and anonymity on the wire. A brief analysis of the BitCoin network.

There is a reflected Cross Site Scripting (XSS) vulnerability in DoceboLMS 4.0.4 which may allow an attacker to take control of the software. There are also numerous Full Path Disclosure vulnerabilities. Previous versions may also be affected.

There are multiple Cross-Site Scripting (XSS) and Cross-Site Request Forgery (CSRF) vulnerabilities in PHP Event Calendar 1.4 which may allow an attacker to take control of the software if a user with admin privileges browses a malicious page while authorized.

There are multiple security vulnerabilities in Cachelogic Expired Domains Script 1.0 which may allow a remote attacker to take control of the software.

There are two reflected Cross Site Scripting (XSS) vulnerabilities in KSearch 1.5b. Prior versions are presumably affected however only version 1.4 has been tested.

There is a Persistent Cross-Site Scripting (XSS) vulnerability in rightscripts.com PHP Website Content Monitor which may allow an attacker to take control of the software.

There is a Local File Inclusion (LFI) vulnerability in rightscripts.com Extract Website Script which may allow an attacker to take control of the web-server.

There is a Cross-Site Scripting (XSS) vulnerability in ToTalMaTch 1.2a which may allow an unauthorized user to take control of the software if an authenticated user browses a malicious page.

There are multiple security vulnerabilities in InDoorsLogger (IDLogger) version 7.7 which may allow an attacker to take control of the software.

There are multiple security vulnerabilities in phpRechnung 1.6 RC2 which allow an unauthorized user to take control of the software.

There are multiple security vulnerabilities in thERP which allow an unauthorized user to take control of the software.

There are multiple security vulnerabilities in newswall which may allow an attacker to compromise the web server.

All scripts generated by CodeCharge Studio 4.3 contain Cross-Site Request Forgery (CSRF) vulnerabilities which may allow an attacker to take control of the software if an authorized user browses a malicious page while authorized.

There are multiple security vulnerabilities in MonoQL 0.1a which may allow an attacker to take control of the software.

There are multiple security vulnerabilities in Dolibarr ERP CRM 3.0.0-alpha which may allow an attacker to take control of the software.

There are multiple security vulnerabilities in SmartCJ Pro 1.45 which may allow an attacker to take control of the software if an authorized user browses a malicious page while authenticated.

There are multiple Cross-Site Scripting vulnerabilities in SocketTimesheet 3.0 which may allow an attacker to take control of the software if an authenticated user browses a malicious page.

There are multiple Cross-Site Scripting (XSS) and Cross-Site Request Forgery (CSRF) vulnerabilities in Webmedia Explorer 6.13.2 which may allow an attacker to take control of the software if a user with admin privileges browses a malicious page.

There are multiple security vulnerabilities in Truworth PHP Invoice Software 2.1 which allow an attacker to remotely compromise the software.

There is an authentication bypass vulnerability in Truworth Online Time Sheet 2.1 due to the application failing to properly sanitize user-supplied input during authentication. Exploitation of this vulnerability would permit unauthorized access with admin privilages.

Multiple security vulnerabilities exist in the QNAP TS-239 Pro network attached storage device which could allow an attacker to take control of the device if a user with administrator privileges browses a malicious web page.

If a user is masking their user-agent in Internet Explorer or Mozilla Firefox it is still possible to identify their browser and operating system using protocols which are unique to the browser.

Multiple vulnerabilities exist in the Wordpress 2.7.1 blogging software however successful exploitation requires admin roles.

Multiple vulnerabilities exist in the Belkin F1PI242EGau (wireless 4 port) router distributed by Australian ISP iiNet which could allow an attacker complete control over the user's router if the user browses a malicious web page. CSRF and XSS issues in the web administration interface lead to denial of service, information disclosure and DNS Hijacking.

Escalating Wordpress 2.6 search XSS to Arbitrary File Upload