http://www.kisobox.com Feed the latest exploits and vulnerabilities news Fri, 03 Jul 2009 17:46:35 +0000 http://backend.userland.com/rss092 en The Axesstel MV 410R protects from malicious input by leveraging javascript, allowing an attacker to bypass all of this easily. The device is also susceptible to permanent cross site scripting vulnerabilities. http://packetstormsecurity.org/filedesc/axesstel-bypass.txt.html Local root exploit for FreeBSD nmount(). This affects FreeBSD 7.0-RELEASE and 7.0-STABLE. http://packetstormsecurity.org/filedesc/cve-2008-3531.c.html Remote blind SQL injection exploit for ShopCartDx version 4.30 that leverages product_detail.php. http://packetstormsecurity.org/filedesc/shopcartdx430-blindsql.txt.html Remote SQL injection exploit for ShopCartDx version 4.30 that leverages product_detail.php. This particular vulnerability was priorly discovered but further research has been performed. http://packetstormsecurity.org/filedesc/shopcartdx430-sql.txt.html Soulseek versions 157 NS below 13e and all versions of 156 suffer from a remote peer search code execution vulnerability. http://packetstormsecurity.org/filedesc/soulseek157-psexec.txt.html Rentventory PHP suffers from multiple remote SQL injection vulnerabilities. http://packetstormsecurity.org/filedesc/rentventory-sql.txt.html Opial version 1.0 suffers from a remote SQL injection vulnerability. http://packetstormsecurity.org/filedesc/opialaid-sql.txt.html conpresso version 3.4.8 suffers from a blind SQL injection vulnerability in detail.php. http://packetstormsecurity.org/filedesc/conpresso-sql.txt.html Almnzm version 2.0 remote blind SQL injection exploit. http://packetstormsecurity.org/filedesc/almnzm-blindsql.txt.html AdminLog version 0.5 suffers from an authentication bypass vulnerability. http://packetstormsecurity.org/filedesc/adminlog-bypass.txt.html