kisobox.com :: Security News http://www.kisobox.com Feed the latest exploits and vulnerabilities news Sun, 07 Sep 2008 09:08:21 +0000 http://backend.userland.com/rss092 en vastal-itechcosmetics.txt Vastal I-Tech Cosmetics Zone suffers from a remote SQL injection vulnerability in view_products_cat.php. http://packetstormsecurity.org/filedesc/vastal-itechcosmetics.txt.html esfaq-sql.txt EsFaq version 2.0 suffers from a remote SQL injection vulnerability. http://packetstormsecurity.org/filedesc/esfaq-sql.txt.html webcmsportal-blindsql.txt webCMS Portal Edition blind SQL injection exploit that leverages index.php. http://packetstormsecurity.org/filedesc/webcmsportal-blindsql.txt.html google-download2.txt Google Chrome Browser version 0.2.149.27 automatic file download exploit that uses window.setTimeout. http://packetstormsecurity.org/filedesc/google-download2.txt.html google-chrome-dos4.txt Google Chrome Browser version 0.2.149.27 Inspect Element denial of service exploit. http://packetstormsecurity.org/filedesc/google-chrome-dos4.txt.html flockweb-dos.txt Flock Social Web Browser version 1.2.5 looping denial of service exploit. http://packetstormsecurity.org/filedesc/flockweb-dos.txt.html citect_scada_odbc.rb.txt This Metasploit module exploits a stack overflow in CitectSCADA's ODBC daemon. This has only been tested against Citect versions 5, 6, and 7. http://packetstormsecurity.org/filedesc/citect_scada_odbc.rb.txt.html iranmc-sql.txt IranMC CMS suffers from a remote SQL injection vulnerability. http://packetstormsecurity.org/filedesc/iranmc-sql.txt.html silentum-xss.txt Silentum LoginSys version 1.0.0 suffers from a cross site scripting vulnerability. http://packetstormsecurity.org/filedesc/silentum-xss.txt.html phpauction32-rfi.txt PHP Auction version 3.2 suffers from remote file inclusion and information disclosure vulnerabilities. http://packetstormsecurity.org/filedesc/phpauction32-rfi.txt.html