info@unhackable.org Phone: +877 547 3638

2 Joomla SQL Injection Vulnerabilities Discovered

Two SQL Injection vulnerabilities were recently detected in the com_package and com_photo modules of the joomla Content Management System. Remote attackers & low privileged user accounts can execute/inject own sql commands to compromise the application database. The vulnerability is located in the com_package module with the bound vulnerable id parameter. Successful exploitation of the vulnerability […]

Read More »

bind9 denial of service (remote) (CVE-2012-3817)

Package : bind9 Vulnerability : denial of service Problem type : remote Debian-specific: no CVE ID : CVE-2012-3817 Einar Lonn discovered that under certain conditions bind9, a DNS server, may use cached data before initialization. As a result, an attacker can trigger and assertion failure on servers under high query load that do DNSSEC validation. […]

Read More »