869 matches found
VAMCart-InternetShop v0.9 (XSRF/FileUpload) Multiple Vulnerabilities
Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...
VAMCart-InternetShop v0.9 (TinyBrowser) File Upload Code Execution
Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...
VAMCart-InternetShop 0.9 File Upload Code Execution
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 + Support e-mail :...
VAMCart-InternetShop 0.9 Cross Site Request Forgery / Shell Upload
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 + Support e-mail :...
QuickBlog v0.8 CMS - Multiple Web Vulnerabilities
Exploit for php platform in category web applications Title: ====== QuickBlog v0.8 CMS - Multiple Web Vulnerabilities Introduction: ============= QuickBlog est un gestionnaire de weblog ecrit en PHP4 compatible PHP5 et MySQL compatible MySQLi multi utilisateur multi langue multi theme Il est tres...
QuickBlog v0.8 CMS - Multiple Web Vulnerabilities
Document Title: =============== QuickBlog v0.8 CMS - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=567 Release Date: ============= 2012-05-11 Vulnerability Laboratory ID VL-ID: ==================================== 567 Commo...
DEBIAN-CVE-2012-2399
Cross-site scripting XSS vulnerability in swfupload.swf in SWFupload 2.2.0.1 and earlier, as used in WordPress before 3.5.2, TinyMCE Image Manager 1.1 and earlier, and other products allows remote attackers to inject arbitrary web script or HTML via the buttonText parameter, a different...
CVE-2012-2399
Cross-site scripting XSS vulnerability in swfupload.swf in SWFupload 2.2.0.1 and earlier, as used in WordPress before 3.5.2, TinyMCE Image Manager 1.1 and earlier, and other products allows remote attackers to inject arbitrary web script or HTML via the buttonText parameter, a different...
Cross site scripting
Cross-site scripting XSS vulnerability in swfupload.swf in SWFupload 2.2.0.1 and earlier, as used in WordPress before 3.5.2, TinyMCE Image Manager 1.1 and earlier, and other products allows remote attackers to inject arbitrary web script or HTML via the buttonText parameter, a different...
CVE-2012-2399
Cross-site scripting XSS vulnerability in swfupload.swf in SWFupload 2.2.0.1 and earlier, as used in WordPress before 3.5.2, TinyMCE Image Manager 1.1 and earlier, and other products allows remote attackers to inject arbitrary web script or HTML via the buttonText parameter, a different...
CVE-2012-2399
CVE-2012-2399 is an XSS vulnerability in swfupload.swf (SWFUpload 2.2.0.1 and earlier), used in WordPress before 3.5.2 and TinyMCE Image Manager 1.1 and earlier. The flaw allows remote attackers to inject arbitrary web script or HTML via the buttonText parameter. The connected documents do not pr...
CVE-2012-2399
Cross-site scripting XSS vulnerability in swfupload.swf in SWFupload 2.2.0.1 and earlier, as used in WordPress before 3.5.2, TinyMCE Image Manager 1.1 and earlier, and other products allows remote attackers to inject arbitrary web script or HTML via the buttonText parameter, a different...
XOOPS 2.5.4 - tiny_mcepluginsxoopsimagemanagerxoopsimagebrowser.php Multiple Cross-Site Scripting Vulnerabilities
XOOPS 2.5.4 - tinymcepluginsxoopsimagemanagerxoopsimagebrowser.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/53143/info XOOPS is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An...
CVE-2011-4825
Static code injection vulnerability in inc/function.base.php in Ajax File and Image Manager before 1.1, as used in tinymce before 1.4.2, phpMyFAQ 2.6 before 2.6.19 and 2.7 before 2.7.1, and possibly other products, allows remote attackers to inject arbitrary PHP code into data.php via crafted...
Code injection
Static code injection vulnerability in inc/function.base.php in Ajax File and Image Manager before 1.1, as used in tinymce before 1.4.2, phpMyFAQ 2.6 before 2.6.19 and 2.7 before 2.7.1, and possibly other products, allows remote attackers to inject arbitrary PHP code into data.php via crafted...
CVE-2011-4825
CVE-2011-4825 describes a static code injection vulnerability in the file inc/function.base.php of the Ajax File and Image Manager (used in various products). The flaw allows remote attackers to inject arbitrary PHP code into the file data.php via crafted parameters. Affected versions include Aja...
Multiple vulnerabilities in RoundCube
Hello 3APA3A! I want to warn you about multiple vulnerabilities in RoundCube. These are Brute Force, Content Spoofing, Cross-Site Scripting and Clickjacking vulnerabilities. CS and XSS are in TinyMCE, which is included with RoundCube. ------------------------- Affected products:...
RoundCube 0.6 Content Spoofing / Cross Site Scripting
Hello list! I want to warn you about multiple vulnerabilities in RoundCube. These are Brute Force, Content Spoofing, Cross-Site Scripting and Clickjacking vulnerabilities. CS and XSS are in TinyMCE, which is included with RoundCube. ------------------------- Affected products:...
CVE-2011-4563
Cross-site scripting XSS vulnerability in index.php in JAKCMS 2.0.4.1, and possibly other versions before 2.2.6 2011-09-23, allows remote attackers to inject arbitrary web script or HTML via the userpost parameter in a PM request, related to tinymce. NOTE: some of these details are obtained from...
Cross site scripting
Cross-site scripting XSS vulnerability in index.php in JAKCMS 2.0.4.1, and possibly other versions before 2.2.6 2011-09-23, allows remote attackers to inject arbitrary web script or HTML via the userpost parameter in a PM request, related to tinymce. NOTE: some of these details are obtained from...