12 matches found
EUVD-2015-1983
Malware in sbrugna...
This Week in Spring - October 25th, 2022
Hi, Spring fans! Welcome to another installment of This Week in Spring! When last we spoke, I was in Las Vegas, NV, for the JavaOne show. It was amazing! Im in sunny Singapore, then off to Malaysia and Thailand. Its the first time Ive been to any of these places since 2019! How good it is to be...
UBUNTU-CVE-2021-32575
HashiCorp Nomad and Nomad Enterprise up to version 1.0.4 bridge networking mode allows ARP spoofing from other bridged tasks on the same node. Fixed in 0.12.12, 1.0.5, and 1.1.0 RC1...
Design/Logic Flaw
HashiCorp Nomad and Nomad Enterprise up to version 1.0.4 bridge networking mode allows ARP spoofing from other bridged tasks on the same node. Fixed in 0.12.12, 1.0.5, and 1.1.0 RC1...
CVE-2020-27748
A flaw was found in the xdg-email component of xdg-utils-1.1.0-rc1 and newer. When handling mailto: URIs, xdg-email allows attachments to be discreetly added via the URI when being passed to Thunderbird. An attacker could potentially send a victim a URI that automatically attaches a sensitive fil...
PT-2020-16799 · Mozilla +4 · Thunderbird +4
Name of the Vulnerable Software and Affected Versions: xdg-utils versions 1.1.0-rc1 and newer Description: A flaw was found in the xdg-email component. When handling mailto: URIs, xdg-email allows attachments to be discreetly added via the URI when being passed to Thunderbird. An attacker could...
CVE-2008-5203
Cross-site scripting XSS vulnerability in externalvote.php in PowerAward 1.1.0 RC1 allows remote attackers to inject arbitrary web script or HTML via the lvotedone parameter...
Cross site scripting
Cross-site scripting XSS vulnerability in externalvote.php in PowerAward 1.1.0 RC1 allows remote attackers to inject arbitrary web script or HTML via the lvotedone parameter...
CVE-2008-5203
PowerAward 1.1.0 RC1 contains a Cross-site Scripting (XSS) vulnerability in external_vote.php. The issue is exploitable via the l_vote_done parameter, allowing remote attackers to inject arbitrary web script or HTML. Documents consistently describe the affected component and payload, but do not p...
CVE-2008-5204
CVE-2008-5204 affects PowerAward 1.1.0 RC1. The vulnerability consists of multiple directory traversal flaws in the lang parameter across 15 PHP scripts (including agb.php, angemeldet.php, anmelden.php, charts.php, external_vote.php, guestbook.php, impressum.php, index.php, rss-reader.php, statis...
poweraward-lfi.txt
┌┌───────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An Unimaginable crack.... ────┐...
GGCMS <= 1.1.0 RC1 Remote Code Execution Exploit
No description provided by source. ? // //Kacper & str0ke Settings $exploitname = "GGCMS = v1.1.0 RC1 Remote Auto Deface Exploit / Remote Code Execution Exploit"; $scriptname = "GGCMS v1.1.0 RC1"; $scriptsite = "http://ggcms.weblance.pl/"; $dork = '"Powered by GGCMS"'; // print ' :::::::::...