205 matches found
Fedora 24 : roundcubemail (2016-60753c3dcd)
Version 1.2.3 - Searching in both contacts and groups when LDAP addressbook with groupfilters option is used - Fix vulnerability in handling of mail's 5th argument - Fix To: header encoding in mail sent with mail method 5475 - Fix flickering of header topline in min-mode 5426 - Fix bug where...
Fedora 23 : roundcubemail (2016-b4896f20b3)
Version 1.2.3 - Searching in both contacts and groups when LDAP addressbook with groupfilters option is used - Fix vulnerability in handling of mail's 5th argument - Fix To: header encoding in mail sent with mail method 5475 - Fix flickering of header topline in min-mode 5426 - Fix bug where...
OIC Exponent CMS Information Disclosure Vulnerability (CNVD-2016-11168)
OIC Exponent CMS is a free, open source modular content management system CMS based on PHP from the American OIC Group of companies. The system supports direct editing in the page, and provides user management, site configuration, content editing and other functions. An information disclosure...
Path traversal
Absolute path traversal vulnerability in program/steps/addressbook/photo.inc in Roundcube before 1.0.6 and 1.1.x before 1.1.2 allows remote authenticated users to read arbitrary files via a full pathname in the alt parameter, related to contact photo handling...
Novell Groupwise Addressbook Integer Overflow - Ver2 (CVE-2012-0418)
A code execution vulnerability has been reported in Novell GroupWise. The vulnerability is due to a heap buffer overflow while parsing tokens within a specially crafted Novell Address Book .nab file. A remote attacker can exploit this issue by enticing a target user to open a specially crafted .n...
php-addressbook 3.1.5 - (edit.php) SQL Injection Vulnerability
No description provided by source. @ php-addressbook v3.1.5edit.php SQL Injection Vulnerability @ Author: Hussin X @ Home : www.iq-ty.comhttp://www.iq-ty.com, @ email: darkangelg85atYahoodotcom @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ script :...
HiveMail 1.2.2/1.3 addressbook.update.php contactgroupid Variable Arbitrary PHP Command Execution
No description provided by source. source: http://www.securityfocus.com/bid/16591/info HiveMail is prone to multiple vulnerabilities. These vulnerabilities may allow the execution of arbitrary PHP code, cross-site scripting attacks, and SQL injection. The PHP code-execution issues are the result ...
PHP-Nuke Module Addressbook 1.2 - Local File Inclusion Exploit
No description provided by source. !Perl PHP-Nuke Module Addressbook 1.2 Local File Inclusion Exploit Vendor: http://www.sb-websoft.com/index.php?name=CmodsDownload&file=index&req=getit&lid=14 Vulnerable Code: requireoncemodules/$modulename/include/func.inc.php; Coded by bd0rk || SOH-Crew Greetz:...
EGroupWare 1.0 Calendar Module date Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/11013/info It is reported that eGroupWare is susceptible to multiple cross-site scripting and HTML injection vulnerabilities. The cross-site scripting issues present themselves in the various parameters of the 'addressboo...
iOS iDocManager 1.0.0 - Directory Traversal
No description provided by source. Exploit Title: iDocManager v1.0.0 for iPhone / iPod touch, Directory Traversal Date: 02/24/2011 Author: R3d@l3rt, Sp@2K, Sunlight, H@ckk3y Software Link : http://itunes.apple.com/kr/app/idocmanager/id376421606?mt=8 Version: 1.0.0 Tested on: iPhone, iPod 3GS with...
PHP-AddressBook 6.2.4 - (group.php) SQL Injection Vulnerability
No description provided by source. Exploit Title : PHP-AddressBook v6.2.4 SQL INJECTION VULNERABILITIES Script : PHP-AddressBook v6.2.4 Language : PHP DESCRIPTION:Simple, web-based address & phone book, contact manager, organizer. Groups, addresses, e-Mails, phone numbers & birthdays. vCards, LDI...
iphone folders 2.5 - Directory Traversal
No description provided by source. ---------------------------------------------------------------- Software : iPhone Folders 2.5 Type of vunlnerability : Directory Traversal Tested On : iPhone 4 IOS 4.0.1 Risk of use : High ---------------------------------------------------------------- Program...
iOS Share 1.0 - Directory Traversal
No description provided by source. Exploit Title: Share v1.0 for iPhone / iPod touch, Directory Traversal Date: 02/24/2011 Author: R3d@l3rt, Sunlight, H@ckk3y Software Link : http://itunes.apple.com/kr/app/filer-lite-download-view-manage/id350671847?mt=8 Version: 1.0 Tested on: iPhone, iPod 3GS...
Active Web Mail 4 - Blind SQL Injection Vulnerability
No description provided by source. ----------------------------بسم الله الرحمن الرحيم------------------------------ Tybe:emails.aspx TabOpenQuickTab1 Blind SQL Injection Vulnerability Vendor:www.activewebsoftwares.com Software: Active Web Mail v 4 author: я3d D3v!L Date: 28.11.2008 Home:...
iOS iFileExplorer Free - Directory Traversal
No description provided by source. Exploit Title: iPod Touch/iPhone iFileExplorer Free Directory Traversal Date: 04/03/2011 UK date format Author: theSmallNothing Software Link: http://itunes.apple.com/gb/app/ifileexplorer-protect-multi/id355253462?mt=8 Version: 2.8 Tested on: iPod Touch 2G 4.1...
Joomla Component AddressBook com_addressbook Local File Inclusion Vulnerability
No description provided by source. ================================================================================================================= o Joomla Component AddressBook Local File Inclusion Vulnerability Software : comaddressbook version 1.5.0 Author : AntiSecurity Vrs-hCk NoGe OoNBoY...
iOS 7.1.1 - Bypass Pass Code by Siri to access Addressbook
Document Title: =============== iOS 7.1.1 - Bypass Pass Code by Siri to access Addressbook References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1263 Video: https://www.youtube.com/watch?v=xs8bqenCf8A Source: https://www.youtube.com/user/sherifmorano Release Date: ===========...
iOS 7.1.1 - Bypass Pass Code by Siri to access Addressbook
Document Title: =============== iOS 7.1.1 - Bypass Pass Code by Siri to access Addressbook References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1263 Video: https://www.youtube.com/watch?v=xs8bqenCf8A Source: https://www.youtube.com/user/sherifmorano Release Date: ===========...
Novell Groupwise 8.02 Addressbook Memory Corruption - Ver2 (CVE-2011-4189)
A code execution vulnerability has been reported in Novell GroupWise. The vulnerability is due to a heap buffer overflow while parsing tokens within a specially crafted Novell Address Book .nab file. A remote attacker can exploit this issue by enticing a target user to open a specially crafted .n...
CVE-2013-5646
Cross-site scripting XSS vulnerability in Roundcube webmail 1.0-git allows remote authenticated users to inject arbitrary web script or HTML via the Name field of an addressbook group...