OpenSSL - Padding Oracle in AES-NI CBC MAC Check

OpenSSL - Padding Oracle in AES-NI CBC MAC Check Source: http://web-in-security.blogspot.ca/2016/05/curious-padding-oracle-in-openssl-cve.html TLS-Attacker: https://github.com/RUB-NDS/TLS-Attacker https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/39768.zip You can...

OpenSSL - Padding Oracle in AES-NI CBC MAC Check

Source: http://web-in-security.blogspot.ca/2016/05/curious-padding-oracle-in-openssl-cve.html TLS-Attacker: https://github.com/RUB-NDS/TLS-Attacker https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/39768.zip You can use TLS-Attacker to build a proof of concept and...

TinyMCE WYSIWYG Editor - Multiple Vulnerabilities

No description provided by source. + Vurnerebility: Js tinymce/tinymce WYSIWYGjava script vurnerebility xss--popup & SQl implemented + Language : Java--,Xml + lisences : LGPL + Vendor : Moxiecode Systems AB + support : IE7J0/IE6.0/NS8.1-IE/NS8.1-G/FF2.0/O9.02; + Category : bug report + vendor :...

Trixbox 2.8.0.4 Cross Site Scripting

Exploit Title: Trixbox 2.8.0.4 XSS Exploit Date: 07/04/2014 Exploit Author: Daniel Moreno a.k.a W1ckerMan Vendor Homepage: http://sourceforge.net/projects/asteriskathome/ Version: 2.8.0.4 This exploit needs authentication...

Unfixed XSS vulnerability at www.mikepecarsales.com

Security researcher By0ktay-DeeperS, has submitted on 15/12/2009 a cross-site-scripting XSS vulnerability affecting www.mikepecarsales.com, which at the time of submission ranked 0 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 07/07/2010. It ...

Unfixed XSS vulnerability at www.blide.org

Security researcher Dr.Optix, has submitted on 10/06/2008 a cross-site-scripting XSS vulnerability affecting www.blide.org, which at the time of submission ranked 2713153 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 09/07/2008. It is current...

Mozilla crashes with evidence of memory corruption

Multiple unspecified vulnerabilities in Mozilla Firefox 3.x before 3.0.2 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via vectors related to graphics rendering and 1 handling of a long alert messagebox in the...

Unfixed XSS vulnerability at www.glastron.com

Security researcher mckt, has submitted on 16/08/2008 a cross-site-scripting XSS vulnerability affecting www.glastron.com, which at the time of submission ranked 585259 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 16/08/2008. It is currently...

Unfixed XSS vulnerability at www.electronic-business-forum.de

Security researcher SCRiPToRiuM, has submitted on 11/03/2007 a cross-site-scripting XSS vulnerability affecting www.electronic-business-forum.de, which at the time of submission ranked 2937882 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on...

Unfixed XSS vulnerability at lyckseleopac.vilhelmina.com

Security researcher Uber0n, has submitted on 29/09/2007 a cross-site-scripting XSS vulnerability affecting lyckseleopac.vilhelmina.com, which at the time of submission ranked 6652756 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 04/10/2007. I...