7736 matches found
rainbowportal - Multiple Vulnerabilities
rainbowportal - Multiple Vulnerabilities ''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | | | | | || / \ || | | | || ||// \/|/ ''' abysssec Inc Public Advisory 1 Advisory information Title : Rainbowportal Multiple Remote Vulnerabilities Version : Rainbow 2.0...
Safari For Windows SGV Denial Of Service
Safari for windows Invalid SGV text style Webkit.dll DoS Vendor URL:www.apple.com Advisore:http://lostmon.blogspot.com/2010/08/safari-for-windows-invalid-sgv-text.html Vendor notify :Yes exploit available :YES Safari browser for windows is prone vulnerable to a Denial of service condition , this...
Microsoft Word Record Parsing Buffer Overflow
MS Word Record Parsing Buffer OverflowMS-09-027 Vulnerble application MS office 2003 Tested on XP SP2 - MS Ofice 2003 v. 11.5604.5606 Bug Found By Wushi of team509 Greets Villy, Abhishek Lyall and ASL IT SECURITY TEAM Author Abhishek Sahni - abhi00703atgmaildotcom, infoataslitsecuritydotcom Web -...
CVE-2010-3030
Cross-site request forgery CSRF vulnerability in Tomaz Muraus Open Blog 1.2.1, and possibly earlier, allows remote attackers to hijack the authentication of administrators for requests that change the administrative password. NOTE: the provenance of this information is unknown; the details are...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in Tomaz Muraus Open Blog 1.2.1, and possibly earlier, allows remote attackers to hijack the authentication of administrators for requests that change the administrative password. NOTE: the provenance of this information is unknown; the details are...
CVE-2010-3030
CVE-2010-3030 describes a CSRF vulnerability in Tomaz Muraus Open Blog 1.2.1 (and possibly earlier) that allows remote attackers to hijack the authentication of administrators to perform requests that change the administrative password. The available sources consistently reference this vulnerabil...
CVE-2010-3030
Cross-site request forgery CSRF vulnerability in Tomaz Muraus Open Blog 1.2.1, and possibly earlier, allows remote attackers to hijack the authentication of administrators for requests that change the administrative password. NOTE: the provenance of this information is unknown; the details are...
CVE-2010-3026
Cross-site request forgery CSRF vulnerability in application/modules/admin/controllers/users.php in Tomaz Muraus Open Blog 1.2.1, and possibly earlier, allows remote attackers to hijack the authentication of administrators for requests to admin/users/edit that grant administrative privileges...
CVE-2010-3025
Multiple cross-site scripting XSS vulnerabilities in Tomaz Muraus Open Blog 1.2.1, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via the 1 excerpt parameter to application/modules/admin/controllers/posts.php, as reachable by admin/posts/edit; and the 2 conten...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in application/modules/admin/controllers/users.php in Tomaz Muraus Open Blog 1.2.1, and possibly earlier, allows remote attackers to hijack the authentication of administrators for requests to admin/users/edit that grant administrative privileges...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Tomaz Muraus Open Blog 1.2.1, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via the 1 excerpt parameter to application/modules/admin/controllers/posts.php, as reachable by admin/posts/edit; and the 2 conten...
CVE-2010-3025
Multiple cross-site scripting XSS vulnerabilities in Tomaz Muraus Open Blog 1.2.1, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via the 1 excerpt parameter to application/modules/admin/controllers/posts.php, as reachable by admin/posts/edit; and the 2 conten...
CVE-2010-3026
Cross-site request forgery CSRF vulnerability in application/modules/admin/controllers/users.php in Tomaz Muraus Open Blog 1.2.1, and possibly earlier, allows remote attackers to hijack the authentication of administrators for requests to admin/users/edit that grant administrative privileges...
CVE-2010-3025
CVE-2010-3025 concerns Open Blog 1.2.1 (Tomaz Muraus). Concrete details in connected docs show multiple XSS vulnerabilities via excerpt (admin/posts/edit) and content (admin/pages/edit) as reachable by admin interfaces, caused by insufficient input validation; accompanying CSRF risks are describe...
CVE-2010-3026
CVE-2010-3026 describes a CSRF vulnerability in Tomaz Muraus Open Blog 1.2.1 (admin/users.php) that could let an attacker hijack an administrator’s session and perform privileged actions via requests to admin/users/edit. The NVD entry lists a MEDIUM base score (CVSSv2 4.3) with network attack vec...
Mediacoder 0.7.5.4710 Buffer Overflow
media coder 0.7.5.4710 0 day buffer overflow exploit vulnerble application link http://www.mediacoderhq.com/dlfull.htm tested on XP SP2 author abhishek lyall - abhilyallatgmaildotcom web - http://www.aslitsecurity.com/ blog - http://www.aslitsecurity.blogspot.com/ !/usr/bin/python to exploit load...
Blog System v1.5 persistenet XSS
Exploit for php platform in category web applications ================================ Blog System v1.5 persistenet XSS ================================ 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /'...
Rosoft Media Player 4.4.4 Buffer Overflow
rosoft media player 4.4.4 SEH buffer overflow POC vulnerble application link http://download.cnet.com/Rosoft-Media-Player/3000-21394-10044022.html tested on XP SP2 author abhishek lyall - abhilyallatgmaildotcom web - http://www.aslitsecurity.com/ blog - http://www.aslitsecurity.blogspot.com/...
Mediacoder 0.7.5.4710 Buffer Overflow Exploit
Exploit for windows platform in category local exploits ============================================= Mediacoder 0.7.5.4710 Buffer Overflow Exploit ============================================= media coder 0.7.5.4710 0 day buffer overflow exploit vulnerble application link...
Google Releases Chrome 5.0.375.126
Google has released Chrome 5.0.375.126 for Linux, Mac, and Windows. Chrome 5.0.375.126 contains an updated version of the Flash plugin which addresses multiple vulnerabilities. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code. US-CERT encourages users and...