CVE-2012-6662

Cross-site scripting XSS vulnerability in the default content option in jquery.ui.tooltip.js in the Tooltip widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title attribute, which is not properly handled in the autocomplete combo box demo...

DCOM the front of the pass to kill the vulnerability ms03-0 4 3 The use of code-vulnerability warning-the black bar safety net

Because you can go udp135 and UDP1024 more than one dynamic port, when many engage in an APT opening-day network firewall-black ice the white list of the machine is also easy to get. I often say that the inside of that MSG vulnerabilities. Aware of the RPC of the importance of after, a series of...

Block.io: Bypassed or command injection

Respected sir, Step1:sign up an account Step2:set secret pin Step3:After that a tick box is asking " I will lose my coins if I forget my Secret PIN and Secret Mnemonic. I know this.".. Step4:If you check the tick box , the button "done" will enable.It is mandatory to check the box. The bug is, I...

Yahoo! Japan Box for Android issue where it fails to verify SSL server certificates

Overview Yahoo! Japan Box for Android provided by Yahoo Japan Corporation contains an issue where it fails to verify SSL server certificates. Yahoo Japan Corporation reported this vulnerability to JPCERT/CC to notify users of this issue through JVN. JPCERT/CC coordinated with Yahoo Japan...

JVN#48270605: Yahoo! Japan Box for Android issue where it fails to verify SSL server certificates

Yahoo! Japan Box for Android provided by Yahoo Japan Corporation contains an issue where it fails to verify SSL server certificates. Impact A man-in-the-middle attack may allow an attacker to eavesdrop on an encrypted communication. Solution Update the Software Update to the latest version...

Box Detection via DNS

Binary data 8431.prm...

CVE-2014-5881

The Yahoo! Japan Box aka jp.co.yahoo.android.ybox application 1.5.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

Information disclosure

The Yahoo! Japan Box aka jp.co.yahoo.android.ybox application 1.5.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

CVE-2014-5881

The CVE-2014-5881 issue affects Yahoo! Japan Box for Android (jp.co.yahoo.android.ybox) where the app fails to verify SSL server certificates in versions up to 1.5.4 (and earlier), enabling man-in-the-middle attackers to decrypt or spoof traffic. Root cause: improper SSL certificate verification ...

CVE-2014-5881

The Yahoo! Japan Box aka jp.co.yahoo.android.ybox application 1.5.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

IBM Sametime Meet Server 8.5 Arbitrary File Upload

Exploit Title: IBM Sametime Meet Server 8.5 Arbitrary File Upload Google Dork: intitle:"New Meet - IBM Lotus Sametime" Date: 11/08/2014 CVSS Score: http://nvd.nist.gov/cvss.cfm?calculator&version=2&vector=AV:N/AC:M/Au:N/C:P/I:P/A:P CVE-ID: http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-3088...

FritzBox Webcm Unauthenticated Command Injection

A remote command injection vulnerability has been reported in different Fritz!Box devices. The vulnerability is due to insufficient validation within the web-based Interface. A remote attacker can exploit this vulnerability by submitting a maliciously crafted request to the web-based Interface...

Ads Box - iframe_ampl.php count Parameter SQL Injection

The ads-box WordPress plugin was affected by an iframeampl.php count Parameter SQL Injection security vulnerability...

wordpress-simple-shout-box - SQL Injection

The wordpress-simple-shout-box WordPress plugin was affected by a SQL Injection security vulnerability...

[SECURITY] Fedora 20 Update: ffgtk-0.8.6-7.fc20

Fritz Fun ffgtk is a clean solution for controlling the FRITZ!Box or compatible router with Linux. It offers a rich feature list, including call er monitor and fax support. It offers integration with the KDE, evolution and Thurderbird address books. Some plug-ins are packaged separately...

SysExporter - Grab data from list-view, tree-view, combo box, WebBrowser control, and text-box

SysExporter utility allows you to grab the data stored in standard list-views, tree-views, list boxes, combo boxes, text-boxes, and WebBrowser/HTML controls from almost any application running on your system, and export it to text, HTML or XML file. Here's some examples for data that you can expo...

chkrootkit 0.49 - Local Root Vulnerability

No description provided by source. We just found a serious vulnerability in the chkrootkit package, which may allow local attackers to gain root access to a box in certain configurations /tmp not mounted noexec. The vulnerability is located in the function slapper in the shellscript chkrootkit:...

Check Point Software Firewall-1 4.0/1 4.1 Fragmented Packets DoS

No description provided by source. source: http://www.securityfocus.com/bid/1312/info By sending illegally fragmented packets directly to or routed through Check Point FireWall-1, it is possible to force the firewall to use 100% of available processor time logging these packets. The FireWall-1...

Galerie Dezign-Box France - Multiple Vulnerabilities

No description provided by source...

leaftec cms multiple vulnerabilities

No description provided by source. Exploit Title: leaftec cms multiple vulnerabilities Date: 21.03.2010 Author: Valentin Höbel Version: Tested on: Debian etch CVE : Code : :: General information :: leaftec cms multiple vulnerabilities discovered :: by Valentin Höbel :: [email protected] ::...