Google to Hold Pwnium 2 Contest, Offers $2M in Rewards

Google has been handing out rewards to researchers who discover vulnerabilities in the company’s products and Web properties for several years now, both through its Chrome bug bounty program and its Pwnium contest at this year’s CanSecWest conference. Company officials say that the programs have...

Cross site scripting

Cross-site scripting XSS vulnerability in eFront 3.6.11 allows remote authenticated users to inject arbitrary web script or HTML via the subject box of a message...

CVE-2012-4270

Cross-site scripting XSS vulnerability in eFront 3.6.11 allows remote authenticated users to inject arbitrary web script or HTML via the subject box of a message...

McAfee Cross Site Scripting

Exploit Title: Mcafee XSS Date: 04.08.2012 Author: TayfunBasoglu Tested: BackTrack 5 Platform: Php ------------------------------------------------------------------ http://www.mcafee.com/uk/mcafee-labs.aspx search box - Search the Threat Library "...

Scientific Linux Security Update : firefox on SL4.x, SL5.x i386/x86_64

A flaw was found in the way Firefox sanitized HTML content in extensions. If an extension loaded or rendered malicious content using the ParanoidFragmentSink class, it could fail to safely display the content, causing Firefox to execute arbitrary JavaScript with the privileges of the user running...

A hotel CMS injection 0day-vulnerability warning-the black bar safety net

White-box in some sense, also TM is the individual force of life, the MVC framework let a person see uncomfortable. Test code: 1. http://www.xxx.com/index.php?m=liansuohotel&cityid=5 3%20and%2 0 1=2%20union%20select%2 0 1,concatusername,0x3a,password,3,4,5,6,7,8,9,1 0%20from%20zhunaadmin Copy the...

A hotel CMS sql inj 0day-vulnerability warning-the black bar safety net

White-box in some sense, also TM is the individual force of life, the MVC framework let a person see uncomfortable. poc: 1. index. php? m=liansuohotel&cityid=5 3%20and%2 0 1=2%20union%20select%2 0 1,concatusername,0x3a,password,3,4,5,6,7,8,9,1 0%20from%20zhunaadmin Copy the code Keywords: 1...

[SECURITY] Fedora 17 Update: vdr-1.7.27-2.fc17

VDR implements a complete digital set-top-box and video recorder. It can work with signals received from satellites DVB-S as well as cable DVB-C and terrestrial DVB-T signals. At least one DVB card is required to run VDR...

Adobe Photoshop CS5.1 U3D.8BI Collada Asset Elements Stack Overflow

No description provided by source. ?php // Adobe Photoshop CS5.1 U3D.8bi Library Collada Asset Elements // Unicode Conversion Stack Based Buffer Overflow poc .dae // 32bit/SEH // // unicode overflow occurs when overlong asset elements are processed // one could be able to return inside an ASCII...

Adobe Photoshop CS5.1 U3D.8BI Collada Asset Elements Stack Overflow

Exploit for windows platform in category local exploits ?php // Adobe Photoshop CS5.1 U3D.8bi Library Collada Asset Elements // Unicode Conversion Stack Based Buffer Overflow poc .dae // 32bit/SEH // // unicode overflow occurs when overlong asset elements are processed // one could be able to...

The Hulk Gets Hacked, Need Help from The Avengers

The Hulk Gets Hacked, Need Help from The Avengers The actor who plays Bruce Banner in smash hit The Avengers had his account taken over and even changed his username from @MRuff221 to @MarkRuffalo and proceeded to add some peculiar posts. Sunday the scene-stealing-actor's Twitter was hacked by a...

Jackie CMS (<=1.7) SQL injection vulnerability analysis-vulnerability warning-the black bar safety net

Jackie CMS Jieqi CMS is a novel system based CMS, currently the latest version is 1. 7, in the novel class of station use rate is still relatively high, these days took some time to look at his code, but quite interesting, to share with you a bit. The entire system of the core code is zend...

Jackie CMS (<=1.7) SQL injection vulnerability analysis-vulnerability warning-the black bar safety net

Jackie CMS Jieqi CMS is a novel system based CMS, currently the latest version is 1. 7, in the novel class of station use rate is still relatively high, these days took some time to look at his code, but quite interesting, to share with you a bit. The entire system of the core code is zend...

Fedora Update for drupal6-views_bulk_operations FEDORA-2011-13166

Check for the Version of drupal6-viewsbulkoperations OpenVAS Vulnerability Test Fedora Update for drupal6-viewsbulkoperations FEDORA-2011-13166 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can...

CVE-2012-1400

Unspecified vulnerability in the U+Box 2.0 Pad lg.uplusbox.pad application 2.0.8.4 for Android has unknown impact and attack vectors...

CVE-2012-1399

Unspecified vulnerability in the U+Box 2.0 lg.uplusbox application 2.0.2 and 2.0.8.4 for Android has unknown impact and attack vectors...

CVE-2012-1400

Unspecified vulnerability in the U+Box 2.0 Pad lg.uplusbox.pad application 2.0.8.4 for Android has unknown impact and attack vectors...

CVE-2012-1399

Unspecified vulnerability in the U+Box 2.0 lg.uplusbox application 2.0.2 and 2.0.8.4 for Android has unknown impact and attack vectors...

Code injection

Unspecified vulnerability in the U+Box 2.0 lg.uplusbox application 2.0.2 and 2.0.8.4 for Android has unknown impact and attack vectors...

Code injection

Unspecified vulnerability in the U+Box 2.0 Pad lg.uplusbox.pad application 2.0.8.4 for Android has unknown impact and attack vectors...