CVE-2009-2154

SQL injection vulnerability in admin/login.php in Impleo Music Collection 2.0, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the username parameter...

CVE-2009-2153

Cross-site scripting XSS vulnerability in index.php in Impleo Music Collection 2.0 allows remote attackers to inject arbitrary web script or HTML via the sort parameter...

CVE-2009-2153

Cross-site scripting XSS vulnerability in index.php in Impleo Music Collection 2.0 allows remote attackers to inject arbitrary web script or HTML via the sort parameter...

CVE-2009-2154

SQL injection vulnerability in admin/login.php in Impleo Music Collection 2.0, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the username parameter...

CVE-2009-2153

CVE-2009-2153 affects Impleo Music Collection 2.0 (index.php). The vulnerability is a cross-site scripting (XSS) flaw in the sort parameter, enabling remote attackers to inject arbitrary web script or HTML. No further root-cause details are provided beyond the description; exploitation details ar...

CVE-2009-2153

Cross-site scripting XSS vulnerability in index.php in Impleo Music Collection 2.0 allows remote attackers to inject arbitrary web script or HTML via the sort parameter...

CVE-2009-2154

CVE-2009-2154 describes a SQL injection in Impleo Music Collection 2.0: vulnerable component is admin/login.php, trigger via username when magic_quotes_gpc is disabled. Remote attackers can execute arbitrary SQL commands. CVSS v2 base score 6.8 (MEDIUM). No remediation details are provided in the...

CVE-2009-2154

SQL injection vulnerability in admin/login.php in Impleo Music Collection 2.0, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the username parameter...

Impleo Music Collection 2.0 XSS / SQL Injection

Impleo Music Collection 2.0 SQL/XSS Multiple Remote Vulnerabilities + Download: http://sappy.dk/impleo/download-impleo + Discovered By SirGod + www.mortal-team.org + SQL Injection Auth Bypass - Requirements : magicquotesgpc = off - Vulnerable code in /admin/login.php...

impleo music Collection 2.0 - SQL Injection / Cross-Site Scripting

Impleo Music Collection 2.0 SQL/XSS Multiple Remote Vulnerabilities + Download: http://sappy.dk/impleo/download-impleo + Discovered By SirGod + www.mortal-team.org + SQL Injection Auth Bypass - Requirements : magicquotesgpc = off - Vulnerable code in /admin/login.php...

Impleo Music Collection 2.0 (SQL/XSS) Multiple Remote Vulnerabilities

No description provided by source. + Impleo Music Collection 2.0 SQL/XSS Multiple Remote Vulnerabilities + Download: http://sappy.dk/impleo/download-impleo + Discovered By SirGod + www.mortal-team.org + SQL Injection Auth Bypass - Requirements : magicquotesgpc = off - Vulnerable code in...

impleo music Collection 2.0 - SQL Injection Cross-Site Scripting

impleo music Collection 2.0 - SQL Injection Cross-Site Scripting + Impleo Music Collection 2.0 SQL/XSS Multiple Remote Vulnerabilities + Download: http://sappy.dk/impleo/download-impleo + Discovered By SirGod + www.mortal-team.org + SQL Injection Auth Bypass - Requirements : magicquotesgpc = off ...

Impleo Music Collection 2.0 (SQL/XSS) Multiple Remote Vulnerabilities

Exploit for unknown platform in category web applications ===================================================================== Impleo Music Collection 2.0 SQL/XSS Multiple Remote Vulnerabilities ===================================================================== + Impleo Music Collection 2.0...

Design/Logic Flaw

The garbage-collection implementation in Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 sets an element's owner document to null in unspecified circumstances, which allows remote attackers to execute arbitrary JavaScript with chrome privileges via a crafte...

CVE-2009-1838

The garbage-collection implementation in Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 sets an element's owner document to null in unspecified circumstances, which allows remote attackers to execute arbitrary JavaScript with chrome privileges via a crafte...

Cormac Herley on the Underground Economy, IRC Economics and the Externalities of Cybercrime

Dennis Fisher talks with Cormac Herley of Microsoft Research about the paper he co-authored on the realities of the underground economy, why sales of stolen credit cards resemble a market for lemons and how we can get better data on cybercrime activities. Podcast audio courtesy of sykboy65 Downlo...

Firefox < 3.0.11 Multiple Vulnerabilities

The installed version of Firefox is earlier than 3.0.11. Such versions are potentially affected by the following security issues : - Multiple memory corruption vulnerabilities could potentially be exploited to execute arbitrary code. MFSA 2009-24 - Certain invalid Unicode characters, when used as...

Firefox arbitrary code execution flaw

The garbage-collection implementation in Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 sets an element's owner document to null in unspecified circumstances, which allows remote attackers to execute arbitrary JavaScript with chrome privileges via a crafte...

ZDI-09-034: Apple Safari SVG Set.targetElement&#40;&#41; Memory Corruption Vulnerability

ZDI-09-034: Apple Safari SVG Set.targetElement Memory Corruption Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-09-034 June 8, 2009 -- CVE ID: CVE-2009-1709 -- Affected Vendors: Apple -- Affected Products: Apple Safari -- TippingPointTM IPS Customer Protection: TippingPoint IPS...

my-colex 1.4.2 SQL Injection / XSS

------------------------------------------------------- MULTIPLE REMOTE VULNERABILITIES --my-colex 1.4.2-- ------------------------------------------------------- CMS INFORMATION: --WEB: http://www.collector.ch/drupal5/index.php --DOWNLOAD: http://www.collector.ch/drupal5/?q=node/11 --DEMO:...