CVE-2009-4520

The vulnerability CVE-2009-4520 affects the Drupal CCK Comment Reference module. Affected versions are 5.x before 5.x-1.2 and 6.x before 6.x-1.3. The issue allows remote attackers to bypass access controls and read comments by abusing the module’s autocomplete path. Remediation requires upgrading...

CVE-2009-4520

The CCK Comment Reference module 5.x before 5.x-1.2 and 6.x before 6.x-1.3, a module for Drupal, allows remote attackers to bypass intended access restrictions and read comments by using the autocomplete path...

Joomla! Component MS Comment 0.8.0b - Security Bypass Cross-Site Scripting

Joomla! Component MS Comment 0.8.0b - Security Bypass Cross-Site Scripting source: https://www.securityfocus.com/bid/38250/info The MS Comment component for Joomla! is prone to a security-bypass vulnerability because it fails to properly sanitize user-supplied input. The component is also prone t...

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in admin.php in ScriptsEz Ez Blog 1.0 allow remote attackers to hijack the authentication of administrators for requests that 1 add a blog via the addblog action, 2 approve a comment via the approvecomment action, 3 change administrator...

CVE-2009-4365

Multiple cross-site request forgery CSRF vulnerabilities in admin.php in ScriptsEz Ez Blog 1.0 allow remote attackers to hijack the authentication of administrators for requests that 1 add a blog via the addblog action, 2 approve a comment via the approvecomment action, 3 change administrator...

ReVou Micro Blogging Cross Site Scripting

--------------------------------------- ReVou Micro Blogging Cross Site Scripting --------------------------------------- + Author : AnTi SeCuRe + Email : [email protected] + Site : www.vxx9.cc + Team : SauDi ViRuS TeaM + Script : ReVou Micro Blogging How To Do It : 1- Sign up 2- Sing in 3-...

Ez Blog 1.0 XSS / XSRF

----------------------------------------------------------------------------------------------- Title: Ez Blog XSS/XSRF Multiple Vulnerabilities Author: Milos Zivanovic Email: milosz.securityatgmail.com Date: 15. December 2009...

Ez Blog v1.0 (XSS/XSRF) Multiple Vulnerabilities

No description provided by source. ----------------------------------------------------------------------------------------------- Title: Ez Blog XSS/XSRF Multiple Vulnerabilities Author: Milos Zivanovic Email: milosz.securityatgmail.com Date: 15. December 2009...

Ez Blog 1.0 - Cross-Site Scripting / Cross-Site Request Forgery

----------------------------------------------------------------------------------------------- Title: Ez Blog XSS/XSRF Multiple Vulnerabilities Author: Milos Zivanovic Email: milosz.securityatgmail.com Date: 15. December 2009...

oBlog Persistant XSS CSRF Admin Bruteforce

No description provided by source. ------------------------------------------------------------------------------------------------- Application: oBlog Version: the only one there is : Download: http://www.dootzky.com/images/projects/oBlog.zip Author of this full disclosure: Milos Zivanovic...

Adobe Illustrator CS4 (V14.0.0) Encapsulated Postscript (.eps) Overlong DSC Comment Buffer Overflow Exploit

?php / Adobe Illustrator CS4 V14.0.0 Encapsulated Postscript .eps overlong DSC Comment Buffer Overflow Exploit by Nine:Situations:Group::pyrokinesis site: http://retrogod.altervista.org/ An overlong string as DSC comment more than 42000 bytes results in a direct EIP overwrite. Exception is...

Adobe Illustrator CS4 14.0.0 - Encapsulated Postscript '.eps' Local Buffer Overflow

?php / Adobe Illustrator CS4 V14.0.0 Encapsulated Postscript .eps overlong DSC Comment Buffer Overflow Exploit by Nine:Situations:Group::pyrokinesis site: http://retrogod.altervista.org/ An overlong string as DSC comment more than 42000 bytes results in a direct EIP overwrite. Exception is...

Adobe Illustrator CS4 14.0.0 - Encapsulated Postscript .eps Local Buffer Overflow

Adobe Illustrator CS4 14.0.0 - Encapsulated Postscript .eps Local Buffer Overflow ?php / Adobe Illustrator CS4 V14.0.0 Encapsulated Postscript .eps overlong DSC Comment Buffer Overflow Exploit by Nine:Situations:Group::pyrokinesis site: http://retrogod.altervista.org/ An overlong string as DSC...

CVE-2009-4091

comments.php in Simplog 0.9.3.2, and possibly earlier, does not properly restrict access, which allows remote attackers to edit or delete comments via the 1 edit or 2 del action...

Simplog 0.9.3.2 XSS / XSRF

Mutliple Vulnerabilities in Simplog v0.9.3.2 Name Multiple vulnerabilities in Simplog Systems Affected Simplog 0.9.3.2 and possibly earlier versions Download http://sourceforge.net/projects/simplog/files/simplog/0.9.3.2/simplog-0.9.3.2.tar.gz/download Author Amol Naik amolnaik4atgmail.com Date...

Telepark Wiki v2.4.23 Multiple Remote Vulnerabilities

No description provided by source. Abysssec Inc Public Advisory Title : Telepark Wiki Multiple Remote Vulnerabilities Affected Version : = v2.4.23 Vendor Site : www.teamtodo.com Discovery : www.Abysssec.com Vendor contact : 8 november Vendor response : 9 november patch is available in vendor...

Simplog 0.9.3.2 - Multiple Vulnerabilities

Simplog 0.9.3.2 - Multiple Vulnerabilities Mutliple Vulnerabilities in Simplog v0.9.3.2 Name Multiple vulnerabilities in Simplog Systems Affected Simplog 0.9.3.2 and possibly earlier versions Download http://sourceforge.net/projects/simplog/files/simplog/0.9.3.2/simplog-0.9.3.2.tar.gz/download...

Simplog v0.9.3.2 Mutliple Vulnerabilities

Exploit for unknown platform in category web applications ========================================= Simplog v0.9.3.2 Mutliple Vulnerabilities ========================================= Mutliple Vulnerabilities in Simplog v0.9.3.2 Name Multiple vulnerabilities in Simplog Systems Affected Simplog...

Simplog 0.9.3.2 - Multiple Vulnerabilities

Mutliple Vulnerabilities in Simplog v0.9.3.2 Name Multiple vulnerabilities in Simplog Systems Affected Simplog 0.9.3.2 and possibly earlier versions Download http://sourceforge.net/projects/simplog/files/simplog/0.9.3.2/simplog-0.9.3.2.tar.gz/download Author Amol Naik amolnaik4atgmail.com Date...

Simplog v0.9.3.2 Mutliple Vulnerabilities

No description provided by source. Mutliple Vulnerabilities in Simplog v0.9.3.2 Name Multiple vulnerabilities in Simplog Systems Affected Simplog 0.9.3.2 and possibly earlier versions Download http://sourceforge.net/projects/simplog/files/simplog/0.9.3.2/simplog-0.9.3.2.tar.gz/download Author Amo...