Lucene search
K

663 matches found

Packet Storm
Packet Storm
added 2013/12/27 12:0 a.m.19 views

Safari Phishing Alert Bypass

Abstract: The PhishingAlert of Safari stops functioning in Windows systems if an abnormal URL is being used. Details: There is a defense mechanism in Safari which recognizes URL deceits such as http://[email protected]. The phishing alert will be activated once the HTTP URL that we want to...

0.2AI score
Exploits0
Mozilla
Mozilla
added 2013/12/10 12:0 a.m.33 views

Application Installation doorhanger persists on navigation — Mozilla

Mozilla developer Myk Melez reported that with specifically timed page navigation, the doorhanger notification for Web App installation could persist from one site to another without being dismissed by the navigation. This could be used by a malicious site to trick a user into installing an...

5.8CVSS4AI score0.02138EPSS
Exploits1References2Affected Software1
ThreatPost
ThreatPost
added 2012/10/22 7:12 p.m.14 views

Open-Redirect Vulnerability, Fake Government URLs Duping Users

Spammers have recently taken advantage of an open-redirect vulnerability to phish users and trick them into clicking through links that appear to be coming from government .gov URLs. The scam relies on a malformed series of URLs that appear to be coming from 1.USA.gov, a collaboration between...

0.2AI score
Exploits0References4
Opera Security Advisories
Opera Security Advisories
added 2012/08/27 12:0 a.m.6 views

Truncated dialogs may be used to trick users – Opera Security Advisories

When an important dialog is being displayed, such as a download dialog, the entire dialog should be visible, so that the user can clearly see what the dialog’s buttons will do. In some cases, specific user interactions can cause Opera not to enforce this correctly, allowing the window to become...

5.8AI score
Exploits0References1
Opera Security Advisories
Opera Security Advisories
added 2012/08/01 12:0 a.m.8 views

Small windows can be used in several ways to trick users into executing downloads – Opera Security Advisories

When the download dialog is displayed, it should always be visible to the user, to ensure that the user realizes it is there. If the dialog is displayed in a small enough window, the user may not realize it is being displayed, and if the right keyboard sequence is carefully followed, they can end...

5.8AI score
Exploits0References1
ThreatPost
ThreatPost
added 2012/07/06 2:11 a.m.18 views

Google Disputes Claim of Android Botnet

Google is disputing statements from researchers at Microsoft and Sophos who this week warned that Android devices were sending spam through compromised Yahoo Mail accounts. In response, both now say they are further investigating their earlier claims. The idea of an international Android botnet...

0.9AI score
Exploits0References4
seebug.org
seebug.org
added 2012/06/16 12:0 a.m.106 views

IBM Rational AppScan 8.x/7.x 多个安全漏洞

CVE ID:...

10CVSS0.98113EPSS
Exploits53
Opera Security Advisories
Opera Security Advisories
added 2012/03/26 12:0 a.m.10 views

Overlapping content can trick users into executing downloads – Opera Security Advisories

Dialogs such as the download dialog are usually displayed on top of page content, to ensure that the user knows that the dialog is requesting attention. In some cases, this policy was not implemented correctly in Opera, allowing certain page content to overlay the dialog. In these cases, clicking...

5.8AI score
Exploits0References1
seebug.org
seebug.org
added 2012/02/10 12:0 a.m.23 views

aspcms 后台文件无验证注入+ cookies欺骗

简要描述: 后台文件 AspCmsAboutEdit.asp 未进行验证,且未过滤,导致SQL注入。而且纯在cookies欺骗! 详细说明: ————————后台注射————————...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2012/01/26 6:41 p.m.13 views

Fake CNBC's Website for Internet Fraud

Fake CNBC's Website for Internet Fraud The beauty of the Internet is that you can make a truckload of money out here. Yes, you really could quit your full time job if you work hard.The bad news is most people either don't want to work at it, or they buy into some scam that causes them to waste...

6.6AI score
Exploits0
seebug.org
seebug.org
added 2012/01/07 12:0 a.m.16 views

Google Chrome HTTPS地址栏欺骗漏洞

Google Chrome是一个由Google公司开发的开源网页浏览器。 Google Chrome 14和15在HTTPS地址栏的实现上存在欺骗漏洞,攻击者可利用此漏洞诱使用户访问恶意站点,泄露其证书和个人数据。 0 Google Chrome 15 Google Chrome 14 厂商补丁: Google ------ 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://www.google.com...

7AI score
Exploits0
seebug.org
seebug.org
added 2011/11/01 12:0 a.m.16 views

VMware ESX Server多个安全漏洞

VMware ESX 服务器是在通用环境下分区和整合系统的虚拟主机软件。它是具有高级资源管理功能高效,灵活的虚拟主机平台。 VMware ESX Server在实现上存在多个安全漏洞,可被本地恶意用户利用泄露敏感信息、操作某些数据、绕过某些安全限制、执行欺骗攻击、执行DNS投毒攻击。 VMWare ESX Server 4.x VMWare ESX Server 3.x 厂商补丁: VMWare ------ 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://www.vmware.com...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2011/08/29 9:41 a.m.9 views

Hacking a Facebook Account using Facebook

Hacking a Facebook Account using Facebook Many of us know that phishing is also a trick to hack a facebook and session hijicking but hacker can do both at a same time. This vulnerability was happened on Facebook static FBML .Example here . Here you can get that Facebook FBML script : What user wi...

6.7AI score
Exploits0
myhack58
myhack58
added 2011/08/12 12:0 a.m.15 views

Polyethylene commercial po-2. 0 vulnerability-vulnerability warning-the black bar safety net

Program: A commercial po-2. 0 Download: http://down.chinaz.com/soft/21754.htm google keywords: intext:technical support:Ben Ming technology poly commercial po A few days ago to engage in Station I met a program called poly commercial treasure, the source code download here, today only have time t...

7.5AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2011/04/08 12:0 a.m.15 views

Mandriva Linux Security Advisory : firefox (MDVSA-2011:068)

Several invalid HTTPS certificates were placed on the certificate blacklist to prevent their misuse. Users on a compromised network could be directed to sites using the fraudulent certificates and mistake them for the legitimate sites. This could deceive them into revealing personal information...

5.5AI score
Exploits0References3
seebug.org
seebug.org
added 2011/03/03 12:0 a.m.17 views

Bo-Blog v2.1.1 COOKIE欺骗漏洞

No description provided by source...

7.1AI score
Exploits0
Positive Technologies
Positive Technologies
added 2011/02/04 12:0 a.m.2 views

PT-2011-2022 · Oracle · Icedtea

Name of the Vulnerable Software and Affected Versions: IcedTea versions 1.7 through 1.7.7 IcedTea versions 1.8 through 1.8.4 IcedTea versions 1.9 through 1.9.4 Description: The issue allows remote attackers to trick users into executing code that appears to come from a trusted source, due to...

6.8CVSS6.5AI score0.02578EPSS
Exploits0References10
RedHat Linux
RedHat Linux
added 2010/08/11 7:46 p.m.3 views

flash-plugin: multiple security flaws (APSB10-16)

Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and Adobe AIR before 2.0.3, allows attackers to trick a user into 1 selecting a link or 2 completing a dialog, related to a "click-jacking" issue...

4.3CVSS5.8AI score0.03849EPSS
Exploits0References4
myhack58
myhack58
added 2010/07/28 12:0 a.m.24 views

Smart core management system through the kill vulnerability-vulnerability warning-the black bar safety net

Smart core management system of the pass to kill the loopholes, a few days ago happen to need to get a Chi Rui school management system Station download the intelligent core of the system see the following code, found in the ADMIN directory, the admincheck. asp file code is written this way is by...

0.1AI score
Exploits0
myhack58
myhack58
added 2010/05/17 12:0 a.m.11 views

The latest news of the system through the kill vulnerability 0day-vulnerability warning-the black bar safety net

Use cokiess deceived into management background,google keyword inurl:newsmore. asp? lm2= 1. /admin/adminnewsplview. asp? id=1 //id of any fill in the following statement 2. Sometimes 1 display error message of time to go back 2, 3, and 4。。。。 3. |'+dfirst"user","admin"+chr1 2...

1.2AI score
Exploits0
Rows per page
Query Builder