3230 matches found
wordpress -- multiple vulnerabilities
The wordpress development team reports: Blocking server-side request forgery attacks, which could potentially enable an attacker to gain access to a site Disallow contributors from improperly publishing posts An update to the SWFUpload external library to fix cross-site scripting vulnerabilities...
user_defined_regex
This plugin greps every response for a user defined regex. You can specify a single regex or an entire file of regexes each line one regex, if both are specified, the singleregex will be added to the list of regular expressions extracted from the file. A list of example regular expressions can be...
ssl_certificate
This plugin audits SSL certificate parameters. One configurable parameter exists: minExpireDays CA PEM file path Note: Its only usefull when testing HTTPS sites. Plugin type Audit Options Name | Type | Default Value | Description | Help ---|---|---|---|--- minExpireDays | integer | 30 | Set minim...
Simple Posting System Final LFI/XSS/FPD Vulnerabilities
Simple Posting System suffers from multiple vulnerabilities including LFI/XSS/FPD +-- LFI --+ http://localhost/sps.php?old=../../../../../../../../../../../../../../../../../etc/passwd%00 +-- Persistent XSS --+ Vulnerable Field = "Homepage" Payload syntax: alert'XSS'; +-- FPD --+...
The PHP file contains the exploit-vulnerability warning-the black bar safety net
A, PHP configuration in the file contain the use of The file contains a vulnerability that when the programmer in the include file of the process is introduced in the external data submitted by participating in the procedures included the generation of vulnerability, this vulnerability is current...
Cunity 1.0b - XSS/FileUpload Vulnerabilities
Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...
South Korea HOMPYNET CMS vulnerability-vulnerability warning-the black bar safety net
Upload vulnerability : http://www.xxx.com/admin/imageadmin3.php?boardid=&iname=&iform= http://www.xxx.com/admin/imageadmin2.php?boardid=&iname=&iform= Uploaded posterior diameter: http://www.xxx.com/biswebpage/images/shell.php.en Editor: http://www.xxx.com/admin/editor/SWE.php...
SuSE Update for Chromium openSUSE-SU-2012:1637-1 (Chromium)
Check for the Version of Chromium OpenVAS Vulnerability Test $Id: gbsuse201216371.nasl 8494 2018-01-23 06:57:55Z teissa $ SuSE Update for Chromium openSUSE-SU-2012:1637-1 Chromium Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This...
[slackware-security] pidgin (SSA:2013-044-01)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 slackware-security pidgin SSA:2013-044-01 New pidgin packages are available for Slackware 12.2, 13.0, 13.1, 13.37, 14.0, and -current to fix security issues. Here are the details from the Slackware 14.0 ChangeLog: +--------------------------+...
Java write file file name 0 0 truncation BUG that caused file upload vulnerability and fix-vulnerability warning-the black bar safety net
Java in the above two environments to write the files, because 0 0 is truncated and not correct for the new generated file name. For example, the user needs to username abc. jsp . jpg, but after 0 0 after truncation, the resulting file name becomes the abc. jsp , therefore we are in relation to t...
Feindura CMS v2.0.4 <= (thumbnail) File Upload Vulnerability
The Bug is 0day on Feindura CMS v2.0.4 when use Thumbnail to upload images attacker can upload remote and big file/webShell 100mb .gif to the target . Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 + Support e-mail : submitat1337day.com...
NGS000330 Technical Advisory: Squiz CMS File Path Traversal
======= Summary ======= Name: Squiz CMS - File Path Traversal Release Date: 30 November 2012 Reference: NGS00330 Discoverer: Robert Ray [email protected] Vendor: Squiz Vendor Reference: 11846 Systems Affected: Squiz CMS V11654 Risk: High Status: Published ======== TimeLine ========...
CVE-2012-5138
Google Chrome before 23.0.1271.95 does not properly handle file paths, which has unspecified impact and attack vectors...
CVE-2012-5138
CVE-2012-5138 affects Chromium; the issue is incorrect file path handling . Public references in openSUSE/SUSE advisories show this CVE is included in the Chromium updates. The connected documents indicate a remediation path via upgrading Chromium to newer releases (e.g., openSUSE/SU-2012:1637-1,...
Google Chrome Multiple Vulnerabilities-02 Dec2012 (Windows)
This host is installed with Google Chrome and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbgooglechromemultvuln02dec12win.nasl 5940 2017-04-12 09:02:05Z teissa $ Google Chrome Multiple Vulnerabilities-02 Dec2012 Windows Authors: Antu Sanadi Copyright: Copyright c 2012...
sanlock world writable /var/log/sanlock.log
The setuplogging function in log.h in SANLock uses world-writable permissions for /var/log/sanlock.log, which allows local users to overwrite the file content or bypass intended disk-quota restrictions via standard filesystem write operations...
Google Chrome Multiple Vulnerabilities-02 Dec2012 (Linux)
This host is installed with Google Chrome and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbgooglechromemultvuln02dec12lin.nasl 5999 2017-04-21 09:02:32Z teissa $ Google Chrome Multiple Vulnerabilities-02 Dec2012 Linux Authors: Antu Sanadi Copyright: Copyright c 2012...
Google Chrome Multiple Vulnerabilities-02 Dec2012 (Mac OS X)
This host is installed with Google Chrome and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbgooglechromemultvuln02dec12macosx.nasl 5956 2017-04-14 09:02:12Z teissa $ Google Chrome Multiple Vulnerabilities-02 Dec2012 Mac OS X Authors: Antu Sanadi Copyright: Copyright c 20...
Two High-Risk Flaws Fixed in Google Chrome 23
Google has fixed two bugs in its Chrome browser, including a high-severity vulnerability in its media handler that a researcher named Pinkie Pie discovered. The bug, which is different from another use-after-free vulnerability the researcher used in the Pwnium contest at Hack in the Box in Octobe...
Squiz CMS 11654 File Path Traversal
======= Summary ======= Name: Squiz CMS - File Path Traversal Release Date: 30 November 2012 Reference: NGS00330 Discoverer: Robert Ray Vendor: Squiz Vendor Reference: 11846 Systems Affected: Squiz CMS V11654 Risk: High Status: Published ======== TimeLine ======== Discovered: 29 June 2012 Release...