242 matches found
NewsDaemon remote administrator access
SUMMARY ------- In all versions of NewsDaemon prior to 0.21b released 25 Jan 2001, it is possible to spoof a global variable in an HTTP request and obtain administrator access remotely. NewsDaemon is the PHP-based Web Log software that runs http://daily.daemonnews.org/ a popular news and discussi...
netscape.4.x.java.txt
Netscape 4.x javascript security flaw Versions tested: Windows98/Netscape4.7,Windows95/Netscape4.05 Description: Credits to Henri Torgemane Netscape has a "persistent" navigator object, which means that any data put in the window.navigator object will be accessible to every other window as long a...