108 matches found
Design/Logic Flaw
LEMON-S PHP Gazou BBS plus before 2.36 allows remote attackers to upload arbitrary HTML documents via vectors involving a crafted image file...
CVE-2015-2974
LEMON-S PHP Gazou BBS plus before 2.36 allows remote attackers to upload arbitrary HTML documents via vectors involving a crafted image file...
Google Drive executable script can be used to fishing-vulnerability warning-the black bar safety net
An Indian security researcher Ansuman found, upload to Google Drive html can be executed This can, for Google users fishing. Process: Login Google Drive, Upload a html,here Ansuman of the original file to do test: | 0 1 | html ---|--- 0 2 | body ---|--- 0 3 | form...
Content-Disposition: attachment ignored if Content-Type: multipart also present
Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, does not properly handle situations in which both "Content-Disposition: attachment" and "Content-Type: multipart" are present in HTTP headers, which allows remote attackers to conduct cross-site scripting XSS...
tomcat host manager XSS
Multiple cross-site scripting XSS vulnerabilities in the 1 Manager and 2 Host Manager web applications in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.36, 5.0.0 through 5.0.30, 5.5.0 through 5.5.24, and 6.0.0 through 6.0.13 allow remote authenticated users to inject arbitrary web script o...
phpBB v 2.0.X upload html .gif ( "not 2.0.19" )
/ ,, / / '-./.-' .--' '--. / / /"" SpiderZ ForumZ Security | | | | / / '..' = Autore: SpiderZ = phpBB v 2.0.X upload html .gif "not 2.0.19" = Sito: www.spiderz.tk 1° Registrati al seguente forum 2° entra con i tuoi dati 3° vai su "Profilo" su "Carica avatar da PC:" 4° prepara la tua pagina...
Hummingbird Collaboration - Application Cookie Internal Network Information Disclosure
Hummingbird Collaboration - Application Cookie Internal Network Information Disclosure source: https://www.securityfocus.com/bid/16195/info Hummingbird Enterprise Collaboration is prone to multiple vulnerabilities. The following specific issues were identified: The application reportedly allows...
Hummingbird Collaboration - Crafted URL File Property Obscuration Download
Hummingbird Collaboration - Crafted URL File Property Obscuration Download source: https://www.securityfocus.com/bid/16195/info Hummingbird Enterprise Collaboration is prone to multiple vulnerabilities. The following specific issues were identified: The application reportedly allows remote...