CumulusClips 2.4.1 - Multiple Vulnerabilities

Exploit for php platform in category web applications Exploit Title: CumulusClips Session fixation Google Dork: inurl:/cumulusclips/videos/ Date: 2.09.2016 Exploit Author: kor3k / Łukasz Korczyk Vendor Homepage: http://cumulusclips.org/ Software Link: http://cumulusclips.org/cumulusclips.zip...

CumulusClips 2.4.1 - Multiple Vulnerabilities

Exploit Title: CumulusClips Session fixation Google Dork: inurl:/cumulusclips/videos/ Date: 2.09.2016 Exploit Author: kor3k / Łukasz Korczyk Vendor Homepage: http://cumulusclips.org/ Software Link: http://cumulusclips.org/cumulusclips.zip Version: 2.4.1 Tested on: Debian Jessie Description:...

CumulusClips 2.4.1 Code Execution / CSRF / Cross Site Scripting

Exploit Title: CumulusClips Session fixation Google Dork: inurl:/cumulusclips/videos/ Date: 2.09.2016 Exploit Author: kor3k / Aukasz Korczyk Vendor Homepage: http://cumulusclips.org/ Software Link: http://cumulusclips.org/cumulusclips.zip Version: 2.4.1 Tested on: Debian Jessie Description:...

openSUSE Security Update : MozillaFirefox / mozilla-nss (openSUSE-2016-704)

This update to Mozilla Firefox 47 fixes the following issues boo983549 : Security fixes : - CVE-2016-2815/CVE-2016-2818: Miscellaneous memory safety hazards boo983638 MFSA 2016-49 - CVE-2016-2819: Buffer overflow parsing HTML5 fragments boo983655 MFSA 2016-50 - CVE-2016-2821: Use-after-free...

Security update for MozillaFirefox, mozilla-nss (important)

This update to Mozilla Firefox 47 fixes the following issues boo983549: Security fixes: - CVE-2016-2815/CVE-2016-2818: Miscellaneous memory safety hazards boo983638 MFSA 2016-49 - CVE-2016-2819: Buffer overflow parsing HTML5 fragments boo983655 MFSA 2016-50 - CVE-2016-2821: Use-after-free deletin...

[SECURITY] Fedora 22 Update: icecat-38.3.0-10.fc22

GNUZilla Icecat is a fully-free fork of Mozilla Firefox. Four extensions are included to this version of IceCat: LibreJS 6.0.10.20150620 GNU LibreJS aims to address the JavaScript problem described in Richard Stallman's article The JavaScript Trap. SpyBlock 2.6.9.0 Blocks privacy trackers while i...

[SECURITY] Fedora 23 Update: icecat-38.3.0-10.fc23

GNUZilla Icecat is a fully-free fork of Mozilla Firefox. Four extensions are included to this version of IceCat: LibreJS 6.0.10.20150620 GNU LibreJS aims to address the JavaScript problem described in Richard Stallman's article The JavaScript Trap. SpyBlock 2.6.9.0 Blocks privacy trackers while i...

WordPress HTML5 Video Player with Playlist plugin Multiple XSS Vulnerabilities

WordPress HTML5 Video Player with Playlist Plugin is prone to multiple cross site scripting vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

CVE-2014-4534

Multiple cross-site scripting XSS vulnerabilities in videoplayer/autoplay.php in the HTML5 Video Player with Playlist plugin 2.4.0 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 theme or 2 playlistmod parameter...

CVE-2014-4534

The CVE-2014-4534 entry covers multiple XSS vulnerabilities in the WordPress plugin “HTML5 Video Player with Playlist” (versions up to and including 2.4.0). Vulnerable component: videoplayer/autoplay.php; attacker can inject arbitrary script/HTML via the (1) theme or (2) playlistmod parameter. Im...

WordPress Plugin JW Player for Flash & HTML5 Video - Cross-Site Request Forgery

source: https://www.securityfocus.com/bid/67954/info JW Player for Flash & HTML5 Video is a Plugin for WordPress is prone to a cross-site request-forgery vulnerability. Exploiting this issue may allow a remote attacker to perform certain unauthorized actions. This may lead to further attacks. JW...

MozillaFirefox: Update to version 15 (critical)

Mozilla Firefox, Thunderbird, xulrunner, seamonkey 15.0 update bnc777588 MFSA 2012-57/CVE-2012-1970 Miscellaneous memory safety hazards MFSA 2012-58/CVE-2012-1972/CVE-2012-1973/CVE-2012-1974/CVE-2012-1 975 CVE-2012-1976/CVE-2012-3956/CVE-2012-3957/CVE-2012-3958/CVE- 2012-3959...