112 matches found
WordPress Plugin spider Calendar - Multiple Vulnerabilities
Exploit Title: Wordpress spider calendar Plugin Multiple Vulnerabilities Dork: N/A Date: 02-10-2012 Author: Daniel Barragan "D4NB4R" Twitter: @D4NB4R Vendor: http://wordpress.org/extend/plugins/spider-calendar/ Version: 1.0.1 License: Non-Commercial Demo:...
VICIDIAL Call Center Suite 2.2.1-237 - Multiple Vulnerabilities
...:::::VICIDIAL call center suite Blind SQL Injection Vulnerability::::.... Sepahan TelCom IT Group septelcom ------------------------------------------------------- Date: 2012-09-07 Exploit Author: Sepahan TelCom IT Group septelcom Vendor Homepage: http://www.vicidial.org Software Link:...
Blogger.com vulnerability, Gaining Administrative Privileges on any Account !
Blogger.com vulnerability, Gaining Administrative Privileges on any Account ! In the last 2 months,Nir.Goldshlager participated in Google reward program and found some High, Serious vulnerabilities. The vulnerability that Nir.Goldshlager want to share first, Is a critical vulnerability in Blogger...
Sun Java System Communication Express CSRF via HPP
Hello, As a continuation of my advisory about "Sun Java System Communications Express Multiple HTML Injection Vulnerabilities" that can be found here: http://www.securityfocus.com/bid/34083/info, I would like to introduce another potential security threat in the same product and based on my...
Sun Java System Communications Express Multiple HTML Injection Vuln
Exploit for unknown platform in category web applications ============================================================================== Sun Java System Communications Express Multiple HTML Injection Vulnerabilities ============================================================================== As...
Sun Java System Communications Express XSRF
Hello, As a continuation of my advisory about "Sun Java System Communications Express Multiple HTML Injection Vulnerabilities" that can be found here: http://www.securityfocus.com/bid/34083/info, I would like to introduce another potential security threat in the same product and based on my...
CUPS < 1.4.2 kerberos Parameter XSS
According to its banner, the version of CUPS installed on the remote host is earlier than 1.4.2. The 'kerberos' parameter in such versions is not properly sanitized before being used to generate dynamic HTML content. An attacker can leverage this issue via a combination of attribute injection and...
CVE-2009-2820
The web interface in CUPS before 1.4.2, as used on Apple Mac OS X before 10.6.2 and other platforms, does not properly handle 1 HTTP headers and 2 HTML templates, which allows remote attackers to conduct cross-site scripting XSS attacks and HTTP response splitting attacks via vectors related to a...
Cross site scripting
The web interface in CUPS before 1.4.2, as used on Apple Mac OS X before 10.6.2 and other platforms, does not properly handle 1 HTTP headers and 2 HTML templates, which allows remote attackers to conduct cross-site scripting XSS attacks and HTTP response splitting attacks via vectors related to a...
CVE-2009-2820
The web interface in CUPS before 1.4.2, as used on Apple Mac OS X before 10.6.2 and other platforms, does not properly handle 1 HTTP headers and 2 HTML templates, which allows remote attackers to conduct cross-site scripting XSS attacks and HTTP response splitting attacks via vectors related to a...
ModSecurity 2.5.9 Filter Bypass
======================================================================== ModSecurity Core Rules HPP Filter Bypass Vulnerability ======================================================================== Affected Software : ModSecurity = 2.5.9 using ModSecurity Core Rules = 2.5-1.6.1 Author :...
ModSecurity <= 2.5.9 (Core Rules <= 2.5-1.6.1) Filter Bypass Vuln
Exploit for windows platform in category remote exploits ================================================================= ModSecurity = 2.5.9 Core Rules = 2.5-1.6.1 Filter Bypass Vuln ================================================================= Affected Software : ModSecurity = 2.5.9 using...