Various Applications Include ZeroClipboard XSS

Hello list! These are Cross-Site Scripting vulnerabilities in YAML, MultiProject extension for Trac, UserCollections extension for Piwigo, TAO and TableTools plugin for DataTables plugin for jQuery with ZeroClipboard.swf. Earlier I've wrote about Cross-Site Scripting vulnerabilities in...

[USN-1722-1] jQuery vulnerability

========================================================================== Ubuntu Security Notice USN-1722-1 February 13, 2013 jquery vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

Ubuntu Update for jquery USN-1722-1

Check for the Version of jquery OpenVAS Vulnerability Test $Id: gbubuntuUSN17221.nasl 8494 2018-01-23 06:57:55Z teissa $ Ubuntu Update for jquery USN-1722-1 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software;...

Ubuntu: Security Advisory (USN-1722-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 10.04 LTS / 11.10 : jquery vulnerability (USN-1722-1)

It was discovered that jQuery incorrectly handled selecting elements using location.hash, resulting in a possible cross-site scripting XSS issue. With cross-site scripting vulnerabilities, if a user were tricked into viewing a specially crafted page, a remote attacker could exploit this to modify...

USN-1722-1: jQuery vulnerability

It was discovered that jQuery incorrectly handled selecting elements using location.hash, resulting in a possible cross-site scripting XSS issue. With cross-site scripting vulnerabilities, if a user were tricked into viewing a specially crafted page, a remote attacker could exploit this to modify...

Joomla Component com_facileforms shell upload Vulnerability

The attacker can uplaod any file/shell.php .phtml .aspx .pl ...... 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS,...

CVE-2011-4969

Cross-site scripting XSS vulnerability in jQuery before 1.6.3, when using location.hash to select elements, allows remote attackers to inject arbitrary web script or HTML via a crafted tag...

SA-CORE-2013-001 - Drupal core - Multiple vulnerabilities

Multiple vulnerabilities were fixed in the supported Drupal core versions 6 and 7. Cross-site scripting Various core and contributed modules - Drupal 6 and 7 A reflected cross-site scripting vulnerability XSS was identified in certain Drupal JavaScript functions that pass unexpected user input in...

TYPO3 T3 jQuery Extension任意PHP代码执行漏洞

BUGTRAQ ID: 57280 Typo3是开源内容管理系统（CMS）和内容管理框架（CMF）。 TYPO3 T3 jQuery 2.2.0及之前版本对用户控制的输入使用了 "unserialize"，可被利用执行任意PHP代码。 0 TYPO3 T3 jQuery extension = 2.2.0 厂商补丁： TYPO3 ----- TYPO3已经为此发布了一个安全公告（typo3-ext-sa-2013-001）以及相应补丁: typo3-ext-sa-2013-001：TYPO3-EXT-SA-2013-001: Several vulnerabilities in thir...

Uploadify jQuery Generic File Upload

No description provided by source. Title : Uploadify jQuery Generic File Upload Metasploit Author : KedAns-Dz E-mail : ked-h @hotmail.com / @1337day.com Home : Hassi.Messaoud 30500 - Algeria -00213555248701 Web Site : www.1337day.com .net .org FaCeb0ok : http://fb.me/Inj3ct0rK3d Friendly Sites :...

Uploadify jQuery Generic File Upload

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 + Support e-mail :...

Uploadify jQuery Generic File Upload (Metasploit)

This module exploits an arbitrary File Upload and Code Execution flaw Uploadify script jQuery Multiple File Upload, the vulnerability allows for arbitrary file upload and remote code execution POST Data to Vulnerable uploadify.php in any CMS/SCRIPT use Uploadify. Some Joomla, WordPress,...

JQuery Tooltip Cross Site Scripting

/ Author: Claudio Contin XSS bug on http://www.jquerytools.org/ tooltip component / Tooltip component doesn't sanitize html passed to the 'title' element, even though the html is already sanitized before been passed to tooltip class. Cross site scripting is possible if user has control of the inp...

Joomla! Component com_movm - SQL Injection

Joomla! Component commovm - SQL Injection Exploit Title: Joomla commovm SQL Injection Date: 31-07-2012 Author: Daniel Barragan "D4NB4R" Twitter: @D4NB4R site: http://poisonsecurity.wordpress.com/ Vendor: http://www.movm.net/ Version: 1.0 Date Added 28 July 2012 License: Commercial $ 49.99 us Demo...

Pritlog v0.821 CMS - Multiple Web Vulnerabilities

Title: ====== Pritlog v0.821 CMS - Multiple Web Vulnerabilities Date: ===== 2012-04-29 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=534 VL-ID: ===== 534 Introduction: ============= PRITLOG is an extremely simple, small 500K uncompressed and powerful blog system. It...

EmbryoCore CMS 1.03 SQL Injection

Title: ====== EmbryoCore CMS v1.03 - Multiple Web Vulnerabilities Date: ===== 2012-04-14 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=503 VL-ID: ===== 503 Introduction: ============= EmbryoCore is a blog / content management system written using PHP5 s newest feature...

EmbryoCore CMS v1.03 Multiple Web Vulnerabilities

Exploit for php platform in category web applications Title: ====== EmbryoCore CMS v1.03 - Multiple Web Vulnerabilities Introduction: ============= EmbryoCore is a blog / content management system written using PHP5 s newest features. Highly customizable, XHTML:Strict compliant, with full...

EmbryoCore CMS v1.03 - Multiple Web Vulnerabilities

Document Title: =============== EmbryoCore CMS v1.03 - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=503 Release Date: ============= 2012-04-13 Vulnerability Laboratory ID VL-ID: ==================================== 503...

EmbryoCore CMS v1.03 - Multiple Web Vulnerabilities

Document Title: =============== EmbryoCore CMS v1.03 - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=503 Release Date: ============= 2012-04-13 Vulnerability Laboratory ID VL-ID: ==================================== 503...