WordPress Plugin jQuery Mega Menu 1.0 - Local File Inclusion

WordPress Plugin jQuery Mega Menu 1.0 - Local File Inclusion Source: http://packetstormsecurity.org/files/view/98753/WordPressjQueryMegaMenu1.0-lfi.txt ------------------------------------------------------------------------ Software................WordPress jQuery Mega Menu 1.0...

WordPress jQuery Mega Menu 1.0 Local File Inclusion

------------------------------------------------------------------------ Software................WordPress jQuery Mega Menu 1.0 Vulnerability...........Local File Inclusion...

Уязвимости в xAjax и xajax_jquery_plugin

Здравствуйте 3APA3A! Сообщаю вам о найденных мною Cross-Site Scripting и Full path disclosure уязвимостях в xAjax и xajaxjqueryplugin. XSS WASC-08: http://site/cms/’;alertdocument.cookie;/ Это DOM Based XSS. Данная уязвимость в частности имеет место в MC Content Manager которая использует xAjax...

SA-CONTRIB-2010-093 - Advanced Taxonomy Blocks - Multiple Vulnerabilities

Advanced Taxonomy Blocks makes use of the JQuery menu module to create extremely customizable blocks for browsing through single hierarchy taxonomies. The module contained Cross Site Scripting vulnerabilities which could allow a malicious user with one of several non-default permissions to inject...

SA-CONTRIB-2010-092 - Advanced Book Blocks - Multiple Vulnerabilities

The Advanced Book Blocks module enables you to integrate with the API provided by the JQuery Menu module version 1.8 and higher to provide click and expand book menus with the ability to customize each block individually. The module contained Cross Site Scripting vulnerabilities which could allow...

Dynamic Portfolio Template Cross Site Scripting

Author: L0rd CrusAd3r aka VSN [email protected] Exploit Title: Dynamic Portfolio Template XSS Vulnerability Version:1.0 Platform:Linux, Windows Price:12$ Vendor url:http://themeforest.net Published: 2010-06-09 Greetz to:Sid3^effects, MaYur, M4n0j, Dark Blue™®, S1ayer and to all ICW members...

SilverStripe < 2.3.6 Multiple Vulnerabilities

Binary data 5345.prm...

jQuery Validate 1.6.0 Demo Code Advisory

+----------------------------------------------+ ADVISORY – jQuery Validate 1.6.0 Demo Code AFFECTED PACKAGES jQuery Validate 1.6.0 SilverStripe 2.3.X to 2.3.5 Discovered By CodeScan.com +----------------------------------------------+ Vendor's Website:...

jQuery 2.3.5 Cross Site Scripting Vulnerability

Exploit for unknown platform in category web applications =============================================== jQuery 2.3.5 Cross Site Scripting Vulnerability =============================================== +----------------------------------------------+ ADVISORY jQuery Validate 1.6.0 Demo Code...

jQuery Validate 1.6.0 Cross Site Scripting

+----------------------------------------------+ ADVISORY – jQuery Validate 1.6.0 Demo Code AFFECTED PACKAGES jQuery Validate 1.6.0 SilverStripe 2.3.X to 2.3.5 Discovered By CodeScan.com +----------------------------------------------+ Vendor's Website:...

jQuery uploadify v2.1.0 Remote File Upload

No description provided by source. Exploit Title: jQuery uploadify v2.1.0 Remote File Upload Date: 21/01/2010 Author: k4cp3r/Ablus Version: v2.1.0 uploadify.swf Actionscript: function setAllowedTypes:void allowedTypes = ; if param.fileDesc && param.fileExt var fileDescs:Array =...

jQuery Uploadify 2.1.0 - Arbitrary File Upload

Exploit Title: jQuery uploadify v2.1.0 Remote File Upload Date: 21/01/2010 Author: k4cp3r/Ablus Version: v2.1.0 uploadify.swf Actionscript: function setAllowedTypes:void allowedTypes = ; if param.fileDesc && param.fileExt var fileDescs:Array = param.fileDesc.split'|'; var fileExts:Array =...

jQuery uploadify v2.1.0 Remote File Upload

Exploit for unknown platform in category web applications ========================================== jQuery uploadify v2.1.0 Remote File Upload ========================================== Exploit Title: jQuery uploadify v2.1.0 Remote File Upload Date: 21/01/2010 Author: k4cp3r/Ablus Version: v2.1....

Talk about browser sniffing and feature detection-vulnerability warning-the black bar safety net

| Talk about browser sniffing and feature detection --- Browser sniffing The first tips is to analyze the User Agent to obtain, for example, jQuery1. 3. 1 of the core. js: // Use of jQuery. browser is deprecated. // It's included for backwards compatibility and plugins, // although they should wo...

CVE-2007-2379

The jQuery framework exchanges data using JavaScript Object Notation JSON without an associated protection scheme, which allows remote attackers to obtain the data via a web page that retrieves the data through a URL in the SRC attribute of a SCRIPT element and captures the data using other...

Design/Logic Flaw

The jQuery framework exchanges data using JavaScript Object Notation JSON without an associated protection scheme, which allows remote attackers to obtain the data via a web page that retrieves the data through a URL in the SRC attribute of a SCRIPT element and captures the data using other...

CVE-2007-2379

The jQuery framework exchanges data using JavaScript Object Notation JSON without an associated protection scheme, which allows remote attackers to obtain the data via a web page that retrieves the data through a URL in the SRC attribute of a SCRIPT element and captures the data using other...

CVE-2007-2379

The jQuery framework exchanges data using JavaScript Object Notation JSON without an associated protection scheme, which allows remote attackers to obtain the data via a web page that retrieves the data through a URL in the SRC attribute of a SCRIPT element and captures the data using other...

CVE-2007-2379

CVE-2007-2379 affects the jQuery framework, where data is exchanged as JSON without an associated protection scheme. This enables JavaScript Hijacking: a remote attacker can obtain data by a page that retrieves it through a URL in the SRC attribute of a SCRIPT element and reads it with other Java...

CVE-2007-2379

Removed by vendor...