Moodle JavaScript Code Injection Vulnerability

Moodle is a free, open-source e-learning software platform, also known as a course management system, learning management system, or virtual learning environment, developed by Dr. Martin Dougiamas of Australia. A security vulnerability exists in Moodle. An attacker can exploit this vulnerability ...

moodle -- multiple vulnerabilities

Marina Glancy reports: MSA-15-0026: Possible phishing when redirecting to external site using referer header. CVE-2015-3272 MSA-15-0027: Capability 'mod/forum:canposttomygroups' is not respected when using 'Post a copy to all groups' in forum CVE-2015-3273 MSA-15-0028: Possible XSS through custom...

(Pwn2Own) Apple OS X XSS Sandbox Bypass Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple OS X. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within certain URLs in the...

Concrete CMS: No csrf protection on index.php/ccm/system/user/add_group, index.php/ccm/system/user/remove_group

crayons There is no csrf protection on index.php/ccm/system/user/addgroup, and index.php/ccm/system/user/removegroup. A malicious POST request can be constructed to add or remove group membership from arbitrary users, if a logged-in admin surfs to a compromised site. For example, a registered use...

mod_cluster: JavaScript code injection is possible via MCMP mod_manager messages

A flaw was found in the way the modcluster manager processed certain MCMP messages. An attacker with access to the network from which MCMP messages are allowed to be sent could use this flaw to execute arbitrary JavaScript code in the modcluster manager web interface...

mod_cluster: JavaScript code injection is possible via MCMP mod_manager messages

A flaw was found in the way the modcluster manager processed certain MCMP messages. An attacker with access to the network from which MCMP messages are allowed to be sent could use this flaw to execute arbitrary JavaScript code in the modcluster manager web interface...

WordPress 4.2 - Persistent Cross-Site Scripting

WordPress 4.2 - Persistent Cross-Site Scripting Source: http://klikki.fi/adv/wordpress2.html Overview Current versions of WordPress are vulnerable to a stored XSS. An unauthenticated attacker can inject JavaScript in WordPress comments. The script is triggered when the comment is viewed. If...

mod_cluster: JavaScript code injection is possible via MCMP mod_manager messages

A flaw was found in the way the modcluster manager processed certain MCMP messages. An attacker with access to the network from which MCMP messages are allowed to be sent could use this flaw to execute arbitrary JavaScript code in the modcluster manager web interface...

Snapchat: Vulnerable to JavaScript injection. (WXS) (Javascript injection)!

Vulnerable to JavaScript injection. WXS Description: Java script injected in activity: net.hockeyapp.android.UpdateActivity with injection String: document.getElementsByTagName'body'0.setAttribute'style', 'background-color: red'; Recommended Solution: Local HTML modifications via malware or other...

Firefox 3 1 to 3 4 remote command execution vulnerability analysis-vulnerability warning-the black bar safety net

0x00 Preface Some time ago, the brother in a lot of the browser in the script-level vulnerabilities upgrade for remote command execution, almost daily all over the market on all domestic browser, which has become many people relish topic. Indeed, in today's this underlyingsecuritygrowing...

Mozilla Firefox - Proxy Prototype Privileged JavaScript Injection (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'rex/exploitation/jsobfu' class Metasploit3 'Firefox Proxy Prototype Privileged Javascript Injection', 'Description' = %q This exploit gains...

Firefox Proxy Prototype Privileged Javascript Injection

This exploit gains remote code execution on Firefox 31-34 by abusing a bug in the XPConnect component and gaining a reference to the privileged chrome:// window. This exploit requires the user to click anywhere on the page to trigger the vulnerability. This module requires Metasploit:...

Chrome, Firefox, Safari and IE – All Browsers Hacked at Pwn2Own Competition

The Annual Pwn2Own Hacking Competition 2015 held in Vancouver is over and participants from all over the world nabbed $557,500 in bug bounties for 21 critical bugs in top four web browsers as well as Windows OS, Adobe Reader and Adobe Flash. During the second and final day of this year’s hacking...

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS. The $http service allows JSONP requests with untrusted URLs, which could be exploited by an attacker. Details Cross-site scripting or XSS is a code vulnerability that occurs when an attacker “injects” a malicio...

Risk of BREACH attack due to reflected parameter.

PMASA-2015-1 Announcement-ID: PMASA-2015-1 Date: 2015-03-04 Summary Risk of BREACH attack due to reflected parameter. Description With a large number of crafted requests it was possible to infer the CSRF token by a BREACH attack. Severity We consider this vulnerability to be non critical...

phpMyAdmin -- Risk of BREACH attack due to reflected parameter

The phpMyAdmin development team reports: Risk of BREACH attack due to reflected parameter. With a large number of crafted requests it was possible to infer the CSRF token by a BREACH attack. Mitigation factor: this vulnerability can only be exploited in the presence of another vulnerability that...

InVision: Javascript Injection

In this webapge: █████████, the URL that is being loaded is listed as a meta property: html The problem is that when additional text is appended to the end of the URL, like this html , it is displayed as part of the HTML. By adding a quotation mark and closing the metaproperty tag like so: html "...

Vimeo: Application XSS filter function Bypass may allow Multiple stored XSS

Hi, As i analysed the application behavior and the security structure, i found out that the application is using "Greedy XSS Regex filter" against XSS and removes any the whole string from ''. So i tried some basic bypass which allowed me to insert tags and other characters into the string. Here ...

Vimeo: Vimeo.com - reflected xss vulnerability

Hi. I want to report a Reflected xss vulnerability that I found in www.vimeo.com website and which can affect the safety of your users. This vulnerability allows an attacker to inject in web pages javascript content for sending malicious scripts to an unsuspecting user. This flaw can access any...

eBay.com ocsnext CSS Injection

Exploit Title: eBay.com ocsnext sub-domain Reflected CSS injection Date: 20/12/2014 Author: Yann CAM @ Synetis - ASafety Vendor or Software Link: www.ebay.com Version: / Category: Reflected CSS injection Google dork: Tested on: eBay.com ocsnext sub-domain Adobe description :...