idsrv.sendwordnow.ca Open Redirect vulnerability

Vulnerable URL: https://idsrv.sendwordnow.ca/localization?lang=zh-TW=https://www.openbugbounty.org/ Details: Description| Value ---|--- Patched:| Yes, at 27.07.2017 Latest check for patch:| 27.07.2017 08:26 GMT Vulnerability type:| Open Redirect Vulnerability status:| Publicly disclosed Alexa Ran...

Eye Localization - External URLs, Native code usage, Unsafe deleting vulnerabilities

HackApp vulnerability scanner discovered that application Eye Localization published at the 'play' market has multiple vulnerabilities...

Code injection

The UnescapeURLWithAdjustmentsImpl implementation in net/base/escape.cc in Google Chrome before 45.0.2454.85 does not prevent display of Unicode LOCK characters in the omnibox, which makes it easier for remote attackers to spoof the SSL lock icon by placing one of these characters at the end of a...

WordPress Plugin Codestyling Localization Has Multiple Input Validation Vulnerabilities

WordPress is the WordPress Software Foundation's set of blogging platform using the PHP language development, the platform supports in PHP and MySQL server set up personal blog site.Codestyling Localization is one of the localization language development translation package plugin. A cross-site...

Codestyling Localization <= 1.99.30 - Multiple CSRF

Plugin is still affected and has been closed...

WordPress Backend Localization Plugin <= 1.6.1 - Cross Site Scripting

This plugin is prone to options-general.php kau-boysbackendlocalizationlanguage parametercross site scripting vulnerability. Solution Update the plugin...

WordPress Backend Localization Plugin <= 1.6.1 - Cross Site Scripting

This plugin is prone to options-general.php kau-boysbackendlocalizationlanguage parameter and wp-login.php kau-boysbackendlocalizationlanguage parameter cross site scripting vulnerability. Solution Update the plugin...

WordPress Code Styling Localization Plugin <= 1.99.17 - XSS

Because of this vulnerability, the attackers can inject arbitrary JavaScript or HTML code. Solution Update the plugin...

CVE-2015-0845

Format string vulnerability in Movable Type Pro, Open Source, and Advanced before 5.2.13 and Pro and Advanced 6.0.x before 6.0.8 allows remote attackers to execute arbitrary code via vectors related to localization of templates...

Format string

Format string vulnerability in Movable Type Pro, Open Source, and Advanced before 5.2.13 and Pro and Advanced 6.0.x before 6.0.8 allows remote attackers to execute arbitrary code via vectors related to localization of templates...

CVE-2015-0845

Format string vulnerability in Movable Type Pro, Open Source, and Advanced before 5.2.13 and Pro and Advanced 6.0.x before 6.0.8 allows remote attackers to execute arbitrary code via vectors related to localization of templates...

CVE-2015-0845

The CVE-2015-0845 vulnerability affects Movable Type family (Pro, Open Source, Advanced) with a format-string injection in the localisation of templates, enabling unauthenticated remote code execution as the web server user. Publicly documented activity indicates exploitation via template localiz...

CVE-2015-0845

Format string vulnerability in Movable Type Pro, Open Source, and Advanced before 5.2.13 and Pro and Advanced 6.0.x before 6.0.8 allows remote attackers to execute arbitrary code via vectors related to localization of templates...

CVE-2015-1142

LaunchServices in Apple OS X before 10.10.3 allows local users to cause a denial of service Finder crash via crafted localization data...

Code injection

LaunchServices in Apple OS X before 10.10.3 allows local users to cause a denial of service Finder crash via crafted localization data...

CVE-2015-1142

CVE-2015-1142 affects Apple OS X LaunchServices prior to 10.10.3, where crafted localization data can trigger a local denial-of-service (Finder crash). The NVD entry lists the impact as Denial of Service with partial availability impact, and the recommended remediation is to update to the latest ...

CVE-2 0 1 1-2 4 6 1 principles of analysis and case studies-vulnerability and early warning-the black bar safety net

0x00 vulnerability background From the CVE numbers it can be seen that this vulnerability has been for some years 1。 Because this vulnerability occurs in the Flex SDK, rather than the Flash Player. So for developers, as long as they used to have the defects of the Flex SDK to compile FLASH, then ...

Wifi Drive Pro v1.2 iOS - File Include Web Vulnerability

Document Title: =============== Wifi Drive Pro v1.2 iOS - File Include Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1447 Release Date: ============= 2015-03-13 Vulnerability Laboratory ID VL-ID: ====================================...

Ghiro 0.2 - Automated Digital Image Forensics Tool

Sometime forensic investigators need to process digital images as evidence. There are some tools around, otherwise it is difficult to deal with forensic analysis with lot of images involved. Images contain tons of information, Ghiro extracts these information from provided images and display them...

CVE-2014-3627

The YARN NodeManager daemon in Apache Hadoop 0.23.0 through 0.23.11 and 2.x before 2.5.2, when using Kerberos authentication, allows remote cluster users to change the permissions of certain files to world-readable via a symlink attack in a public tar archive, which is not properly handled during...