1062 matches found
CVE-2009-4949
SQL injection vulnerability in the Store Locator extension before 1.2.8 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
Sql injection
SQL injection vulnerability in the Store Locator extension before 1.2.8 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
Cross site scripting
Cross-site scripting XSS vulnerability in the Store Locator extension before 1.2.8 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2009-4949
Summary (CVE-2009-4949): The TYPO3 Store Locator extension, prior to version 1.2.8, is affected by an SQL injection that enables remote attackers to execute arbitrary SQL commands via unspecified vectors. The vulnerability is confirmed across multiple sources (NVD, Red Hat, CVE records) and is li...
CVE-2009-4948
The vulnerability CVE-2009-4948 affects the TYPO3 Store Locator extension prior to version 1.2.8, where an XSS flaw allows remote attackers to inject arbitrary script or HTML via unspecified vectors. The root cause is an input/output handling flaw in the extension that fails to neutralize user-su...
CVE-2009-4949
SQL injection vulnerability in the Store Locator extension before 1.2.8 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2009-4948
Cross-site scripting XSS vulnerability in the Store Locator extension before 1.2.8 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Store Locator - Cross-Site Request Forgery (Add Admin)
Store Locator - Cross-Site Request Forgery Add Admin vendor: www.ghostscripter.com ::::::::::::::explo!t::::::: ::::::: Store Locator Remote Add Admin Exploit User: Pass: :::::::::::::::::::::::::::::::::::::::::: Greetz to : Alnjm33-virus-pal - Predator-bingo2 - xXx-jago-dz -inejcteur-4PY-SaYrOs...
Store Locator - Cross-Site Request Forgery (Add Admin)
vendor: www.ghostscripter.com ::::::::::::::explo!t::::::: ::::::: Store Locator Remote Add Admin Exploit User: Pass: :::::::::::::::::::::::::::::::::::::::::: Greetz to : Alnjm33-virus-pal - Predator-bingo2 - xXx-jago-dz -inejcteur-4PY-SaYrOs- XR57 -Tr0y-x Ahmadso -alsaek AnD all Tunisian hacke...
Store Locator Remote Add Admin Exploit CSRF Vulnerability
Exploit for php platform in category web applications ========================================================= Store Locator Remote Add Admin Exploit CSRF Vulnerability ========================================================= vendor: www.ghostscripter.com ::::::::::::::explo!t::::::: :::::::...
Multiple vulnerabilities in third party extensions
Several vulnerabilities have been found in the following third party TYPO3 extensions: "A21glossary Advanced Output" a21glossaryadvancedoutput, "ClickStream Analyzer output" alternetcsaout, "Directory Listing" dirlisting, "Store Locator" locator, "Userdata Create/Edit" sguserdata, "Versatile...
Motorola Timbuktu's Internet Locator Service real-time data exposed to public.
We just want to make a public warning to those users of Motorola/Netopia Timbuktu Remote Control Software who are using the Internet Locator service. This service allows to locate any Timbuktu's user just by knowing the email. More than five months ago we notified Netopia's customer support...
timbuktu-pwn.txt
We just want to make a public warning to those users of Motorola/Netopia Timbuktu Remote Control Software who are using the Internet Locator service. This service allows to locate any Timbuktu's user just by knowing the email. More than five months ago we notified Netopia's customer support...
Design/Logic Flaw
Argument injection vulnerability in a URI handler in Microsoft Office XP SP3, 2003 SP2 and SP3, 2007 Office System Gold and SP1, and Office OneNote 2007 Gold and SP1 allow remote attackers to execute arbitrary code via a crafted onenote:// URL, aka "Uniform Resource Locator Validation Error...
Microsoft Office OneNote URL Validation Error (MS08-055; CVE-2008-3007)
Microsoft Office OneNote is a tool for note-taking, information gathering, and multi-user collaboration that visualizes notes as a two-dimensional page. A remote code execution vulnerability has been reported in the way that Microsoft Office handles specially crafted OneNote files. The...
Unfixed XSS vulnerability at www.dairyqueen.com
Security researcher SnS, has submitted on 06/04/2008 a cross-site-scripting XSS vulnerability affecting www.dairyqueen.com, which at the time of submission ranked 52377 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 02/06/2008. It is currently...
CVE-2008-0819
Directory traversal vulnerability in index.php in PlutoStatus Locator 1.0 pre alpha allows remote attackers to include and execute arbitrary local files via a .. dot dot in the page parameter...
Directory traversal
Directory traversal vulnerability in index.php in PlutoStatus Locator 1.0 pre alpha allows remote attackers to include and execute arbitrary local files via a .. dot dot in the page parameter...
CVE-2008-0819
CVE-2008-0819 concerns a directory traversal vulnerability in PlutoStatus Locator 1.0 pre alpha. The flaw resides in index.php and allows remote attackers to include and execute arbitrary local files by supplying a .. (dot dot) sequence in the page parameter. Documented impact indicates local fil...
CVE-2008-0819
Directory traversal vulnerability in index.php in PlutoStatus Locator 1.0 pre alpha allows remote attackers to include and execute arbitrary local files via a .. dot dot in the page parameter...