Squiz Matrix User Enumeration Scanner

This module attempts to enumerate remote users that exist within the Squiz Matrix and MySource Matrix CMS by sending GET requests for asset IDs e.g. ?a=14 and searching for a valid username eg "root" or "test" which is prefixed by a "" in the response. It will also try to GET the users full name ...

ZDI-11-316 : Apple QuickTime H264 Matrix Conversion Remote Code Execution Vulnerability

ZDI-11-316 : Apple QuickTime H264 Matrix Conversion Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-316 October 27, 2011 -- CVE ID: CVE-2011-3251 -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P -- Affected Vendors: Apple -- Affected Products: Apple Quicktime --...

Oracle Critical Patch Update - October 2011

A Critical Patch Update is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories...

CVE-2010-4901

Multiple cross-site scripting XSS vulnerabilities in charmap.php in MySource Matrix 3.28.3 allow remote attackers to inject arbitrary web script or HTML via the 1 height or 2 width parameter...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in charmap.php in MySource Matrix 3.28.3 allow remote attackers to inject arbitrary web script or HTML via the 1 height or 2 width parameter...

CVE-2010-4901

Multiple cross-site scripting XSS vulnerabilities in charmap.php in MySource Matrix 3.28.3 allow remote attackers to inject arbitrary web script or HTML via the 1 height or 2 width parameter...

CVE-2010-4901

The CVE-2010-4901 issue affects MySource Matrix 3.28.3 (Squiz) where the height (and width) parameter passed to char_map.php is not properly sanitized, enabling remote XSS. Public details describe a remote reflected XSS via these parameters, with vulnerable version 3.28.3 and vendor remediation s...

Apple QuickTime Pict File Matrix Parsing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the...

Squiz Matrix - Cross-Site Scripting Vulnerability

Squiz Matrix - Cross-Site Scripting Vulnerability http://www.osisecurity.com.au/advisories/squiz-matrix-cross-site-scripting Release Date: 06-Jun-2011 Software: Squiz - Matrix http://www.squiz.net/ "Squiz Matrix delivers highly flexible and robust business integration engine and application...

Squiz Matrix 4.0.6 / 4.2.2 Cross Site Scripting

Squiz Matrix - Cross-Site Scripting Vulnerability http://www.osisecurity.com.au/advisories/squiz-matrix-cross-site-scripting Release Date: 06-Jun-2011 Software: Squiz - Matrix http://www.squiz.net/ "Squiz Matrix delivers highly flexible and robust business integration engine and application...

Squiz Matrix 4 - colour_picker.php Cross-Site Scripting

Squiz Matrix 4 - colourpicker.php Cross-Site Scripting source: https://www.securityfocus.com/bid/48118/info Squiz Matrix is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script...

Squiz Matrix 4 - 'colour_picker.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/48118/info Squiz Matrix is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the conte...

CVE-2010-4639

SQL injection vulnerability in index.php in MySource Matrix allows remote attackers to execute arbitrary SQL commands via the id parameter...

Sql injection

SQL injection vulnerability in index.php in MySource Matrix allows remote attackers to execute arbitrary SQL commands via the id parameter...

CVE-2010-4639

SQL injection vulnerability in index.php in MySource Matrix allows remote attackers to execute arbitrary SQL commands via the id parameter...

CVE-2010-4639

CVE-2010-4639 corresponds to a SQL injection vulnerability in the MySource Matrix product, specifically in index.php where the id parameter can be manipulated to execute arbitrary SQL commands remotely. The entry has a CVSS v2 base score of 7.5 (HIGH) with network attack vector, low complexity, a...

AJ Matrix DNA SQL Injection Vulnerability

Exploit for php platform in category web applications ========================================= AJ Matrix DNA SQL Injection Vulnerability ========================================= !usr/bin/perl...

AJ Matrix DNA - SQL Injection

AJ Matrix DNA - SQL Injection !usr/bin/perl |------------------------------------------------------------------------------------------------------------------ | -Info: | -Name: AJ Matrix DNA | -Site: http://www.ajsquare.com/ajhome.php | -Bug: Sql Injection | -Found: by Br0ly | -BRAZIL D |...

AJ Matrix DNA SQL Injection

!usr/bin/perl |------------------------------------------------------------------------------------------------------------------ | -Info: | -Name: AJ Matrix DNA | -Site: http://www.ajsquare.com/ajhome.php | -Bug: Sql Injection | -Found: by Br0ly | -BRAZIL D | -Contact: br0lydotCodeatgmaildotcom ...

AJ Matrix DNA - SQL Injection

!/usr/bin/perl |------------------------------------------------------------------------------------------------------------------ | -Info: | -Name: AJ Matrix DNA | -Site: http://www.ajsquare.com/ajhome.php | -Bug: Sql Injection | -Found: by Br0ly | -BRAZIL D | -Contact: br0lydotCodeatgmaildotcom...