Drupal OG Menu Module XSS Vulnerability

No description provided by source. OG Menu 6.x-2.0 XSS Vulnerability CVE-2010-1747 This disclosure has also been posted at http://madirish.net/?article=467 Description of Vulnerability: - ----------------------------- Drupal http://drupal.org is a robust content management system CMS written in P...

SA-CONTRIB-2010-073 - Multiple Vulnerabilities In Multiple Contributed Modules

Versions affected and proposed solutions Simple Gallery for Drupal 6.x This module creates a simple gallery using taxonomy and CCK imagefields. The module is vulnerable to a Cross Site Scripting XSS attack. This can be exploited by users with the ability to add taxonomy terms or tag content...

Joomla Canteen Local File Inclusion

Name : Joomla comcanteen LFI Vulnerability Date : july 9,2010 vendor URL :http://miniwork.eu/ Author : Sid3^effects aKa HaRi special thanks to : r0073r inj3ct0r.com,L0rd CruSad3r,MaYur,MA1201,KeDar,Sonic,gunslinger greetz to :www.topsecure.net ,All ICW members and my friends : luv y0 guyz...

RDot Menu (FireFox Extension)

FireFox RDot Menu v.1.0 Менюшка к ФФ для удобной и быстрой работы с сайтом и форумом rdot.org Предложения по дизу, добавлению ссылок и юзабилити приветствуются...

openSUSE Security Update : MozillaFirefox (openSUSE-SU-2010:0358-2)

Mozilla Firefox was updated to version 3.5.10, fixing various bugs and security issues. MFSA 2010-33 / CVE-2008-5913: Security researcher Amit Klein reported that it was possible to reverse engineer the value used to seed Math.random. Since the pseudo-random number generator was only seeded once...

Canteen Joomla Component 1.0 Multiple Remote Vulnerabilities

Canteen Joomla Component 1.0 Multiple Remote Vulnerabilities Name Canteen Vendor http://www.miniwork.eu Versions Affected 1.0 Author Salvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact salvatorefresta at gmail dot com Date 2010-04-07 X. INDEX I. ABOUT THE APPLICATION II...

Use-after-free error in nsCycleCollector::MarkRoots() — Mozilla

Security researcher wushi of team509 reported that the frame construction process for certain types of menus could result in a menu containing a pointer to a previously freed menu item. During the cycle collection process, this freed item could be accessed, resulting in the execution of a section...

Acuity CMS 2.7.1 - SQL Injection

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : Inj3ct0r.com 0 1 + Support e-mail :...

SA-CONTRIB-2010-052 - Multiple vulnerabilities in multiple contributed modules

Versions affected and proposed solutions Private Message versions for the 5.x versions of Drupal The Privatemsg also known as Private Message module enables messages to be sent internally on a site. The module is vulnerable to cross-site request forgeries CSRF via it's message delete form. This...

Joomla! Component com_PHP 0.1 - Local File Inclusion

Joomla! Component comPHP 0.1 - Local File Inclusion Joomla Custom PHP Pages Component LFI Vulnerability ===================================================== - Discovered by : Chip D3 Bi0s - Email : [email protected] - Date : 2010-05-11 - Where : From Remote ----------------------------------...

Joomla! Component com_PHP 0.1 - Local File Inclusion

Joomla Custom PHP Pages Component LFI Vulnerability ===================================================== - Discovered by : Chip D3 Bi0s - Email : [email protected] - Date : 2010-05-11 - Where : From Remote ---------------------------------- Affected software description Application : Joomla...

Joomla DJ Classifieds Shell Upload

Exploit Title:Upload Vulnerability in comdjclassifieds Version: Web Application vendor :http://dj-extensions.com/ Date: 2 apr,2010 Dork:inurl:comdjclassifieds Author:Sid3^effects Code : ooooo .oooooo. oooooo oooooo oooo 888' d8P' Y8b 888. 888. .8' 888 888 888. .8888. .8' 888 888 888 .8'888. .8' 8...

Joomla DJ-Classifieds Extension com_djclassifieds Upload Vulnerability

Exploit for php platform in category web applications ====================================================================== Joomla DJ-Classifieds Extension comdjclassifieds Upload Vulnerability ====================================================================== Dork:inurl:comdjclassifieds...

Joomla! Component com_djClassifieds 0.9.1 - Arbitrary File Upload

Joomla! Component comdjClassifieds 0.9.1 - Arbitrary File Upload Dork:inurl:comdjclassifieds ooooo .oooooo. oooooo oooooo oooo 888' d8P' Y8b 888. 888. .8' 888 888 888. .8888. .8' 888 888 888 .8'888. .8' 888 888 888.8' 888.8' 888 88b ooo 888' 888' o888o Y8bood8P' 8' 8'...

Joomla! Component com_djClassifieds 0.9.1 - Arbitrary File Upload

Dork:inurl:comdjclassifieds ooooo .oooooo. oooooo oooooo oooo 888' d8P' Y8b 888. 888. .8' 888 888 888. .8888. .8' 888 888 888 .8'888. .8' 888 888 888.8' 888.8' 888 88b ooo 888' 888' o888o Y8bood8P' 8' 8' --------------------------------------------------------------------------------------...

gpEasy 1.6.1 Cross Site Request Forgery

============================================= gpEasy Date : 04-29-2010 Site : http://www.giudinvx.altervista.org/ Location : Naples, Italy -------------------------------------------------------- Application Info Site : http://www.gpeasy.com/ Version: 1.6.1...

CVE-2010-1468

SQL injection vulnerability in the Multi-Venue Restaurant Menu Manager aka MVRMM or commvrestaurantmenumanager component 1.5.2 Stable Update 3 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the mid parameter in a menudisplay action to index.php...

Mandriva Update for k3b MDVA-2010:122 (k3b)

Check for the Version of k3b OpenVAS Vulnerability Test Mandriva Update for k3b MDVA-2010:122 k3b Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...

Mandriva Update for k3b MDVA-2010:122 (k3b)

Check for the Version of k3b OpenVAS Vulnerability Test Mandriva Update for k3b MDVA-2010:122 k3b Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...

Joomla! Component Multi-Venue Restaurant Menu Manager 1.5.2 - SQL Injection

Joomla! Component Multi-Venue Restaurant Menu Manager 1.5.2 - SQL Injection Exploit Title: Joomla Component Multi-Venue Restaurant Menu Manager SQL Injection Vulnerability Date: 11.04.2010 Author: Valentin Category: webapps/0day Version: Tested on: CVE : Code : :: General information :: Joomla...