3941 matches found
jevoncms - LocalRemote File Inclusion
jevoncms - LocalRemote File Inclusion jevoncms LFI/RFI Multiple Vulnerabilities +Title : jevoncms libdir Multiple Vulnerability +Version: - +Download: http://sourceforge.net/projects/jevoncms/files/ +Author: eidelweiss +Contact: eidelweissatcyberservicesdotcom !Thanks To: all friends -= Vuln C0de...
jevoncms (libdir) Multiple Vulnerability
Exploit for php platform in category web applications ======================================== jevoncms libdir Multiple Vulnerability ======================================== +Title : jevoncms libdir Multiple Vulnerability +Version: - +Download: http://sourceforge.net/projects/jevoncms/files/...
jevoncms (LFI/RFI) Multiple Vulnerabilities
jevoncms LFI/RFI Multiple Vulnerabilities +Title : jevoncms libdir Multiple Vulnerability +Version: - +Download: http://sourceforge.net/projects/jevoncms/files/ +Author: eidelweiss +Contact: eidelweissatcyberservicesdotcom !Thanks To: all friends -= Vuln C0de =- - jevoncms/php/main/jevoncms.php...
Apple OS X Internet Enabled Disk Image Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple OS X. User interaction is required to exploit this vulnerability in that the target must open a malicious file. The specific flaw exists in the handling of internet enabled disk image files...
CDTrustee - '.BAK' Local Crash (PoC)
Exploit Title: CDTrustee .BAK Local Crash POC Date: March 30, 2010 Software Link: http://www.base40.com/cdtDownload.html Version: 2.06 Tested on: WinXP SP3 and Windows 7 Cost: 39.95 USD Author: anonymous Site: http://www.setfreesecurity.com Usage: Install software, run this script it will create...
SA-CONTRIB-2010-031 - Menu Block - Cross Site Scripting (XSS)
The Menu Block module generates full or partial menu trees that are presented in configurable blocks. When partial menu trees are displayed, the block title uses the text from the partial menu tree's parent menu item. However, that text is not properly sanitized, leading to a Cross Site Scripting...
ubuntu 9.10 forget the root password solution-vulnerability warning-the black bar safety net
This method is applicable to the can physical contact with the machine. 1. Boot hold down the Shift key to enter Grub menu. 2. Press e to modify the first“Ubuntu, 2.6. xxx-generic” 3. Modify the penultimate line 2,“linux /boot/vmlinuz... ro quiet splash”to“linux /boot/vmlinuz... rw single...
Buffer overflow
Multiple buffer overflows in BigAnt Server 2.50 SP6 and earlier allow user-assisted remote attackers to cause a denial of service application crash via a crafted ZIP file that is not properly handled when the victim uses the 1 Update or 2 Plug-In console menu item...
SA-CONTRIB-2010-013 - Menu Breadcrumb - Cross site scripting
The Menu Breadcrumb module allows to use the menu the current page belongs to as breadcrumb. The module does not properly sanitize parts of the provided block, leading to a cross-site scripting XSS vulnerability. Such an attack may lead to a malicious user gaining full administrative access...
FreeBSD : drupal -- multiple XSS (751823d4-f189-11de-9344-00248c9b4be7)
Drupal Team reports : The Contact module does not correctly handle certain user input when displaying category information. Users privileged to create contact categories can insert arbitrary HTML and script code into the contact module administration page. Such a cross-site scripting attack may...
Squito Gallery 1.0 - Cross-Site Scripting
Squito Gallery 1.0 - Cross-Site Scripting ======================================================================================== | Title : Squito Gallery v.1.0 Cross Site Scripting Vulnerability | | Author : indoushka | | email : [email protected] | | Home : Souk Naamane - 04325 - Oum El...
CVE-2009-3583
Directory traversal vulnerability in the Preferences menu item in SQL-Ledger 2.8.24 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the countrycode field...
CVE-2009-3583
Directory traversal vulnerability in the Preferences menu item in SQL-Ledger 2.8.24 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the countrycode field...
Cross site scripting
Cross-site scripting XSS vulnerability in the Menu module modules/menu/menu.admin.inc in Drupal Core 6.x before 6.15 allows remote authenticated users with permissions to create new menus to inject arbitrary web script or HTML via a menu description, which is not properly handled in the menu...
CVE-2009-4370
Cross-site scripting XSS vulnerability in the Menu module modules/menu/menu.admin.inc in Drupal Core 6.x before 6.15 allows remote authenticated users with permissions to create new menus to inject arbitrary web script or HTML via a menu description, which is not properly handled in the menu...
CVE-2009-4370
Cross-site scripting XSS vulnerability in the Menu module modules/menu/menu.admin.inc in Drupal Core 6.x before 6.15 allows remote authenticated users with permissions to create new menus to inject arbitrary web script or HTML via a menu description, which is not properly handled in the menu...
CVE-2009-4370
CVE-2009-4370 affects Drupal Core 6.x up to 6.14/6.15 via the Menu module (menu.admin.inc). An XSS flaw allows authenticated users with permission to create new menus to inject arbitrary HTML/script through a menu description, which is not properly sanitized in the menu administration overview. I...
SA-CORE-2009-009 - Drupal Core - Cross site scripting
Multiple vulnerabilities were discovered in Drupal. Contact category name cross-site scripting The Contact module does not correctly handle certain user input when displaying category information. Users privileged to create contact categories can insert arbitrary HTML and script code into the...
drupal -- multiple cross-site scripting
Drupal Team reports: The Contact module does not correctly handle certain user input when displaying category information. Users privileged to create contact categories can insert arbitrary HTML and script code into the contact module administration page. Such a cross-site scripting attack may le...
Command injection
Multiple unspecified vulnerabilities in Common Desktop Environment CDE in Sun Solaris 10, when Trusted Extensions is enabled, allow local users to execute arbitrary commands or bypass the Mandatory Access Control MAC policy via unknown vectors, related to a menu typo and the Style Manager...