54 matches found
Rockstar Games: The return of the <
In this report, the researcher was able to demonstrate a Stored XSS vulnerability in our Message system on the Social Club website. By taking advantage of the fact that '<' characters are normalized to '.͓̮̮ͅ=sW&͉̹̻͙̫̦̮̲͏̼̝̫́̕...
Odoo Access Control Error Vulnerability (CNVD-2019-30571)
Odoo is an open source commercial system from the Belgian company Odoo. An access control error vulnerability exists in the portal message sending system in Odoo, which can be exploited by an attacker to publish messages...
LocalTapiola: Securemail server used to internal spam and resource exhaustion
Basic report information Summary: Confidential message systems fails to restrict large amount of receivers. This might lead to hardware exhausting and/or attacking localtapiola internal employees as securemail recipient. Description: Despite https://secure.lahitapiola.fi/ is designed to send...
Cross-site Scripting(XSS)
Moodle is vulnerable to cross-site scripting XSS attacks. The attacks exist because message/lib.php does not sanitize the user-supplied messages properly...
clientResponse Client Management 4.1 - Cross-Site Scripting
clientResponse Client Management 4.1 - Cross-Site Scripting Exploit Title: clientResponse Client Management XSS Vulnerability Date: 14-10-2014 Exploit Author: Halil Dalabasmaz Version: v4.1 Vendor Homepage: http://codecanyon.net/item/clientresponse-responsive-php-client-management/3797780 Tested...
chacmool Private Message System 1.1.3 send.php Arbitrary Message Access
No description provided by source. source: http://www.securityfocus.com/bid/11671/info Private Message System is reported prone to multiple vulnerabilities that can allow remote attackers to carry out cross-site scripting attacks and disclose arbitrary private messages. Private Message System 1.1...
chacmool Private Message System 1.1.3 send.php tid Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/11671/info Private Message System is reported prone to multiple vulnerabilities that can allow remote attackers to carry out cross-site scripting attacks and disclose arbitrary private messages. Private Message System 1.1...
Private Message System 2.x index.php Page Parameter Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/9308/info Private Message System is prone to a cross-site scripting vulnerability. This issue may be exploited by creating a malicious link to a site hosting the software with hostile HTML and script code embedded in URI...
Xoops 1.3.5 Private Message System Font Attributes HTML Injection
No description provided by source. source: http://www.securityfocus.com/bid/6344/info Xoops includes a Private Message System for users, so that they may send messages to one another. HTML tags used for font attributes are not sufficiently filtered of malicious HTML code. This makes it possible f...
exjune officer message system 1 - Multiple Vulnerabilities
No description provided by source. @=======================================@ ====C4TEAM.ORG====ByALBAYX====C4TEAM.ORG===== @=======================================@ @=Author : ByALBAYX @=Website : WWW.C4TEAM.ORG @===============TURKISH=================@ @=======================================@...
Private Message System 2.3.0 <= XSS Vulnerability
Exploit for php platform in category web applications Exploit Title: Private Message System 2.3.0 alert1337; Test : http://upload.traidnt.net/upfiles/4ul41244.jpg Demo: 01 :http://ptl.su/pms/index.php?page="alert1337; 02 :http://qgcomedyshow.freehostia.com/community/mail/index.php?page="alert1337...
[SECURITY] Fedora 14 Update: dbus-1.4.0-2.fc14
D-BUS is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility...
PunBB Private Message System <= 1.2.3 XSS Vulnerability (5)
Exploit for php platform in category web applications =========================================================== PunBB Private Message System Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : Inj3ct0r.com 0 1 + Support e-mail : submitatinj3ct0r.com 1 0 0...
RedHat Update for dbus RHSA-2010:0018-01
Check for the Version of dbus OpenVAS Vulnerability Test RedHat Update for dbus RHSA-2010:0018-01 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...
CVE-2009-1752
exJune Office Message System 1 does not properly restrict access to 1 configure.asp and 2 addmessage2.asp, which allows remote attackers to gain privileges a direct request. NOTE: some of these details are obtained from third party information...
Information disclosure
exJune Office Message System 1 does not properly restrict access to 1 configure.asp and 2 addmessage2.asp, which allows remote attackers to gain privileges a direct request. NOTE: some of these details are obtained from third party information...
CVE-2009-1752
The CVE-2009-1752 entry concerns exJune Office Message System 1, which fails to properly restrict access to configure.asp and addmessage2.asp, allowing remote attackers to gain privileges through a direct request. The NVD notes a base score of 7.5 (HIGH) with network attack vector and low attack ...
CVE-2009-1752
exJune Office Message System 1 does not properly restrict access to 1 configure.asp and 2 addmessage2.asp, which allows remote attackers to gain privileges a direct request. NOTE: some of these details are obtained from third party information...
exJune Office Message System Reconfiguration
@=======================================@ ====C4TEAM.ORG====ByALBAYX====C4TEAM.ORG===== @=======================================@ @=Author : ByALBAYX @=Website : WWW.C4TEAM.ORG @===============TURKISH=================@ @=======================================@ @=Script : exJune Office Message...
Exjune Officer Message System 1 - Multiple Vulnerabilities
Exjune Officer Message System 1 - Multiple Vulnerabilities @=======================================@ ====C4TEAM.ORG====ByALBAYX====C4TEAM.ORG===== @=======================================@ @=Author : ByALBAYX @=Website : WWW.C4TEAM.ORG @===============TURKISH=================@...