PlugSpace 0.1 (index.php navi) Local File Inclusion Vulnerability

No description provided by source. :::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ "Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP" "YmmMMMM"" MMM YM Discovered by dun \ dunatstrcpy.pl PlugSpace v0.1 Local File Inclusion Vulnerability Download:...

The Gemini Portal <= 4.7 Insecure Cookie Handling Vulnerability

Exploit for unknown platform in category web applications =============================================================== The Gemini Portal eNYe-Sec - www.enye-sec.org Program description by the author website Bug Exploit Note: POST is not checked and you can enter all by GET. Also you can create...

The Gemini Portal 4.7 - Insecure Cookie Handling

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- The Gemini Portal eNYe-Sec - www.enye-sec.org Program description by the author website Bug Exploit Note: POST is not checked and you can enter all by GET. Also you can create a simple perl script to send GET and POST packages. Fir...

Crux Gallery 1.32 - Insecure Cookie Handling

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Crux Gallery eNYe-Sec - www.enye-sec.org Program description by the author website Bug Exploit Note: POST is not checked and you can enter all by GET. Also you can create a simple perl script to send GET and POST packages. Navigate by...

Cross site scripting

WebCore, as used in Apple Safari before 3.1, does not enforce the frame navigation policy for Java applets, which allows remote attackers to conduct cross-site scripting XSS attacks...

CVE-2008-1007

WebCore, as used in Apple Safari before 3.1, does not enforce the frame navigation policy for Java applets, which allows remote attackers to conduct cross-site scripting XSS attacks...

CVE-2008-1007

WebCore, as used in Apple Safari before 3.1, does not enforce the frame navigation policy for Java applets, which allows remote attackers to conduct cross-site scripting XSS attacks...

CVE-2008-1007

The connected Seebug entry confirms CVE-2008-1007 affects Apple Safari/WebKit: WebCore in Safari

Fedora 7 : viewvc-1.0.5-1.fc7 (2008-2143)

These security issues have been fixed: - omit commits of all-forbidden files from query results - disallow direct URL navigation to hidden CVSROOT folder - strip forbidden paths from revision view - don't traverse log history thru forbidden locations - honor forbiddenness via diff view path...

Alkacon OpenCms tree_files.jsp resource XSS

Alkacon OpenCms treefiles.jsp resource XSS Product: Alkacon OpenCms http://www.opencms.org/ OpenCms contains a cross-site scripting vulnerability in the file tree navigation function. An invalid value supplied to parameter resource in page opencms/system/workplace/views/explorer/treefiles.jsp is...

alkacon-xss.txt

Alkacon OpenCms treefiles.jsp resource XSS Product: Alkacon OpenCms http://www.opencms.org/ OpenCms contains a cross-site scripting vulnerability in the file tree navigation function. An invalid value supplied to parameter resource in page opencms/system/workplace/views/explorer/treefiles.jsp is...

Mozilla Thunderbird/Seamonkey/Firefox 2.0.0.12修复多个安全漏洞

BUGTRAQ ID: 27683 CVECAN ID: CVE-2008-0412,CVE-2008-0413,CVE-2008-0414,CVE-2008-0415,CVE-2008-0417,CVE-2008-0419,CVE-2008-0591,CVE-2008-0592,CVE-2008-0593,CVE-2008-0594 Firefox/Thunderbird/SeaMonkey是Mozilla所发布的WEB浏览器和邮件/新闻组客户端。...

openSUSE 10 Security Update : MozillaFirefox (MozillaFirefox-5002)

This update brings Mozilla Firefox to security update version 2.0.0.12 Following security problems were fixed : - MFSA 2008-11/CVE-2008-0594 Web forgery overwrite with div overlay - MFSA 2008-10/CVE-2008-0593 URL token stealing via stylesheet redirect - MFSA 2008-09/CVE-2008-0592 Mishandling of...

Mozilla Foundation Security Advisory 2008-06

Mozilla Foundation Security Advisory 2008-06 Title: Web browsing history and forward navigation stealing Impact: Critical Announced: February 7, 2008 Reporter: David Bloom Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 2.0.0.12 SeaMonkey 1.1.8 Description Mozilla contributor David...

Memory corruption

Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8 allows remote attackers to steal navigation history and cause a denial of service crash via images in a page that uses designMode frames, which triggers memory corruption related to resize handles...

CVE-2008-0419

Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8 allows remote attackers to steal navigation history and cause a denial of service crash via images in a page that uses designMode frames, which triggers memory corruption related to resize handles...

CVE-2008-0419

Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8 allows remote attackers to steal navigation history and cause a denial of service crash via images in a page that uses designMode frames, which triggers memory corruption related to resize handles...

Mozilla arbitrary code execution

Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8 allows remote attackers to steal navigation history and cause a denial of service crash via images in a page that uses designMode frames, which triggers memory corruption related to resize handles...

Debian: Security Advisory (DSA-891-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Ripe Website Manager 0.8.9 and earlier allow remote authenticated users to inject arbitrary web script or HTML via one or more of the following vectors: the 1 id parameter to a pages/deletepage.php, b navigation/deletemenu.php, and c...