7656 matches found
CVE-2016-2822
Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allow remote attackers to spoof the address bar via a SELECT element with a persistent menu...
Mapbox Filter Bypass / Script Insertion
Document Title: =============== Mapbox API - Filter Bypass & Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1787 ID: 119802 Release Date: ============= 2016-06-06 Vulnerability Laboratory ID VL-ID:...
FreeBSD : mozilla -- multiple vulnerabilities (8065d37b-8e7c-4707-a608-1b0a2b8509c3)
Mozilla Foundation reports : MFSA 2016-49 Miscellaneous memory safety hazards rv:47.0 / rv:45.2 MFSA 2016-50 Buffer overflow parsing HTML5 fragments MFSA 2016-51 Use-after-free deleting tables from a contenteditable document MFSA 2016-52 Addressbar spoofing though the SELECT element MFSA 2016-54...
UBUNTU-CVE-2016-2822
Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allow remote attackers to spoof the address bar via a SELECT element with a persistent menu...
Entering fullscreen and persistent pointerlock without user permission — Mozilla
Security researcher sushi Anton Larsson reported that when paired fullscreen and pointerlock requests are done in combination with closing windows, a pointerlock can be created within a fullscreen window without user permission. This pointerlock cannot then be cancelled without terminating the...
Mapbox (API) - Filter Bypass & Persistent Vulnerability
Document Title: =============== Mapbox API - Filter Bypass & Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1787 ID: 119802 Release Date: ============= 2016-06-06 Vulnerability Laboratory ID VL-ID:...
Wordpress Levo-Slideshow v2.3 - Persistent Vulnerability
Document Title: =============== Wordpress Levo-Slideshow v2.3 - Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1855 Release Date: ============= 2016-06-06 Vulnerability Laboratory ID VL-ID: ====================================...
Wordpress Levo-Slideshow v2.3 - Persistent Vulnerability
Document Title: =============== Wordpress Levo-Slideshow v2.3 - Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1855 Release Date: ============= 2016-06-05 Vulnerability Laboratory ID VL-ID: ====================================...
Mapbox (API) - Filter Bypass & Persistent Vulnerability
Document Title: =============== Mapbox API - Filter Bypass & Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1787 ID: 119802 Release Date: ============= 2016-06-05 Vulnerability Laboratory ID VL-ID:...
Liferay CE < 6.2 CE GA6 - Persistent Cross-Site Scripting
Exploit for php platform in category web applications CVE-2016-3670 Stored Cross Site Scripting in Liferay CE 1. Vulnerability Properties Title: Stored Cross-Site Scripting Liferay CE CVE ID: CVE-2016-3670 CVSSv3 Base Score: 4.6 AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N Vendor: Liferay Inc Products:...
AjaxExplorer 1.10.3.2 - Multiple Vulnerabilities
Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AJAXEXPLORER-REMOTE-CMD-EXECUTION.txt + ISR: apparitionsec Vendor: ========== sourceforge.net smsid download linx: sourceforge.net/projects/ajax-explorer/files/ Product:...
AjaxExplorer 1.10.3.2 - Multiple Vulnerabilities
Exploit for php platform in category web applications + Credits: hyp3rlinx + ISR: apparitionsec Vendor: ========== sourceforge.net smsid download linx: sourceforge.net/projects/ajax-explorer/files/ Product: ======================= AjaxExplorer v1.10.3.2 Manage server files through simple windows...
AjaxExplorer 1.10.3.2 CSRF / XSS / Command Execution
Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AJAXEXPLORER-REMOTE-CMD-EXECUTION.txt + ISR: apparitionsec Vendor: ========== sourceforge.net smsid download linx: sourceforge.net/projects/ajax-explorer/files/ Product:...
CVE-2016-4317: XSS on viewmyprofile.action page
The viewmyprofile.action resource was vulnerable to persistent XSS...
CVE-2016-4317: XSS on viewmyprofile.action page
The viewmyprofile.action resource was vulnerable to persistent XSS...
CVE-2016-4317: XSS on viewmyprofile.action page
The viewmyprofile.action resource was vulnerable to persistent XSS...
Bugcrowd Persistent Script Injection / Filter Bypass
Document Title: =============== Bugcrowd Bug Bounty 7 - Persistent Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1830 ID: b40f63ed19074014df808599e44684f6a18bb6f4f51cf21948ef78df2f56c13b Release Date: ============= 2016-05-10...
Bashi v1.6 iOS - Persistent Mail Encoding Vulnerability
Document Title: =============== Bashi v1.6 iOS - Persistent Mail Encoding Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1852 Release Date: ============= 2016-05-24 Vulnerability Laboratory ID VL-ID: ==================================== 18...
AVAST (Business) #17 - Persistent Web Vulnerability
Document Title: =============== AVAST Business 17 - Persistent Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1634 Release Date: ============= 2016-05-23 Vulnerability Laboratory ID VL-ID: ==================================== 1634 Comm...
Ubiquiti airOS Arbitrary File Upload
This module exploits a pre-auth file upload to install a new root user to /etc/passwd and an SSH key to /etc/dropbear/authorizedkeys. FYI, /etc/passwd,dropbear/authorizedkeys will be overwritten. /etc/persistent/rc.poststart will be overwritten if PERSISTETC is true. This method is used by the "m...