Java - Trigerring Java Code from a .SVG Image

Java - Trigerring Java Code from a .SVG Image SVG is a XML-based file format for static or animated images. Some SVG specifications like SVG 1.1 and SVG Tiny 1.2 allow to trigger some Java code when the SVG file is opened. Given that I had to look at these features for a customer, I developed som...

Real Networks RealPlayer '.mp4'文件内存破坏漏洞

BUGTRAQ ID: 52706 RealPlayer是网上收听收看实时音频、视频和Flash的工具。 RealPlayer在处理畸形.mp4文件的实现上存在内存破坏漏洞，攻击者可利用此漏洞执行任意代码 0 Real Networks RealPlayer SP 1.1.4 Build 12.0.0.7 Real Networks RealPlayer SP 1.1.4 Real Networks RealPlayer SP 1.1.3 Real Networks RealPlayer SP 1.1.2 Real Networks RealPlayer SP 1.1.1 Real...

SiT! Support Incident Tracker 3.64 XSS / CSRF / SQL Injection

Advisory Details: High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in SiT! Support Incident Tracker, which can be exploited to perform SQL injection, cross-site scripting, cross-site request forgery attacks. 1 Input passed via the "start" GET parameter to...

PHP 5.3.8 - Multiple Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 PHP 5.3.8 Multiple vulnerabilities Author: Maksymilian Arciemowicz Website: http://cxsecurity.com/ Date: 14.01.2012 CVE: CVE-2011-4153 zendstrndup Original link: http://cxsecurity.com/research/103 --- 1. Multiple NULL Pointer Dereference with...

Multiple vulnerabilities in Dolibarr

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Dolibarr, which can be exploited to perform cross-site scripting & sql injection attacks. 1 Cross-Site scripting vulnerability in Dolibarr: CVE-2011-4814 1.1 Input appended to the URL after multiple files is not...

BugFree 2.1.3 Cross Site Scripting

Vulnerability ID: HTB23048 Reference: https://www.htbridge.ch/advisory/multiplevulnerabilitiesinbugfree.html Product: BugFree Vendor: www.bugfree.org.cn http://www.bugfree.org.cn/ Vulnerable Version: 2.1.3 and probably prior Tested Version: 2.1.3 Vendor Notification: 21 September 2011 Vulnerabili...

Traq 2.2 Cross Site Scripting / SQL Injection

Vulnerability ID: HTB23046 Reference: https://www.htbridge.ch/advisory/multiplevulnerabilitiesintraq.html Product: Traq Vendor: Jack Polgar http://traqproject.org/ Vulnerable Version: 2.2 and probably prior Tested Version: 2.2 Vendor Notification: 07 September 2011 Vulnerability Type: XSS, SQL...

SiT! Support Incident Tracker 3.64 XSS / XSRF / SQL Injection

Vulnerability ID: HTB23043 Reference: https://www.htbridge.ch/advisory/multiplevulnerabilitiesinsitsupportincidenttracker.html Product: SiT! Support Incident Tracker Vendor: The Support Incident Tracker Project http://sitracker.org/ Vulnerable Version: 3.64 and probably prior Tested Version: 3.64...

Multiple vulnerabilities in MantisBT

Vulnerability ID: HTB23045 Reference: https://www.htbridge.ch/advisory/multiplevulnerabilitiesinmantisbt.html Product: MantisBT Vendor: www.mantisbt.org http://www.mantisbt.org/ Vulnerable Version: 1.2.7 and probably prior Tested Version: 1.2.7 Vendor Notification: 31 August 2011 Vulnerability...

phpcms v9 backend(sql inj)2(code exec)vulnerability-vulnerability warning-the black bar safety net

Author: sdk original: Google looking to go. phpcms v9 backendsql inj2code execvulnerability - low-key development 0 T6 X F: V j: e6 i by flyh4t - Low profile development 7 K c' j. K g/ \ i r phpcms v9 string2arrayfunction using the eval function,in more than one place may cause code execution...

WP-Stats-Dashboard 2.6.5.1 Cross Site Scripting

Vulnerability ID: HTB23035 Reference: http://www.htbridge.ch/advisory/multiplexssinwpstatsdashboard.html Product: WP-Stats-Dashboard Vendor: Dave Ligthart http://www.daveligthart.com Vulnerable Version: 2.6.5.1 and probably prior Tested on: 2.6.5.1 Vendor Notification: 27 July 2011 Vulnerability...

WordPress Plugin Menu Creator 1.1.7 - SQL Injection

WordPress Plugin Menu Creator 1.1.7 - SQL Injection Exploit Title: WordPress Menu Creator plugin 1,BENCHMARK5000000,MD5CHAR115,113,108,109,97,112,0 --------------- Vulnerable code --------------- $menuid = $GET'menuid'; ... $firstitem = $wpdb-getrow"SELECT FROM " . $wpdb-prefix."menuitems WHERE...

Redirection vulnerability in MBoard

Vulnerability ID: HTB23029 Reference: http://www.htbridge.ch/advisory/redirectionvulnerabilityinmboard.html Product: MBoard Vendor: PHPJunkyar http://www.phpjunkyard.com Vulnerable Version: 1.3 and probably prior Tested on: 1.3 Vendor Notification: 06 July 2011 Vulnerability Type: Redirection...

SQL injection in Social Slider

High-Tech Bridge SA Security Research Lab has discovered vulnerability in Social Slider, which can be exploited to perform SQL injection attacks. 1 SQL Injection Vulnerability in Social Slider Input passed via the "rA" POST parameter to /wp-content/plugins/social-slider-2/ajax.php is not properly...

FanUpdate 3.0 Cross Site Scripting

Vulnerability ID: HTB23017 Reference: http://www.htbridge.ch/advisory/xssinfanupdate.html Product: FanUpdate Vendor: fanupdate.co.uk http://fanupdate.co.uk/ Vulnerable Version: 3.0 and probably prior Tested on: 3.0 Vendor Notification: 01 June 2011 Vulnerability Type: XSS Cross Site Scripting Ris...

HTB23012: Gogago YouTube Video Converter ActiveX Control "Download()" Buffer Overflow Vulnerability

Vulnerability ID: HTB23012 Reference: http://www.htbridge.ch/advisory/gogagoyoutubevideoconverteractivexcontroldownloadbufferoverflowvulnerability.html Product: Gogago YouTube Video Converter Vendor: Gogago http://www.gogago.net/ Vulnerable Version: 1.1.6 3/29/2011 and probably prior Tested on:...

Free Simple CMS 1.0 Cross Site Scripting / Local File Inclusion

Vulnerability ID: HTB23010 Reference: http://www.htbridge.ch/advisory/multiplexssinfreesimplecms.html Product: Free Simple CMS Vendor: Dustin Cowell Enterprises http://www.freesimplesoft.com/ Vulnerable Version: 1.0 and probably prior Tested on: 1.0 Vendor Notification: 25 May 2011 Vulnerability...

Gogago YouTube Video Converter 1.1.6 Buffer Overflow

Vulnerability ID: HTB23012 Reference: http://www.htbridge.ch/advisory/gogagoyoutubevideoconverteractivexcontroldownloadbufferoverflowvulnerability.html Product: Gogago YouTube Video Converter Vendor: Gogago http://www.gogago.net/ Vulnerable Version: 1.1.6 3/29/2011 and probably prior Tested on:...

IDrive Online Backup ActiveX control Insecure Method

High-Tech Bridge SA Security Research Lab has discovered vulnerability in IDrive Online Backup ActiveX control, which can be exploited to overwrite arbitrary files. 1 Insecure method in IDrive Online Backup ActiveX Control The vulnerability is caused due to the UniBasicPack.UniTextBox...

vsftpd 2.3.2 Denial of Service Vulnerability

Exploit for linux platform in category dos / poc include include include include include include include / This is code of http://cxib.net/stuff/vspoc232.c PoC CVE-2011-0762 vsftpd Remote Denial of Service Affected: 2.3.2 Fix: 2.3.4 Author: Maksymilian Arciemowicz Use: ./vspoc232 127.0.0.1 21 use...