167 matches found
Discuz! 7.0-7.2 the background settings. inc. php to write shell vulnerability-vulnerability warning-the black bar safety net
Impact version Discuz! 7.0-7.2 Vulnerability details: if$operation == 'uc' && iswriteable'./ config.inc.php' && $isfounder $ucdbpassnew = $settingsnew'uc''dbpass' == '' ? UCDBPW : $settingsnew'uc''dbpass'; if$settingsnew'uc''connect' $ucdblink = @mysqlconnect$settingsnew'uc''dbhost',...
Facebook Vulnerable to Clickjacking Attacks
Facebook is susceptible to certain types of attacks that could allow someone to hijack an account while a user is interacting with another Web site, a security researcher warned on Monday. Reseacher Nitesh Dhanjani also said a design flaw in Facebook is granting third-party apps permission to...
CVE-2007-3219
Unspecified vulnerability in sources/actionpublic/xmlout.php in Invision Power Board IPB or IP.Board 2.2.0 through 2.2.2 allows remote attackers to modify another user's profile data, such as an AIM screen name or Yahoo! identity...
CVE-2007-3219
CVE-2007-3219 affects Invision Power Board (IPB/IP.Board) versions 2.2.0–2.2.2. The vulnerability is in sources/action_public/xmlout.php and is described as an unspecified issue that allows remote attackers to modify another user’s profile data (e.g., AIM screen name, Yahoo! identity). Documented...
CVE-2007-3219
Unspecified vulnerability in sources/actionpublic/xmlout.php in Invision Power Board IPB or IP.Board 2.2.0 through 2.2.2 allows remote attackers to modify another user's profile data, such as an AIM screen name or Yahoo! identity...
Security Update For Exchange Server 2016 CU10 (KB4468741)
A tampering vulnerability exists when Microsoft Exchange Server fails to properly handle profile data. An attacker who successfully exploited this vulnerability could modify a targeted user's profile data...
Security Update For Exchange Server 2016 CU11 (KB4468741)
A tampering vulnerability exists when Microsoft Exchange Server fails to properly handle profile data. An attacker who successfully exploited this vulnerability could modify a targeted user's profile data...