MS13-059 Microsoft Internet Explorer CFlatMarkupPointer Use-After-Free

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core'...

Microsoft Windows Media Player 7.0 .WMZ Arbitrary Java Applet Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2203/info A vulnerability has been reported in Microsoft Windows Media Player 7 which is exploitable through Internet Explorer and Java. Skins are downloadable files which change the appearance of a program's user...

Microsoft Internet Explorer - CAnchorElement Use-After-Free (MS13-055) (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 "MS13-055 Microsof...

Vulnerabilities in Avaya IP Office Customer Call Reporter

Hello 3APA3A! I want to warn you about vulnerabilities in Avaya IP Office Customer Call Reporter. These are Remote HTML Include and Remote XSS Include Cross-Site Scripting vulnerabilities. After I found multiple vulnerabilities in Avaya IP Office Customer Call Reporter in December, I informed ZDI...

Vulnerabilities in Avaya IP Office Customer Call Reporter

Hello 3APA3A! I want to warn you about vulnerabilities in Avaya IP Office Customer Call Reporter. These are Remote HTML Include and Remote XSS Include Cross-Site Scripting vulnerabilities. After I found multiple vulnerabilities in Avaya IP Office Customer Call Reporter in December, I informed ZDI...

Avaya IP Office Customer Call Reporter 8.0.9.13 XSS

Hello list! I want to warn you about vulnerabilities in Avaya IP Office Customer Call Reporter. These are Remote HTML Include and Remote XSS Include Cross-Site Scripting vulnerabilities. After I found multiple vulnerabilities in Avaya IP Office Customer Call Reporter in December, I informed ZDI...

Oracle Linux 4 : thunderbird (ELSA-2010-0544)

From Red Hat Security Advisory 2010:0544 : An updated thunderbird package that fixes several security issues is now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base...

PHP iReport 1.0 - Remote Html Code Injection

PHP iReport 1.0 - Remote Html Code Injection !/usr/bin/perl Title = phpireport v1.0 = Remote Html Code injection Author = Or4nG.M4n Download = http://garr.dl.sourceforge.net/project/phpireport/phpireport%20v1.0%20alpha%20revision%2025.rar Thnks : +----------------------------------+ | xSs m4n i-H...

[security bulletin] HPSBMU02695 SSRT100480 rev.1 - HP OpenView Performance Insight, Remote HTML Injection, Unauthorized Access

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02942411 Version: 1 HPSBMU02695 SSRT100480 rev.1 - HP OpenView Performance Insight, Remote HTML Injection, Unauthorized Access NOTICE: The information in this Security Bulletin should be acted up...

PHPXref 0.7 Cross Site Scripting

Hello list! I want to warn you about Cross-Site Scripting and Remote HTML Include vulnerabilities in PHPXref. ------------------------- Affected products: ------------------------- Vulnerable are PHPXref 0.7 and previous versions. In version PHPXref 0.7.1 the developer fixed these vulnerabilities...

Уязвимости в PHPXref

Здравствуйте 3APA3A! Сообщаю вам о найденных мною Cross-Site Scripting и Remote HTML Include уязвимостях в PHPXref. XSS RXI WASC-08: http://site/nav.html?javascript:alertdocument.cookie RHI WASC-12: http://site/nav.html?http://websecurity.com.ua Уязвимы PHPXref 0.7 и предыдущие версии. В версии...

CentOS Update for thunderbird CESA-2010:0682 centos4 i386

Check for the Version of thunderbird OpenVAS Vulnerability Test CentOS Update for thunderbird CESA-2010:0682 centos4 i386 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...

RedHat Update for thunderbird RHSA-2010:0682-01

Check for the Version of thunderbird OpenVAS Vulnerability Test RedHat Update for thunderbird RHSA-2010:0682-01 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it und...

WebEssence 1.0.2 Cross Site Scripting / SQL Injection

WebEssence 1.0.2 Multiple Vulnerabilities Bugs found by whitesheep, R00TATI and epicfail for Debug|Track session @ Backtrack|italia community conference www.backtrack.it XSS PoC: http://localhost/webessence/webessence/oembed.php?url=http://google.com&id=alert'Backtrack|it'; In "url" variable is...

webessence 1.0.2 - Multiple Vulnerabilities

webessence 1.0.2 - Multiple Vulnerabilities WebEssence 1.0.2 Multiple Vulnerabilities Bugs found by whitesheep, r00t and epicfail for Debug|Track session @ Backtrack|italia community conference www.backtrack.it XSS PoC:...

WebEssence 1.0.2 Multiple Vulnerabilities

Exploit for php platform in category web applications ========================================= WebEssence 1.0.2 Multiple Vulnerabilities ========================================= WebEssence 1.0.2 Multiple Vulnerabilities XSS PoC:...

webessence 1.0.2 - Multiple Vulnerabilities

WebEssence 1.0.2 Multiple Vulnerabilities Bugs found by whitesheep, r00t and epicfail for Debug|Track session @ Backtrack|italia community conference www.backtrack.it XSS PoC: http://localhost/webessence/webessence/oembed.php?url=http://google.com&id=alert'Backtrack|it'; In "url" variable is...

427BB 2.x - Multiple Remote HTML Injection Vulnerabilities

427BB 2.x - Multiple Remote HTML Injection Vulnerabilities source: https://www.securityfocus.com/bid/12693/info 427BB is reportedly affected by multiple remote HTML injection vulnerabilities. These issues occur because the application fails to properly sanitize user-supplied input before using it...

CVE-2005-0485

Cross-site scripting XSS vulnerability in comment.php for paNews 2.0b4 for PHP Arena allows remote attackers to inject arbitrary HTML and web script via the showpost parameter...

CVE-2005-0251

Cross-site scripting XSS vulnerability in bibindex.php for BibORB 1.3.2, and possibly earlier versions, allows remote attackers to inject arbitrary HTML and web script via the search parameter...