157 matches found
WoW Roster <= 1.70 (/lib/phpbb.php) Remote File Include Vulnerability
No description provided by source. -------------------------------------------------------------------------------- Title : WoW Roster /lib/phpbb.php Remote File Include Vulnerability -------------------------------------------------------------------------------- Affected software description :...
WoW Roster 1.5 hsList.php subdir Parameter Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/19269/info WoW Roster is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input. A successful exploit may allow unauthorized users to execute remote PHP scripts;...
Joomla S5 Clan Roster com_s5clanroster (index.php, id param) - SQL Injection
No description provided by source. Joomla Component coms5clanroster Sql Injection Vulnerability ============================================================== .:. Author : AtT4CKxT3rR0r1ST [email protected] .:. Dork : inurl:coms5clanroster .:. Script :...
smack: IQ response spoofing
It was found that the ParseRoster component in the Smack XMPP API did not verify the From attribute of a roster-query IQ stanza. A remote attacker could use this flaw to spoof IQ responses...
smack: IQ response spoofing
It was found that the ParseRoster component in the Smack XMPP API did not verify the From attribute of a roster-query IQ stanza. A remote attacker could use this flaw to spoof IQ responses...
CVE-2014-0364
CVE-2014-0364 affects Ignite Realtime Smack XMPP API: the ParseRoster component does not verify the From attribute of a roster-query IQ stanza, enabling remote spoofing of IQ responses. Documented in multiple sources (NVD entry and vendor advisories) and corroborated by Red Hat and IBM security b...
Khan Academy: Stored XSS {dangerous?} https://www.khanacademy.org/coach/roster/?listId=allStudents
Hi, when you go to https://www.khanacademy.org/coach/roster/?listId=allStudents and press on add class you have the possebility to add a class obvious. when you name it " it will stay persistent. quite dangerous Best regards, Olivier Beg...
Joomla S5 Clan Roster com_s5clanroster 'id' Parameter SQLi Vulnerability
The S5 Clan Roster component for Joomla is prone to an SQL injection SQLi vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit late...
Joomla! Component com_s5clanroster - id SQL Injection
Joomla! Component coms5clanroster - id SQL Injection Joomla Component coms5clanroster Sql Injection Vulnerability ============================================================== .:. Author : AtT4CKxT3rR0r1ST [email protected] .:. Dork : inurl:"coms5clanroster" .:. Script :...
Joomla! Component com_s5clanroster - 'id' SQL Injection
Joomla Component coms5clanroster Sql Injection Vulnerability ============================================================== .:. Author : AtT4CKxT3rR0r1ST [email protected] .:. Dork : inurl:"coms5clanroster" .:. Script : http://www.shape5.com/productdetails/clubextensions/s5clanroster.html === Exploit =...
NBA.com Cross Site Scripting
Exploit Title: nba.com xss Date: 22.08.2012 Author: TayfunBasoglu Tested: BackTrack 5 Platform: Php ------------------------------------------------------------------ http://www.nba.com/games/gameInfo/teamRoster.html?team=XSS alert"TayfunBasoglu"...
Openfire 3.6.4 - Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/45682/info Openfire is prone to multiple cross-site-scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an...
Joomla S5 Clan Roster Local File Inclusion
================================================================================================================== o Joomla Component S5 Clan Roster Local File Inclusion Vulnerability Software : coms5clanroster Vendor : http://www.shape5.com Author : AntiSecurity s4va Vrs-hCk NoGe OoNBoY Paman zx...
ejabberd roster ODBC module vulnerability
No description provided...
DEBIAN-CVE-2007-0903
Unspecified vulnerability in the modrosterodbc module in ejabberd before 1.1.3 has unknown impact and attack vectors...
CVE-2006-6850
PHP remote file inclusion vulnerability in include.php in the Roster Module characterroster in Shadowed Portal 5.7 allows remote attackers to execute arbitrary PHP code via a URL in the modroot parameter...
CVE-2006-6850
PHP remote file inclusion vulnerability in include.php in the Roster Module characterroster in Shadowed Portal 5.7 allows remote attackers to execute arbitrary PHP code via a URL in the modroot parameter...
Shadowed Portal Module Character Roster (mod_root) RFI Vulnerability
No description provided by source. =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Shadowed Portal 5.7. Roster Module modroot Remote File Include =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Found:...
Shadowed Portal Module Character Roster - mod_root Remote File Inclusion
Shadowed Portal Module Character Roster - modroot Remote File Inclusion =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Shadowed Portal 5.7. Roster Module modroot Remote File Include...
Shadowed Portal 5.7. Roster Module (mod_root) Remote File Include
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Shadowed Portal 5.7. Roster Module modroot Remote File Include =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Found: Cyber-Security.Org...