Jira Scriptrunner 2.0.7 - Cross-Site Request Forgery Remote Code Execution (Metasploit)

Jira Scriptrunner 2.0.7 - Cross-Site Request Forgery Remote Code Execution Metasploit Author Ben 'highjack' Sheppard Title Jira Scriptrunner 2.0.7 'Jira Scriptrunner 2.0.7 %qThis jira plugin does notuse the built in jira protections websudo or csrf tokens to protect the page from CSRF. This page ...

Jira Scriptrunner 2.0.7 - Cross-Site Request Forgery / Remote Code Execution (Metasploit)

Author Ben 'highjack' Sheppard Title Jira Scriptrunner 2.0.7 'Jira Scriptrunner 2.0.7 %qThis jira plugin does notuse the built in jira protections websudo or csrf tokens to protect the page from CSRF. This page is supposed to be used by admins to automate tasks, it will accept java code and by...

SupportSoft DNA Editor Module (dnaedit.dll v6.9.2205) remote code execution exploit (IE6/7)

!-- SupportSoft DNA Editor Module dnaedit.dll v6.9.2205 remote code execution exploit IE6/7 by Nine:Situations:Group::bruiser vendor url: http://www.supportsoft.com/ our site: http://retrogod.altervista.org/ details: CLSID: 01110800-3E00-11D2-8470-0060089874ED Progid: Tioga.Editor.1 Binary Path:...

CVE-2006-6490

The CVE-2006-6490 issue affects Symantec/Norton consumer products that ship the SupportSoft ActiveX controls SmartIssue tgctlsi.dll and ScriptRunner tgctlsr.dll. The vulnerability is described as multiple stack/heap buffer overflows in these ActiveX controls, which could allow remote code executi...