694 matches found
XSS vulnerability in CruxPA
Vulnerability ID: HTB22450 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityincruxpa1.html Product: CruxPA Vendor: CruxSoftware Vulnerable Version: 2.00 and Probably Prior Versions Vendor Notification: 21 June 2010 Vulnerability Type: XSS Cross Site Scripting Status: Not Fixed, Vendor...
XSS vulnerability in Grafik CMS
Vulnerability ID: HTB22438 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityingrafikcms.html Product: Grafik CMS Vendor: GrafikPower Vulnerable Version: 1.1.2 and Probably Prior Versions Vendor Notification: 14 June 2010 Vulnerability Type: XSS Cross Site Scripting Status: Not Fixed,...
PT-2010-3103 · Apple · Ios
Name of the Vulnerable Software and Affected Versions: Apple iOS versions prior to 4 Description: The issue concerns the improper implementation of the history.replaceState method in certain situations involving IFRAME elements, allowing remote attackers to obtain sensitive information via a...
XSS vulnerability in boastMachine
Vulnerability ID: HTB22399 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityinboastmachine.html Product: boastMachine Vendor: Kailash Nadh Vulnerable Version: 3.1 and Probably Prior Versions Vendor Notification: 20 May 2010 Vulnerability Type: XSS Cross Site Scripting Status: Not Fixed,...
REvolution 10.02 - Cross-Site Request Forgery
REvolution 10.02 - Cross-Site Request Forgery Vulnerability ID: HTB22367 Reference: http://www.htbridge.ch/advisory/xsrfcsrfinnpdsrevolution.html Product: NPDS REvolution Vendor: NPDS Vulnerable Version: REvolution 10.02 and Probably Prior Versions Vendor Notification: 06 May 2010 Vulnerability...
XSS vulnerability in LiSK CMS
Vulnerability ID: HTB22372 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityinproduct.html Product: LiSK CMS Vendor: Createch-group Vulnerable Version: 4.4 Vendor Notification: 05 May 2010 Vulnerability Type: XSS Cross Site Scripting Status: Not Fixed, Vendor Alerted, Awaiting Vendor...
XSS vulnerability in EasyPublish CMS
Vulnerability ID: HTB22356 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityineasypublishcms.html Product: EasyPublish CMS Vendor: Escio AS Vulnerable Version: Current at 23.04.2010 and Probably Prior Versions Vendor Notification: 23 April 2010 Vulnerability Type: XSS Cross Site Scripti...
Acuity CMS 2.6.2 Cross Site Scripting
Vulnerability ID: HTB22352 Reference: http://www.htbridge.ch/advisory/xssinacuitycms.html Product: Acuity CMS asp version Vendor: The Collective Vulnerable Version: 2.6.2 ASP and Probably Prior Versions Vendor Notification: 19 April 2010 Vulnerability Type: XSS Cross Site Scripting Status: Not...
Oracle Database Server REPCAT_RPC.VALIDATE_REMOTE_RC SQL Injection (CVE-2009-1021)
Oracle Database Server is an enterprise-level relational database application suite. An SQL injection vulnerability has been reported in Oracle Database server. Remote authenticated attackers having Create Session privileges can exploit this vulnerability to inject and execute malicious SQL...
openSUSE Security Update : MozillaFirefox (MozillaFirefox-381)
The Mozilla Firefox browser was updated to version 3.0.5, fixing various security issues and stability problems. The following security issues were fixed : MFSA 2008-69 / CVE-2008-5513: Mozilla security researcher mozbugra4 reported vulnerabilities in the session-restore feature by which content...
Flash Image Gallery 1.1 - Arbitrary Configuration File Disclosure
Flash Image Gallery 1.1 - Arbitrary Configuration File Disclosure 0x01 Informations: Script : Flash Image Gallery 1.1 and maybe last version Download : http://www.flashimagegallery.com/download/fig116admin110.zip Vulnerability : Sensitive Data Disclosure Author : DarkbiteX Greets: : |OverclockiX|...
Flash Image Gallery 1.1 Arbitrary Config File Disclosure Vulnerability
Exploit for unknown platform in category web applications ====================================================================== Flash Image Gallery 1.1 Arbitrary Config File Disclosure Vulnerability ====================================================================== 0x01 Informations: Script ...
Mandriva Linux Security Advisory : metisse (MDVSA-2008:179)
An input validation flaw was found in X.org's MIT-SHM extension. A client connected to the X.org server could read arbitrary server memory, resulting in the disclosure of sensitive data of other users of the X.org server CVE-2008-1379. Multiple integer overflows were found in X.org's Render...
RedHat Update for XFree86 RHSA-2008:0512-01
Check for the Version of XFree86 OpenVAS Vulnerability Test RedHat Update for XFree86 RHSA-2008:0512-01 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
RedHat Update for xorg-x11 RHSA-2008:0503-01
Check for the Version of xorg-x11 OpenVAS Vulnerability Test RedHat Update for xorg-x11 RHSA-2008:0503-01 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
RedHat Update for XFree86 RHSA-2008:0502-01
Check for the Version of XFree86 OpenVAS Vulnerability Test RedHat Update for XFree86 RHSA-2008:0502-01 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
CentOS Update for XFree86-100dpi-fonts CESA-2008:0502 centos3 x86_64
Check for the Version of XFree86-100dpi-fonts OpenVAS Vulnerability Test CentOS Update for XFree86-100dpi-fonts CESA-2008:0502 centos3 x8664 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can...
CentOS Update for XFree86-100dpi-fonts CESA-2008:0502 centos3 i386
Check for the Version of XFree86-100dpi-fonts OpenVAS Vulnerability Test CentOS Update for XFree86-100dpi-fonts CESA-2008:0502 centos3 i386 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can...
Mozilla Thunderbird < 2.0.0.19 Multiple Vulnerabilities
The installed version of Thunderbird is earlier than 2.0.0.19. Such versions are potentially affected by the following security issues : - There are several stability bugs in the browser engine that could lead to crashes with evidence of memory corruption. MFSA 2008-60 - XBL bindings can be used ...
WorkSimple 1.2.1 RFI / Data Disclosure
START 0x01 Informations: Script : WorkSimple 1.2.1 Download : http://www.hotscripts.com/jump.php?listingid=85112&jumptype=1 Vulnerability : Remote File Inclusion / Sensitive Data Disclosure Author : Osirys Contact : osirysatlivedotit Notes : Proud to be Italian Greets: : XaDoS, x0r, emgent, Jay...