786 matches found
CVE-2013-1013
Apple Safari WebKit before 6.0.5 is affected by a vulnerability in the XSS Auditor that fails to rewrite URLs correctly, potentially allowing remote attackers to trigger unintended form submissions through unspecified vectors. Affected product: Safari WebKit (macOS). Root cause: faulty URL rewrit...
[SECURITY] Fedora 16 Update: perl-CGI-3.52-203.fc16
CGI.pm is a stable, complete and mature solution for processing and prepari ng HTTP requests and responses. Major features including processing form submissions, file uploads, reading and writing cookies, query string genera tion and manipulation, and processing and preparing HTTP headers. Some...
Fedora Update for perl-CGI FEDORA-2012-19282
Check for the Version of perl-CGI OpenVAS Vulnerability Test Fedora Update for perl-CGI FEDORA-2012-19282 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
[SECURITY] Fedora 17 Update: perl-CGI-3.52-218.fc17
CGI.pm is a stable, complete and mature solution for processing and prepari ng HTTP requests and responses. Major features including processing form submissions, file uploads, reading and writing cookies, query string genera tion and manipulation, and processing and preparing HTTP headers. Some...
[SECURITY] Fedora 18 Update: perl-CGI-3.51-10.fc18
CGI.pm is a stable, complete and mature solution for processing and prepari ng HTTP requests and responses. Major features including processing form submissions, file uploads, reading and writing cookies, query string genera tion and manipulation, and processing and preparing HTTP headers. Some...
PayPal Bug Bounty Program - playing fair ?
Bug Bounty program, where white hat hackers and researchers hunt for serious security vulnerabilities and disclosing them only to the vendor for a patch , In return vendors rewards them with money. Various famous websites like Facebook , Google , Paypal , Mozilla, Barracuda Networks and more othe...
WordPress Plugin Resume Submissions Job Postings 2.5.1 - Unrestricted Arbitrary File Upload
WordPress Plugin Resume Submissions Job Postings 2.5.1 - Unrestricted Arbitrary File Upload Exploit Title: WordPress Resume Submissions & Job Postings v2.5.1 Unrestricted File Upload Date: 7/9/12 Exploit Author: Chris Kellum Vendor Homepage: http://www.geerservices.com/ Software Link:...
WordPress Resume Submissions & Job Postings Plugin - Unrestricted File Upload
Resume Submissions & Job Postings plugin is prone to an unrestricted file upload vulnerability. It causes several problems: uploaded file can be accessed directly by understanding how the plugin renames files, file names are rewritten by the following code, also the plugin creates an MD5 hash of...
WordPress Resume Submissions / Job Postings 2.5.1 Shell Upload
Exploit Title: WordPress Resume Submissions & Job Postings v2.5.1 Unrestricted File Upload Date: 7/9/12 Exploit Author: Chris Kellum Vendor Homepage: http://www.geerservices.com/ Software Link: http://downloads.wordpress.org/plugin/resume-submissions-job-postings.2.5.1.zip Version: 2.5.1...
WordPress Resume Submissions & Job Postings v2.5.1 Unrestricted File Upload
Exploit for php platform in category web applications Exploit Title: WordPress Resume Submissions & Job Postings v2.5.1 Unrestricted File Upload Date: 7/9/12 Exploit Author: Chris Kellum Vendor Homepage: http://www.geerservices.com/ Software Link:...
Yellow Pages module XSS vulnerability to get PHPCMS V9 admin permissions and repair programme-vulnerability warning-the black bar safety net
Principles PHPCMS in the background is by the Cookie with the QueryString in pchash to determine whether you are a system administrator, wherein the Cookie is there the user local, pchash is the presence of the site database. If you get both and in the configuration of the browser environment the...
Ubuntu 10.04 LTS / 10.10 : ubufox and webfav update (USN-1355-3)
USN-1355-1 fixed vulnerabilities in Firefox. This update provides updated ubufox and webfav packages for use with the latest Firefox. It was discovered that if a user chose to export their Firefox Sync key the 'Firefox Recovery Key.html' file is saved with incorrect permissions, making the file...
Google Begins Security Review Process for Android Apps
After a couple of years of seeing headlines announcing a steady stream of pieces of malware and trojaned apps appearing the Android Market, Google finally has taken steps to find and remove malicious apps from the market automatically. The company has unveiled a service called Bouncer that scans...
WordPress Plugin ucan post 1.0.09 - Persistent Cross-Site Scripting
WordPress Plugin ucan post 1.0.09 - Persistent Cross-Site Scripting Exploit Title: Wordpress uCan Post plugin window.alertdocument.cookie Email field is not sanitized but can it will check for a valid email address so the maximum result will be a reflected xss POC:...
[Call for Article] The Hacker News Magazine - November 2011 Edition
Call for Article The Hacker News Magazine - November 2011 Edition The Hacker News is starting to prepare the next issue of 'The Hacker News Magazine'. Submissions are invited for a 6th up coming special November Issue as "Anniversary Edition ". If you have something interesting to write, please...
CVE-2011-1811
Google Chrome before 12.0.742.91 does not properly handle a large number of form submissions, which allows remote attackers to cause a denial of service application crash via unspecified vectors...
Code injection
Google Chrome before 12.0.742.91 does not properly handle a large number of form submissions, which allows remote attackers to cause a denial of service application crash via unspecified vectors...
CVE-2011-1811
Google Chrome before 12.0.742.91 does not properly handle a large number of form submissions, which allows remote attackers to cause a denial of service application crash via unspecified vectors...
CVE-2011-1811
Removed by vendor...
The Open Pentest Bookmark Collection v1.4
We are pleased to announce the release of version 1.4 yes 1.3 squeaked by without a blog post of the Open Pentest Bookmarks Collection. They have added a large amount of community submissions, with the addition of severalnew sections. They have also moved around some of the bookmarks to better...