6058 matches found
phpMyAdmin - Client-Side Code Injection / Redirect Link Falsification
PhpMyAdmin Client Side 0Day Code Injection and Redirect Link Falsification Credits: Emanuele 'emgent' Gentili Marco 'whitesheep' Rondini Alessandro 'scox' Scoscia In error.php, PhpMyAdmin permit to insert text and restricted tag, like BBCode. With tag a@url@pageClick Me/a, you can insert your own...
kernel: RDS sockets local privilege escalation
The rdspagecopyuser function in net/rds/page.c in the Reliable Datagram Sockets RDS protocol implementation in the Linux kernel before 2.6.36 does not properly validate addresses obtained from user space, which allows local users to gain privileges via crafted use of the sendmsg and recvmsg syste...
Oracle Solaris - su Crash
Oracle Solaris - su Crash From http://cvs.opensolaris.org/source/xref/onnv/onnv-gate/usr/src/cmd/su/su.c 521 for j = 0; initenvj != 0; j++ 1 522 if initvar = getenvinitenvj 2 ... 535 else 536 var = char 537 mallocstrleninitenvj 3 538 + strleninitvar 539 + 2; 540 void strcpyvar, initenvj; 4 'su'...
Unfixed XSS vulnerability at courriel.cyberpresse.ca
Security researcher h3xStream, has submitted on 09/07/2010 a cross-site-scripting XSS vulnerability affecting courriel.cyberpresse.ca, which at the time of submission ranked 3431 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 09/07/2010. It is...
FreeBSD-SA-10:06.nfsclient
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-10:06.nfsclient Security Advisory The FreeBSD Project Topic: Unvalidated input in nfsclient Category: core Module: nfsclient Announced: 2010-05-27 Credits:...
FreeBSD -- Unvalidated input in nfsclient
Problem Description: The NFS client subsystem fails to correctly validate the length of a parameter provided by the user when a filesystem is mounted...
PT-2010-2986 · Adobe · Shockwave Player
Name of the Vulnerable Software and Affected Versions: Adobe Shockwave Player versions prior to 11.5.7.609 Description: The issue allows remote attackers to execute arbitrary code or cause a denial of service due to memory corruption. This is achieved through a crafted .dir file that exploits the...
FreeBSD : joomla -- multiple vulnerabilities (8d10038e-515c-11df-83fb-0015587e2cc1)
Joomla! reported the following vulnerabilities : If a user entered a URL with a negative query limit or offset, a PHP notice would display revealing information about the system.. The migration script in the Joomla! installer does not check the file type being uploaded. If the installation...
Unfixed XSS vulnerability at www.noah.org
Security researcher inside0ut, has submitted on 24/03/2010 a cross-site-scripting XSS vulnerability affecting www.noah.org, which at the time of submission ranked 462254 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 06/07/2010. It is currentl...
FreeBSD -- BIND named(8) cache poisoning with DNSSEC validation
Problem Description: If a client requests DNSSEC records with the Checking Disabled CD flag set, BIND may cache the unvalidated responses. These responses may later be returned to another client that has not set the CD flag...
PHP Banner Exchange 1.2 - signupconfirm.php Cross-Site Scripting
PHP Banner Exchange 1.2 - signupconfirm.php Cross-Site Scripting source: https://www.securityfocus.com/bid/40165/info PHP Banner Exchange is prone to a cross-site scripting vulnerability because the application fails to sufficiently sanitize user-supplied input. An attacker may leverage this issu...
bind security update
30:9.3.6-4.P1.1 - don't cache unvalidated additional sections 538744...
Unfixed XSS vulnerability at www.maidasoli.com
Security researcher Langy, has submitted on 17/08/2009 a cross-site-scripting XSS vulnerability affecting www.maidasoli.com, which at the time of submission ranked 1117839 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 05/07/2010. It is...
Unfixed XSS vulnerability at www.pornosextube.net
Security researcher CLaYMoRE, has submitted on 07/09/2009 a cross-site-scripting XSS vulnerability affecting www.pornosextube.net, which at the time of submission ranked 6962099 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 07/09/2009. It is...
Multiple MSN messengers SSL certificates vulnerabilities
Server certificate is not validated...
Cross site scripting
Cross-site scripting XSS vulnerability in index.php in Zen Software Zen Cart 2008 allows remote attackers to inject arbitrary web script or HTML via the keyword parameter in the advancedsearchresult page. NOTE: the provenance of this information is unknown; the details are obtained solely from...
Prozilla Topsites 1.0 Arbitrary Edit/Add Users Vulnerability
Exploit for unknown platform in category web applications ============================================================ Prozilla Topsites 1.0 Arbitrary Edit/Add Users Vulnerability ============================================================...
Unfixed XSS vulnerability at www.crazysoft-ppc-games.com
Security researcher cueballr, has submitted on 24/03/2008 a cross-site-scripting XSS vulnerability affecting www.crazysoft-ppc-games.com, which at the time of submission ranked 6776159 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 26/03/2008...
XSS in PHP-Nuke (eWeather module)
//////////XSS in PHP-Nuke eWeather module PHP-Nuke http://phpnuke.org: PHP-Nuke is a news automated system specially designed to be used in Intranets and Internet. The Administrator has total control of his web site, registered users, and he will have in the hand a powerful assembly of tools to...
kernel vmsplice_to_pipe flaw
The vmsplicetopipe function in Linux kernel 2.6.17 through 2.6.24.1 does not validate a certain userspace pointer before dereference, which allows local users to gain root privileges via crafted arguments in a vmsplice system call, a different vulnerability than CVE-2008-0009 and CVE-2008-0010...