CMS control panel v2.0 Edit File Vulnerability

Exploit for php platform in category web applications ============================================== CMS control panel v2.0 Edit File Vulnerability ============================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /...

iRealty PHP Real Estate Script SQL Injection

Author: L0rd CrusAd3r aka VSN [email protected] Exploit Title: iRealty PHP Real Estate Script PHP Script SQLi Vulnerable Published: 2010-06-08 Vendor url:http://www.worksforweb.com Greetz to:Sid3^effects, MaYur, M4n0j and to all ICW members DESCRIPTION: iRealty Real Estate Script is a...

Newt: User-assisted execution of arbitrary code

Background Newt is a library for displaying text mode user interfaces. Description Miroslav Lichvar reported that Newt is prone to a heap-based buffer overflow in textbox.c. Impact A remote attacker could entice a user to enter a specially crafted string into a text dialog box rendered by Newt,...

CVE-2010-1985

Multiple cross-site scripting XSS vulnerabilities in the administrative user interface in Six Apart Movable Type 5.0 and 5.01 allow remote attackers to inject arbitrary web script or HTML via unknown vectors...

Solaris 9 (sparc) : 144323-01

SunOS 5.9: Resource Management User Interface Patch. Date this patch was last updated by Sun : May/03/10 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc...

Design/Logic Flaw

Unspecified vulnerability in the User Interface Components in Oracle Collaboration Suite 10.1.2.4 allows remote attackers to affect integrity via unknown vectors...

firefox/thunderbird/seamonkey: browser chrome defacement via cached XUL stylesheets (MFSA 2010-14)

No description is available for this CVE...

firefox/thunderbird/seamonkey: browser chrome defacement via cached XUL stylesheets (MFSA 2010-14)

The CSSLoaderImpl::DoSheetComplete function in layout/style/nsCSSLoader.cpp in Mozilla Firefox 3.0.x before 3.0.18, 3.5.x before 3.5.8, and 3.6.x before 3.6.2; Thunderbird before 3.0.2; and SeaMonkey before 2.0.3 changes the case of certain strings in a stylesheet before adding this stylesheet to...

SugarCRM Cross Site Scripting

Class: Stored Cross Site Scripting XSS CVE: CVE-2010-0465 Remote: Yes Local: Yes Published: Jan 1, 2010 12:01AM Timeline: Submission to Mitre: January 29, 2010 Vendor Contact: February 18, 2010 Vendor Response: February 19, 2010 Patch Available: March 10, 2010 Credit: Jeromie Jackson CISSP, CISM...

GeFest Web HomeServer 1.0 Directory Traversal

|------------------------------------------------------------------| | | | / / / / | | / / / / / / / \ / / / / \ | | / // // / / / / / // / / / / / // / // / / / / / / | | /// //,// // //,// // // | | | | http://www.corelan.be:8800 | | [email protected] | | |...

Drupal 6.x Core XSS

The full text of this advisory can be found at http://www.madirish.net/?article=442 Description of Vulnerability: - - ----------------------------- Drupal http://drupal.org is a robust content management system CMS written in PHP and MySQL that provides extensibility through various third party...

Opera < 10.01 Multiple Vulnerabilities

Binary data 5217.prm...

Web fonts can be used to spoof the page address

In some cases, a Web font intended to be used for page content could be incorrectly used by Opera to render parts of the user interface, including the address field. This can be used by a malicious site to display a false domain name in the address field...

Web fonts can be used to spoof the page address – Opera Security Advisories

In some cases, a Web font intended to be used for page content could be incorrectly used by Opera to render parts of the user interface, including the address field. This can be used by a malicious site to display a false domain name in the address field...

Microsoft Windows Shell Remote Code Execution (MS04-024; CVE-2004-0420)

A vulnerability has been discovered in the Microsoft Windows Shell, an API that provides a basic framework for the Windows user interface. The Shell provides many functions that perform various configuration tasks and background operations, such as launching applications through the Start Menu...

[SECURITY] Fedora 10 Update: openoffice.org-3.0.1-15.6.fc10

OpenOffice.org is an Open Source, community-developed, multi-platform office productivity suite. It includes the key desktop applications, such as a word processor, spreadsheet, presentation manager, formula editor and drawing program, with a user interface and feature set similar to other office...

Critical: Red Hat Security Advisory: firefox security update

Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. Mozilla Firefox is an open source Web browser. XULRunner provides the XUL Runtime...

Solaris 5.10 (x86) : 137183-12

Service Provisioning System 6.0x86: Command Line User Interface P. Date this patch was last updated by Sun : Apr/24/09 %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/09/17. C Tenable Network...

Solaris 5.8 (sparc) : 137182-12

Service Provisioning System 6.0: Command Line User Interface Patch. Date this patch was last updated by Sun : Apr/24/09 %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/09/17. C Tenable Network...

Solaris 5.10 (sparc) : 137182-12

Service Provisioning System 6.0: Command Line User Interface Patch. Date this patch was last updated by Sun : Apr/24/09 %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/09/17. C Tenable Network...