SAML Raider - SAML2 Burp Extension

SAML Raider is a Burp Suite extension for testing SAML infrastructures. It contains two core functionalities: Manipulating SAML Messages and manage X.509 certificates. This software was created by Roland Bischofberger and Emanuel Duss during a bachelor thesis at the Hochschule für Technik...

SysExporter - Grab data from list-view, tree-view, combo box, WebBrowser control, and text-box

SysExporter utility allows you to grab the data stored in standard list-views, tree-views, list boxes, combo boxes, text-boxes, and WebBrowser/HTML controls from almost any application running on your system, and export it to text, HTML or XML file. Here's some examples for data that you can expo...

Oracle Linux 4 : firefox (ELSA-2010-0558)

From Red Hat Security Advisory 2010:0558 : Updated firefox packages that fix a security issue are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base scores, which...

PHPLiteAdmin 1.9.3 - Remote PHP Code Injection

Exploit Title: phpliteadmin phpliteadmin.php1785: 'When you create a new database, the name you entered will be appended with the appropriate file extension .db, .db3, .sqlite, etc. if you do not include it yourself. The database will be created in the directory you specified as the $directory...

PHPLiteAdmin 1.9.3 - Remote PHP Code Injection

PHPLiteAdmin 1.9.3 - Remote PHP Code Injection Exploit Title: phpliteadmin phpliteadmin.php1785: 'When you create a new database, the name you entered will be appended with the appropriate file extension .db, .db3, .sqlite, etc. if you do not include it yourself. The database will be created in t...

phpliteadmin <= 1.9.3 Remote PHP Code Injection Vulnerability

PHP Lite Admin versions 1.9.3 and below suffer from a PHP code injection vulnerability. Exploit Title: phpliteadmin phpliteadmin.php1785: 'When you create a new database, the name you entered will be appended with the appropriate file extension .db, .db3, .sqlite, etc. if you do not include it...

DocuWiki 2012/01/25 Cross Site Request Forgery / Cross Site Scripting

DokuWiki Ver.2012/01/25 Latest Version CSRF Add User Exploit Discovered by : Khashayar Fereidani Team Website : HTTP://IRCRASH.COM IRCRASH Security Community Facebook : http://facebook.com/fereidani Twitter : https://twitter.com/!/IRCRASH Facebook Page :...

Mozilla Firefox 3.6.23 - Z0D Code Execution Vulnerability

Document Title: =============== Mozilla Firefox 3.6.23 - Z0D Code Execution Vulnerability References: =========== Download: http://www.vulnerability-lab.com/resources/videos/329.wmv View: http://www.youtube.com/watch?v=oTx1QP2Msg Release Date: ============= 2011-12-03 Vulnerability Laboratory ID...

CentOS Update for firefox CESA-2009:1162 centos5 i386

Check for the Version of firefox OpenVAS Vulnerability Test CentOS Update for firefox CESA-2009:1162 centos5 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

RedHat Update for firefox RHSA-2010:0332-01

Check for the Version of firefox OpenVAS Vulnerability Test RedHat Update for firefox RHSA-2010:0332-01 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

RedHat Update for lynx RHSA-2008:0965-01

Check for the Version of lynx OpenVAS Vulnerability Test RedHat Update for lynx RHSA-2008:0965-01 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...

Debian DSA-1607-1 : iceweasel - several vulnerabilities

Several remote vulnerabilities have been discovered in the Iceweasel webbrowser, an unbranded version of the Firefox browser. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-2798 Devon Hubbard, Jesse Ruderman and Martijn Wargers discovered crashes i...

Debian: Security Advisory (DSA-1607-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

ELinks URL串处理smbclient远程命令注入漏洞

ELinks是一款开放源码的WEB浏览器。 ELinks在处理SMB相关的URL串时存在命令注入漏洞，远程攻击者可能利用此漏洞在用户机器上执行任意命令。 ELinks没有正确验证“smb://”URL串就调用smbclient命令，允许攻击者在上述URL中注入smbclient命令下载和覆盖本地文件或向SMB共享上传文件。漏洞相关代码如下： ----------------------------------------------------------------------------- smbfunc in smb.c: ... 143 if share 144 if !dir ...

Qualcomm Eudora WebBrowser Control Embedded Media Player File Vulnerability

Binary data 1286.prm...

CVE-2004-0549

The WebBrowser ActiveX control, or the Internet Explorer HTML rendering engine MSHTML, as used in Internet Explorer 6, allows remote attackers to execute arbitrary code in the Local Security context by using the showModalDialog method and modifying the location to execute code such as Javascript,...

CVE-2004-0549

The CVE-2004-0549 vulnerability is a cross-domain navigation/redirect issue in the Internet Explorer rendering stack (WebBrowser ActiveX or MSHTML) used by IE6 and other IE-enabled components. A remote attacker could abuse navigation via delayed HTTP redirects (or manipulated Location headers) an...

CVE-2004-0549

The WebBrowser ActiveX control, or the Internet Explorer HTML rendering engine MSHTML, as used in Internet Explorer 6, allows remote attackers to execute arbitrary code in the Local Security context by using the showModalDialog method and modifying the location to execute code such as Javascript,...

[Full-Disclosure] Adobe SVG Viewer Local and Remote File Reading &#40;GM#003-MC&#41;

GreyMagic Security Advisory GM003-MC ===================================== By GreyMagic Software, Israel. 07 Oct 2003. Available in HTML format at http://security.greymagic.com/adv/gm003-mc/. Topic: Adobe SVG Viewer Local and Remote File Reading. Discovery date: 07 Sep 2003. Affected applications...

CVE-2002-1217

The CVE-2002-1217 entry describes a Cross-Frame scripting vulnerability in the WebBrowser control as used by Internet Explorer 5.5 and 6.0. The issue arises when script accesses the Document property, bypassing / domain restrictions, enabling remote attackers to execute arbitrary code, read arbit...