CVE-2014-6046

Multiple cross-site request forgery CSRF vulnerabilities in phpMyFAQ before 2.8.13 allow remote attackers to hijack the authentication of unspecified users for requests that 1 delete active users by leveraging improper validation of CSRF tokens or that 2 delete open questions, 3 activate users, 4...

CVE-2014-6046

Multiple cross-site request forgery CSRF vulnerabilities in phpMyFAQ before 2.8.13 allow remote attackers to hijack the authentication of unspecified users for requests that 1 delete active users by leveraging improper validation of CSRF tokens or that 2 delete open questions, 3 activate users, 4...

Quest DR Series Disk Backup Software Command Injection Vulnerability (CNVD-2018-15629)

The Quest DR Series are disk storage and deduplication appliances. A command injection vulnerability exists in the activatereplicaVTLcontainer method in Quest DR Series disk backup software before 4.0.3.1. An attacker could exploit this vulnerability to execute commands via the container name...

Mozilla Fixes 29 Vulnerabilities in Firefox, Makes Flash Click-To-Activate

Mozilla fixed three critical vulnerabilities when it released Firefox 55 on Tuesday, including bugs that could have triggered a crash of the browser and allowed for the execution of arbitrary code. The code execution vulnerability stems from an XUL injection vulnerability due to improper...

Sql injection

Multiple SQL injection vulnerabilities in Exponent CMS before 2.4.0 allow remote attackers to execute arbitrary SQL commands via the 1 id parameter in an activateaddress address controller action, 2 title parameter in a show blog controller action, or 3 contentid parameter in a showComments...

Reprise License Manager '/goform/activate_doit' Stack Buffer Overflow Vulnerability

Reprise License Manager RLM is a suite of license management software from Reprise, Inc. A stack buffer overflow vulnerability exists in Reprise License Manager version 12.0BL2, which stems from the program's failure to perform sufficient bounds checking on user-submitted input. An attacker could...

Firefox 47 Fixes 13 Vulnerabilities, Removes Click-To-Activate Plugin Whitelist

Mozilla fixed 13 security issues, including two critical vulnerabilities that could have led to spoofing and clickjacking, among other issues, when it updated Firefox to the latest build, Firefox 47, this week. One of the issues, a buffer overflow, could have resulted in a potentially exploitable...

DEBIAN-CVE-2015-8816

The hubactivate function in drivers/usb/core/hub.c in the Linux kernel before 4.3.5 does not properly maintain a hub-interface data structure, which allows physically proximate attackers to cause a denial of service invalid memory access and system crash or possibly have unspecified other impact ...

CVE-2015-1559

Multiple cross-site request forgery CSRF vulnerabilities in administrator.php in Epignosis eFront Open Source Edition before 3.6.15.3 build 18022 allow remote attackers to hijack the authentication of administrators for requests that 1 delete modules via the deletemodule parameter, 2 deactivate...

Dell iDRAC IPMI 1.5 Insufficient Session ID Randomness

""" For testing purposes only. c Yong Chuan, Koh 2014 """ from time import sleep from socket import from struct import from random import import sys, os, argparse HOST = None PORT = 623 bufsize = 1024 recv = "" create socket UDPsock = socketAFINET,SOCKDGRAM UDPsock.settimeout2 data = 21 offset of...

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in the Disqus Comment System plugin 2.77 for WordPress allow remote attackers to hijack the authentication of administrators for requests that 1 activate or 2 deactivate the plugin via the active parameter to wp-admin/edit-comments.php, 3...

CMS Mini 0.2.2 - Multiple Vulnerabilities

No description provided by source. ------------------------------------------------------------------------------------------ Exploit Title: CMSMini - Multiple Vulnerability Author: SANTHO @s4n7h0 Vendor Homepage: http://sourceforge.net/projects/cmsmini/ Download link:...

OPC UA Activate Session Request Command

...

OPC UA Activate Session Response Command

...

win32/xp sp3 Activate Guest Account Shellcode 67 Bytes

Exploit Title: win32/xp sp3 Activate Guest Account Shellcode 67 Bytes + Author : ^Xecuti0n3r + E-mail : xecuti0n3ryahoo.com + Category : win32-Shellcodes + Tested on : Windows Xp 32 bit 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, ...

CVE-2009-2164

Multiple SQL injection vulnerabilities in Kjtechforce mailman beta1, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via 1 the code parameter to activate.php or 2 the dest parameter to index.php...

JobHut 1.2 Remote Password Change/Delete/Activate User Vulnerability

Exploit for unknown platform in category web applications ==================================================================== JobHut 1.2 Remote Password Change/Delete/Activate User Vulnerability ====================================================================...

Family Connection 1.8.1 SQL Injection

Salvatore "drosophila" Fresta + Application: Family Connection + Version: 1.8.1 + Website: http://www.familycms.com + Bugs: A Multiple SQL Injection B Create Admin User C Blind SQL Injection + Exploitation: Remote + Date: 25 Mar 2009 + Discovered by: Salvatore "drosophila" Fresta + Author:...

Microsoft“blocked”online update our“hack”to have surgery-vulnerability warning-the black bar safety net

The Microsoft Windows System vulnerability frequently, in order for the majority of users“responsible for”, Microsoft provide website, online patch update. Who want to make their computer more secure some? Thus are pleased to accept this“free lunch.” But recently found that the update is...