Joomla! Component Minify4Joomla - Arbitrary File Upload Persistent Cross-Site Scripting

Joomla! Component Minify4Joomla - Arbitrary File Upload Persistent Cross-Site Scripting ======================================================= Minify4Joomla Upload and Persistent XSS Vulnerability ======================================================= Name : Minify4Joomla Upload and Persistent...

Minify4Joomla Cross Site Scripting

======================================================= Minify4Joomla Upload and Persistent XSS Vulnerability ======================================================= Name : Minify4Joomla Upload and Persistent XSS Vulnerability Date : july 9,2010 Critical Level : HIGH vendor URL...

Joomla! Component Front-End Article Manager System - Arbitrary File Upload

Joomla! Component Front-End Article Manager System - Arbitrary File Upload 1 1 0 I'm Sid3^effects member from Inj3ct0r Team 1 1 0 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1 Name : Joomla Front-End Article Manager System Upload Vulnerability Date : july 4,2010 Critica...

CVE-2010-1515

Multiple cross-site scripting XSS vulnerabilities in index.php in TomatoCMS 2.0.6 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 keyword or 2 article-id parameter in conjunction with a /admin/news/article/list PATHINFO; the 3 keyword parameter in conjunction...

Joomla! Component Percha Multicategory Article 0.6 - 'Controller' Arbitrary File Access

source: https://www.securityfocus.com/bid/40244/info Multiple Percha components for Joomla are prone to multiple local file-include vulnerabilities because they fail to properly sanitize user-supplied input. An attacker can exploit these vulnerabilities to obtain potentially sensitive information...

Joomla News / Article / Content / Event Cross Site Scripting

x Joomla Component News x Date: 14/05/2010 x Author: s4r4d0 x Contact: [email protected] x Team; Fatal Error x Bug: XSS on Component News x Example: http://www.site.com/index.php?option=comnews=XSS x Demo: http://www.bgci.org/index.php?option=comnews="XSS By Fatal Error x Made in Brazil x Joomla...

Apple Releases Security Update 2010-002 and Mac OS X v10.6.3

Apple has released Security Update 2010-002 and Mac OS X v10.6.3 to address multiple vulnerabilities that affect a number of applications. These vulnerabilities may allow an attacker to execute arbitrary code, obtain sensitive information, cause a denial-of-service condition, bypass security...

CVE-2008-7051

AJ Square AJ Article allows remote attackers to bypass authentication and access administrator functionality via a direct request to 1 user.php, 2 articles.php, 3 articlesuspend.php, 4 site.php, 5 statistics.php, 6 mail.php, 7 category.php, 8 subcategory.php, 9 changepassword.php, 10 polling.php,...

CSDN Blog 文章评论处 XSS Bug

CSDN Blog 文章评论处由于对“主 页”信息过滤不严导致跨站漏洞。 这个漏洞比较容易利用，危害相对其它XSS要大些，攻击者可以在任何人的CSDN Blog上发恶意代码的评论，可以进行盗取Cookie，挂马BS之等行为。 测试链接:http://blog.csdn.net/zerosoul/archive/2009/01/10/3743912.aspx http://hi.csdn.net 等待官方修补 在文章评论处的“主 页”一栏中输入以下代码 dork1: http://zerosoul"/ascriptalert"zerosoul"/scripta" dork2:...

newsx buffer overflow

Buffer overflow on the article with large number of lines beginning with period...

false vulnerability report

Hi As the author, I would like to request a removal of one of my vulnerability articles. http://securityvulns.com/Udocument99.html The reason for this is because I've recently tested the "exploit" on other palm centro phones, and the exploit would not work for them. It seems to only work on my...

xoopsall-sql.txt

/Cr@zyKing / http://coderx.org Xoops All Version -Articles- Article.PHP ID Blind SQL Injection ExpL0it Sql 1-2 article.php?id=3+union+select+1,2,3,4,5,6,AESDECRYPTAESENCRYPTUSER,0x71,0x71,8,9,0,1,2,3,4,5,6,7,8,9,0/...

geeklog xss vulnerability

Geeklog reports: MustLive pointed out a possible XSS in the form to email an article to a friend that we're fixing with this release. Please note that this problem only exists in Geeklog 1.4.0 - neither Geeklog 1.4.1 nor any older versions 1.3.x series have that problem...

CVE-2006-3172

Multiple PHP remote file inclusion vulnerabilities in ContentBuilder 0.7.5 allow remote attackers to execute arbitrary PHP code via a URL with a trailing slash / character in the 1 langpath parameter to a cms/plugins/colman/column.inc.php, b cms/plugins/poll/poll.inc.php, c...

Sql injection

Multiple SQL injection vulnerabilities in Pro Publish 2.0 allow remote attackers to execute arbitrary SQL commands via the 1 email and 2 password parameter to a admin/login.php, 3 findstr parameter to b search.php, or 4 artid parameter to c art.php, or 5 catid parameter to d cat.php...

CVE-2006-1438

The CVE-2006-1438 entry corresponds to multiple cross-site scripting (XSS) vulnerabilities in Andy's PHP Knowledgebase (aphpkb) 0.57. The affected components are PHP pages and parameters: (a) index.php via keyword_list, (b) submit_article.php via title, article, author, keywords, and (c) submit_q...

Update for Windows 8.1 (KB3172614)

Update for Windows 8.1 KB3172614...

2025-10 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Windows 11, version 23H2 for arm64 (KB5066133)

A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article...