fipsCMS light - vulnerable to script injection.

fipsCMS lights is a freeware product of fipsasp.com. If you log on as admin, you can generate new pages in the CMS system. If you inject the "headline" field with scriptingcode like scriptalert‘code executed’/script, this will automaticly launch when a users visits that site. Please credit to:...

History of dove gray clever use of Raiders(figure)-vulnerability warning-the black bar safety net

A. Tools:gray Pigeon VIP 2 0 0 5 cracked version Service-side configuration is the most basic,I probably said the next focus. The first point”automatic on-line”,in the”Netease free domain update IP”at first apply a free domain name,比如 1111.126.com,and then point”update IP-to-domain”,if an update...

USN-184-1: umount vulnerability

David Watson discovered that "umount -r" removed some restrictive mount options like the "nosuid" flag. If /etc/fstab contains user-mountable removable devices which specify the "nosuid" flag which is common practice for such devices, a local attacker could exploit this to execute arbitrary...

ZipTorrent1.3.7.3.txt

/================================================================ ZipTorrent 1.3.7.3 Local Proxy Password Disclosure Exploit by Kozan Discovered & Coded by Kozan Credits to ATmaCA Web: www.spyinstructors.com Mail: [email protected] Application: -------------------- ZipTorrent 1.3.7.3 and...

Opera 8 multiple security vulnerabilities

Crossite scripting on message generation if automatic redirection is disabled. javascript: crossite scripting. XMLHttpRequest object crossite access. Download dialog spoofing. Crossite scripting on image dragging...

PHP-Fusion <= 6.00.105 Accessible Database Backups Download Exploit

No description provided by source. !/usr/bin/perl D A R K A S S A S S I N S C R E W 2 0 0 5 Dark Assassins - http://dark-assassins.com/ Visit us on IRC @ irc.tddirc.net DarkAssassins phpfusiondb.pl; Version 0.1 22/06/05 PHP-Fusion db backup proof-of-concept by Easyex Database backup vuln in...

Vulnerability: McGallery v 1.1 files reading on disk

Vendor: Phpforum, http://www.phpforums.net/ Product: McGallery v 1.1 Vulnerability: files reading on disk Consequences: Web server paths are opened Risk: High Description: Attacker can form the query in URL form ang get the access to the system files Example:...

Vulnerability: McGallery v 1.1 Mysql DB including

Vendor: Phpforum, http://www.phpforums.net/ Product: McGallery v 1.1 Vulnerability: mysql including Consequences: Web server paths Risk: Low Description: Unfiltered $host variable. Allows attacker to connect to fake DB and make select from it. http://example.com/mcgallery/show.php?host=attackhost...

Apple Safari automatically installs Dashboard widgets

Overview Apple Safari on Mac OS X Tiger automatically installs Dashboard widgets without user intervention or notice. Description DashboardDashboard is a new feature introduced in Apple Mac OS X Tiger 10.4. Dashboard is a collection of applications called "widgets." The system-installed widgets a...

Apple Mac OSX executes arbitrary widget with same "bundle identifier" as system widget

Overview Apple Mac OS X Tiger Dashboard executes arbitrary widgets with the same "bundle identifier" as a system widget. This can allow a user-installed widget to override a system-installed one. Description DashboardDashboard is a new feature introduced in Apple Mac OS X Tiger 10.4. Dashboard is...

GLSA-200503-21 : Grip: CDDB response overflow

The remote host is affected by the vulnerability described in GLSA-200503-21 Grip: CDDB response overflow Joseph VanAndel has discovered a buffer overflow in Grip when processing large CDDB results. Impact : A malicious CDDB server could cause Grip to crash by returning more then 16 matches,...

CVE-2003-1092

Unknown vulnerability in the "Automatic File Content Type Recognition AFCTR Tool version of the file package before 3.41, related to "a memory allocation problem," has unknown impact...

CVE-2003-1092

Unknown vulnerability in the "Automatic File Content Type Recognition AFCTR Tool version of the file package before 3.41, related to "a memory allocation problem," has unknown impact...

Enhance Seraph SSO support to create users automatically

panel:bgColor=e7f4fa NOTE: This suggestion is for JIRA Cloud. Using JIRA Server? See the corresponding suggestion|http://jira.atlassian.com/browse/JRASERVER-4299. panel Users of SSO systems generally also have some sort of external user management. As a simple first step, JIRA's SSO authenticator...

Microsoft Outlook Express for MacOS HTML Attachment Automatic Download Vulnerability

Binary data 1293.prm...

Safari < 3.1.2 Multiple Vulnerabilities

Binary data 4556.prm...

Microsoft Windows SMB : WindowsUpdate Disabled

The remote host does not have Windows Update enabled. Enabling WindowsUpdate will ensure that the remote Windows host has all the latest Microsoft Patches installed. C Tenable Network Security, Inc. Thanks to Greg Hoglund for suggesting this. include"compat.inc"; if description scriptid12028;...

CVE-2003-1092

Unknown vulnerability in the "Automatic File Content Type Recognition AFCTR Tool version of the file package before 3.41, related to "a memory allocation problem," has unknown impact...

DEBIAN-CVE-2003-1092

Unknown vulnerability in the "Automatic File Content Type Recognition AFCTR Tool version of the file package before 3.41, related to "a memory allocation problem," has unknown impact...

Microsoft Security Bulletin MS03-035: Flaw in Microsoft Word Could Enable Macros to Run Automatically&#40;827653&#41;

-----BEGIN PGP SIGNED MESSAGE----- - ------------------------------------------------------------------- Title: Flaw in Microsoft Word Could Enable Macros to Run Automatically 827653 Date: September 3, 2003 Software: Microsoft Word 97 Microsoft Word 98 J Microsoft Word 2000 Microsoft Word 2002...