3699 matches found
DEBIAN-CVE-2006-2779
Mozilla Firefox and Thunderbird before 1.5.0.4 allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via 1 nested tags in a select tag, 2 a DOMNodeRemoved mutation event, 3 "Content-implemented tree views," 4 BoxObjects, 5 the XBL implementation, 6 an ifram...
Cross site scripting
Cross-site scripting XSS vulnerability in search.html in Bulletin Board Elite-Board E-Board 1.1 allows remote attackers to inject arbitrary web script or HTML via the search box...
CVE-2006-2673
Cross-site scripting XSS vulnerability in search.html in Bulletin Board Elite-Board E-Board 1.1 allows remote attackers to inject arbitrary web script or HTML via the search box...
CVE-2006-1729
Mozilla Firefox 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to read arbitrary files by 1 inserting the target filename into a text box, then turning that box into a file upload control, or 2 changing the type of the...
musicBoxXSS.txt
Hello Vulnerable: Music Box v2.3 http://www.MusicboxV2.com Exploit : XSS : http://example.com/music/index.php?id='alertdocument.cookie http://example.com/music/index.php?action=top&show=5&type='alertdocument.cookie...
PHPLiveHelper 1.8 remote command execution (include) Xploit (perl)
Hello Vulnerable: Music Box v2.3 http://www.MusicboxV2.com Exploit : XSS : http://example.com/music/index.php?id='scriptalertdocument.cookie/script http://example.com/music/index.php?action=top&show=5&type='scriptalertdocument.cookie/script...
XSS & SQL Injection in Music Box v2.3
Hello Vulnerable: Music Box v2.3 http://www.MusicboxV2.com Exploit : XSS : http://example.com/music/index.php?id='scriptalertdocument.cookie/script http://example.com/music/index.php?action=top&show=5&type='scriptalertdocument.cookie/script...
CVE-2006-1222
Multiple cross-site scripting XSS vulnerabilities in zeroboard 4.1 pl7 allows allow remote attackers to inject arbitrary web script or HTML via the 1 memo box title, 2 user email, and 3 homepage fields...
Network box netbox let the rookie easily have their own Super http Backdoor-vulnerability warning-the black bar safety net
A: Preface in today's Microsoft power era, looking for broilers has been not what difficult matter, a variety of fool tools greatly convenient for newbies in the invasion, but often the invasion is successful, how to do a good job the back door, put the broiler as long as the catch is often...
CVE-2006-0773
Cross-site scripting XSS vulnerability in Hitachi Business Logic - Container 02-03 through 03-00-/B on Windows, and 03-00 through 03-00-/B on Linux, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors in the extended receiving box function...
The Windows in the DLL Files the basic principle and modified method-vulnerability warning-the black bar safety net
A DLL file is common sense DLL is a Dynamic Link Library acronym meaning Dynamic Link Library. In Windows, many applications are not a complete executable file, which is divided into a number of relatively independent Dynamic Link Library that DLL file, placed in the system. When we execute a...
win32/xp sp2 Pop up message box 110 bytes
win32/xp sp2 Pop up message box 110 bytes. Shellcode exploit for win32 platform / Author : Omega7 Assembly Code : Steve Hanna Changed by : Omega7 Description : It is 110 Byte Shellcode which Pops up Message Box Under Windows Xp SP2 If you Want to use it in any other Windows You need to change the...
Amaxus vuln.
Amaxus vuln. Vuln. discovered by : r0t Date: 17 dec. 2005 orginal advisory:http://pridels.blogspot.com/2005/12/amaxus-vuln.html vendor:http://www.boxuk.com/ affected version: 3 and prior About Amaxus Amaxus is Box UK's XML Content Management System, currently delivering hundreds of thousands of...
CVE-2005-2829
Multiple design errors in Microsoft Internet Explorer 5.01, 5.5, and 6 allow user-assisted attackers to execute arbitrary code by 1 overlaying a malicious new window above a file download box, then 2 using a keyboard shortcut and delaying the display of the file download box until the user hits a...
Zone Labs Zone Alarm 6.0 - Advance Program Control Bypass
Zone Labs Zone Alarm 6.0 - Advance Program Control Bypass source: https://www.securityfocus.com/bid/15347/info Zone Labs Zone Alarm is prone to a weakness that permits the bypassing of the Advanced Program Control protection. Reports indicate that applications can create a modal dialog box...
Maxthon Web Browser < 1.3.3 Cross-Domain Dialog Box Spoofing
Binary data 3240.prm...
CVE-2005-2579
Nortel Contivity VPN Client V0501.030, when configuring a certificate to be used as authentication, does not properly drop system privileges, which allows local users to gain privileges by opening a program with the File Open dialog box...
CVE-2005-2405
Opera 8.01 is affected when Arial Unicode MS (ARIALUNI.TTF) is installed: extended ASCII in the file-download dialog can be spoofed, potentially leading users to execute arbitrary code. The issue is documented in CVE-2005-2405; OpenVAS notes vulnerability in Opera
CVE-2005-2274
Microsoft Internet Explorer 6.0 does not clearly associate a Javascript dialog box with the web page that generated it, which allows remote attackers to spoof a dialog box from a trusted site and facilitates phishing attacks, aka the "Dialog Origin Spoofing Vulnerability."...
CVE-2005-2272
Safari version 2.0 412 does not clearly associate a Javascript dialog box with the web page that generated it, which allows remote attackers to spoof a dialog box from a trusted site and facilitates phishing attacks, aka the "Dialog Origin Spoofing Vulnerability."...