245 matches found
CVE-2018-7717
The htmlImageAddTitleAttribute function in sige.php in the Kubik-Rubik Simple Image Gallery Extended SIGE extension 3.2.3 for Joomla! has XSS via a crafted image header, as demonstrated by the Caption-Abstract header object in a JPEG file. This is fixed in 3.3.1...
UBUNTU-CVE-2017-14741
The ReadCAPTIONImage function in coders/caption.c in ImageMagick 7.0.7-3 allows remote attackers to cause a denial of service infinite loop via a crafted font file...
maywood.com XSS vulnerability
Vulnerable URL: http://www.maywood.com/EVCommerce/ViewImage.asp?ImageName=/EVCommerce/images/edgeCrimped.jpg=1"...
DEBIAN-CVE-2016-10146
Multiple memory leaks in the caption and label handling code in ImageMagick allow remote attackers to cause a denial of service memory consumption via unspecified vectors...
PT-2016-3136 · Imagemagick +2 · Imagemagick +2
Name of the Vulnerable Software and Affected Versions: ImageMagick affected versions not specified Description: The issue is related to multiple memory leaks in the caption and label handling code, allowing remote attackers to cause a denial of service due to memory consumption via unspecified...
UBUNTU-CVE-2016-10146
Multiple memory leaks in the caption and label handling code in ImageMagick allow remote attackers to cause a denial of service memory consumption via unspecified vectors...
SQL Injection Vulnerability in the CaptionType Parameter of the GetCaption.ashx Page of Nanjing Fargo Streaming Media System
Nanjing Fargo streaming media system is mainly used for applications such as network TV, live event broadcasting, remote education, enterprise roadshow and multimedia public information service, etc. The system integrates computer, network, audio and video and mobile communication and other relat...
Microsoft Windows Kernel - Pool Buffer Overflow Drawing Caption Bar (MS15-061)
Source: https://code.google.com/p/google-security-research/issues/detail?id=321 The PoC triggers a crashes due to a pool buffer overflow while drawing the caption bar of window. The trigger depends on the current window layout and resolution. The PoC takes an offset on the command line to be able...
Microsoft Windows Kernel - Pool Buffer Overflow Drawing Caption Bar (MS15-061)
Microsoft Windows Kernel - Pool Buffer Overflow Drawing Caption Bar MS15-061 Source: https://code.google.com/p/google-security-research/issues/detail?id=321 The PoC triggers a crashes due to a pool buffer overflow while drawing the caption bar of window. The trigger depends on the current window...
Shopify: XSS in experts.shopify.com
Hi, XSS vulnerability in experts.shopify.com, Steps to verify: 1. Go to https://experts.shopify.com 2. Sign up for an expert. Please do note that you must create a new account if you already have, do not use existing account or an account that did not yet apply for an expert then you will ask to...
jmd-cms - Multiple Vulnerabilities
No description provided by source. ''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | | | | | || / \ || | | | || ||// \/|/ http://www.exploit-db.com/moaub-19-jmd-cms-multiple-remote-vulnerabilities/ ''' Abysssec Inc Public Advisory Title : JMD-CMS Multiple Remote...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in the Scald module 7.x-1.x before 7.x-1.1 for Drupal allow remote attackers to inject arbitrary web script or HTML via the 1 flashuri, 2 flashwidth, or 3 flashheight in the scaldflashscaldprerender function in...
Path traversal
Absolute path traversal vulnerability in the 3D Graph ActiveX control in cw3dgrph.ocx in National Instruments LabWindows/CVI 2012 SP1 and earlier, LabVIEW 2012 SP1 and earlier, and other products allows remote attackers to create and execute arbitrary files via a full pathname in an argument to t...
iDev Rentals 1.0 - Multiple Vulnerabilities
iDev Rentals 1.0 - Multiple Vulnerabilities Title: ====== iDev Rentals v1.0 - Multiple Web Vulnerabilities Date: ===== 2012-11-14 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=760 VL-ID: ===== 758 Common Vulnerability Scoring System: ==================================...
Oracle Hyperion Financial Management Code Execution
Oracle Hyperion Financial Management TList6 ActiveX Control Remote Code Execution Vulnerability tested against: Internet Explorer 8 Microsoft Windows Server 2003 r2 sp2 download url: http://www.oracle.com/technetwork/middleware/epm/downloads/index.html files tested: SystemInstaller-11121-win32.zi...
Fedora 15 : feh-1.14.1-1.fc15 (2011-8750)
Changes since 0.10.1 : - Bug fixes Make zoomdefault key work properly with --geometry Only create caption directory when actually writing out a caption. read directory contents sorted by filename instead of 'randomly' as returned by readdir by default. Thanks talisein! Show certain warnings in th...
jmd-cms - Multiple Vulnerabilities
''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | | | | | || / \ || | | | || ||// \/|/ http://www.exploit-db.com/moaub-19-jmd-cms-multiple-remote-vulnerabilities/ ''' Abysssec Inc Public Advisory Title : JMD-CMS Multiple Remote Vulnerabilities Affected Version :...
CVE-2010-1400
Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service application crash via vectors involving caption elements...
CVE-2010-1400
Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service application crash via vectors involving caption elements...
Design/Logic Flaw
Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service application crash via vectors involving caption elements...