EUVD-2007-1265

Malware in sbrugna...

EUVD-2017-4012

Malware in sbrugna...

CVE-2024-38807 CVE-2024-38807: Signature Forgery Vulnerability in Spring Boot's Loader

Applications that use spring-boot-loader or spring-boot-loader-classic and contain custom code that performs signature verification of nested jar files may be vulnerable to signature forgery where content that appears to have been signed by one signer has, in fact, been signed by another...

Microsoft SharePoint Server Spoofing Vulnerability (CNVD-2021-41123)

Microsoft SharePoint is an enterprise business collaboration platform from Microsoft. The platform is used to consolidate business information and enable sharing of work, collaborating with others, organizing projects and workgroups, and searching for people and information. A spoofing...

Samsung Display Solutions App for Android Man-in-the-Middle Attack Vulnerability

Samsung Display Solutions App for Android is an Android-based mobile application developed by Samsung South Korea for viewing Samsung display devices. A security vulnerability exists in versions of the Samsung Display Solutions App for Android prior to version 3.02, which arises from the program'...

FlexPaper Content Forgery Vulnerability

FlexPaper is an open source lightweight used to display a variety of documents in the browser component , it needs to be used with PDF2SWF. A security vulnerability exists in the FlexPaperViewer.swf file in versions of Flexpaper prior to 2.3.1. A remote attacker can exploit this vulnerability to...

Microsoft Internet Explorer Content Forgery Vulnerability

Microsoft Internet Explorer is a popular WEB browser. A content forgery vulnerability exists in Microsoft Internet Explorer's handling of WEB pages, which allows remote attackers to exploit the vulnerability by submitting a specially crafted WEB page and tricking the user into parsing it, which c...

Cross site scripting

SocuSoft Flash Slideshow Maker Professional through v5.20, when the advanced configuration is used, has an xmlpath HTTP parameter that trusts user-supplied input, in conjunction with an unsafe XML configuration file. This has resultant content forgery, cross site scripting, and unvalidated...

CVE-2017-12439

SocuSoft Flash Slideshow Maker Professional through v5.20, when the advanced configuration is used, has an xmlpath HTTP parameter that trusts user-supplied input, in conjunction with an unsafe XML configuration file. This has resultant content forgery, cross site scripting, and unvalidated...

CVE-2017-12439

SocuSoft Flash Slideshow Maker Professional through v5.20, when the advanced configuration is used, has an xmlpath HTTP parameter that trusts user-supplied input, in conjunction with an unsafe XML configuration file. This has resultant content forgery, cross site scripting, and unvalidated...

CVE-2017-12439

The CVE-2017-12439 entry concerns SocuSoft Flash Slideshow Maker Professional up to version 5.20. When advanced configuration is used, the xml_path HTTP parameter trusts user-supplied input in conjunction with an unsafe XML configuration file, enabling issues described as content forgery, cross-s...

Flash Slideshow Maker Professional XSS / Content Forgery / Redirect

================================================================================= | | | | | | | | | | | |/' | / / / / | ' | /| | ' \ \ / | '| \ \ \ /\ / / | | | \ |/ / | | | | |./ / | | ./ /\ V V / || ||/|| || ||/ || / // C O N T A C T : Twitter: @ret2eax Email: [email protected] Blog:...

Camstudio 2.0 XSS / XSF / Content Forgery

| \ | \ | | | | | | / \ | | | |/ / | |/ / | | | | | | | | | / / | | | / | / | | | | | | | | | | | | | | | |\ \ \ / / // / | | | /\ | | | | | / / / / / | | | \ | | / | | | / \ | | | | | \ | | | | \ \ / / | | | | | \ --. | | | / / | | | | | |/ / | | | | \ V / | | | . | --. \ | | | | | |...

Mozilla Firefox Content Forgery Vulnerability

Mozilla Firefox is an open source web browser developed by the Mozilla Foundation in the United States. A security vulnerability exists in versions of Mozilla Firefox prior to 53. An attacker could exploit the vulnerability to forge content...

CMS Made Simple Babel Module 0.3.3 Open Redirect / Content Forgery

| \ | \ | | | | | | / \ | | | |/ / | |/ / | | | | | | | | | / / | | | / | / | | | | | | | | | | | | | | | |\ \ \ / / // / | | | /\ | | | | | / / / / / | | | \ | | / | | | / \ | | | | | \ | | | | \ \ / / | | | | | \ --. | | | / / | | | | | |/ / | | | | \ V / | | | . | --. \ | | | | | |...

Facebook / Google+ Cross Site Content Forgery

Blackhatacademy has asked me to post this to the mailing list as im one of the instructors there, I did not personally develop the exploit, please direct questions regarding it to hatter on irc.blackhatacademy.org Overview Over the years, facebook has been vulnerable to numerous web exploitation...

Design/Logic Flaw

GnuPG 1.4.6 and earlier and GPGME before 1.1.4, when run from the command line, does not visually distinguish signed and unsigned portions of OpenPGP messages with multiple components, which might allow remote attackers to forge the contents of a message without detection...

CVE-2007-1269

CVE-2007-1269 affects GNUMail 1.1.2 and earlier. The root cause is improper use of the --status-fd argument when invoking GnuPG, which prevents distinguishing between signed and unsigned portions of multi-component OpenPGP messages. This can allow remote attackers to forge message contents withou...