Ubuntu Update for firefox-3.0, xulrunner-1.9 vulnerabilities USN-690-1

Ubuntu Update for Linux kernel vulnerabilities USN-690-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN6901.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for firefox-3.0, xulrunner-1.9 vulnerabilities USN-690-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks Gmb...

eZoneScripts (Multiple Scripts) - Insecure Cookie Authentication Bypass

source: https://www.securityfocus.com/bid/39912/info eZoneScripts Banner Exchange Website, Adult Banner Exchange Website, Apartment Search Script, phpMiniSite Script, and Classified Ultra Script are prone to an authentication-bypass vulnerability because they fail to adequately verify user-suppli...

USN-690-1: Firefox and xulrunner vulnerabilities

Several flaws were discovered in the browser engine. These problems could allow an attacker to crash the browser and possibly execute arbitrary code with user privileges. CVE-2008-5500, CVE-2008-5501, CVE-2008-5502 It was discovered that Firefox did not properly handle persistent cookie data. If ...

RakhiSoftware Shopping Cart - product.php Multiple Cross-Site Scripting Vulnerabilities

RakhiSoftware Shopping Cart - product.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/32563/info RakhiSoftware Shopping Cart is prone to multiple remote vulnerabilities. Exploiting these issues can allow attackers to obtain sensitive information, steal...

RakhiSoftware Shopping Cart - 'product.php' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/32563/info RakhiSoftware Shopping Cart is prone to multiple remote vulnerabilities. Exploiting these issues can allow attackers to obtain sensitive information, steal cookie data, access or modify data, or exploit latent vulnerabilities in the underlying...

Possible Social Security Number in Cookie

Binary data 4671.prm...

Fedora 7 : firefox-2.0.0.4-1.fc7 (2007-0001)

Updated firefox packages that fix several security bugs are now available for Fedora Core 7. This update has been rated as having critical security impact by the Fedora Security Response Team. Mozilla Firefox is an open source Web browser. Several flaws were found in the way Firefox processed...

RedLevel Advisory #021 - CubeCart v3.0.16 SQL Injection Vulnerability

An interesting SQL injection vulnerability was discovered in CubeCart v3.0.16. This vulnerability cannot easily be exploited by traditional means - in fact, the actual vulnerable variable was not discovered. As a piece of user input is passed to CubeCart, it is sanitized through a routine mySQLSa...

technorati.txt

Technorati.com Homepage: http://www.technorati.com Affected files: login box Creating a new account input boxes Login box XSS vuln: By escaping quotes and using script tags, we can acomplish our XSS example. For PoC try putting the following code in the login box: """"'''""""''" Spoofing forms to...

PHP iCalendar Cookie Data Traversal Local File Inclusion

The remote host appears to be running PHP iCalendar, a web-based iCal file viewer / parser written in PHP. The version of PHP iCalendar installed on the remote host fails to sanitize input to cookie data normally used to store language and template user preferences before using it in a PHP...

DBeSession102.txt

GulfTech Security Research February 11, 2006 Vendor : Lawrence Osiris URL : http://www.phpclasses.org/browse/package/1624.html Version : DBeSession 1.0.2 Risk : SQL Injection Description: DBeSession is a feature-packed PHP class that stores the session data in a MySQL database rather than files. ...

[SA18821] XMB Forums today.php Cookie Data SQL Injection

TITLE: XMB Forums today.php Cookie Data SQL Injection SECUNIA ADVISORY ID: SA18821 VERIFY ADVISORY: http://secunia.com/advisories/18821/ CRITICAL: Moderately critical IMPACT: Manipulation of data WHERE: From remote SOFTWARE: XMB 1.x http://secunia.com/product/1491/ DESCRIPTION: James Bercegay has...

427BB 2.2 - Authentication Bypass

427BB 2.2 - Authentication Bypass source: https://www.securityfocus.com/bid/16178/info 427BB is prone to an authentication bypass vulnerability. This issue is due to a failure in the application to properly validate user-supplied data. An attacker can exploit this issue to bypass the authenticati...

427BB 2.2 - Authentication Bypass

source: https://www.securityfocus.com/bid/16178/info 427BB is prone to an authentication bypass vulnerability. This issue is due to a failure in the application to properly validate user-supplied data. An attacker can exploit this issue to bypass the authentication mechanism and gain access to th...

MyBB 1.0 - Globa.php Cookie Data SQL Injection

MyBB 1.0 - Globa.php Cookie Data SQL Injection source: https://www.securityfocus.com/bid/16082/info MyBB is prone to an SQL injection vulnerability. The vulnerability presents itself when user-supplied input via cookie data is passed to the 'admin/globa.php' script. Successful exploitation can...

MyBB 1.0 - 'Globa.php' Cookie Data SQL Injection

source: https://www.securityfocus.com/bid/16082/info MyBB is prone to an SQL injection vulnerability. The vulnerability presents itself when user-supplied input via cookie data is passed to the 'admin/globa.php' script. Successful exploitation can allow an attacker to bypass authentication and ga...

Ultimate Bulletin Board 6.06.2 - UBBER Cookie HTML Injection

Ultimate Bulletin Board 6.06.2 - UBBER Cookie HTML Injection source: https://www.securityfocus.com/bid/8212/info Ultimate Bulletin Board has been reported prone to a HTML injection vulnerability. The issue likely presents itself due to a lack of sanitization performed on cookie data. It has been...

IkonBoard 3.1 - Lang Cookie Arbitrary Command Execution (2)

source: https://www.securityfocus.com/bid/7361/info It has been reported that IkonBoard is prone to an arbitrary command execution vulnerability. The vulnerability is due to insufficient sanitization performed on user supplied cookie data. An attacker may exploit this issue to execute arbitrary...