Zoom X4/X5 ADSL Modem and Router -Unauthenticated Remote Root Command Execution

Vulnerable Products - Zoom X4 ADSL Modem and Router running Nucleus/4.3 UPnP/1.0Virata-EmWeb/R620 Server All GS Firmware versions Zoom X5 ADSL Modem and Router running Nucleus/4.3 UPnP/1.0Virata-EmWeb/R620 Server All GS Firmware versions Note: A similar vulnerability was reported several years ag...

CVE-2013-3742

Cross-site scripting XSS vulnerability in viewcreate.php aka the Create View page in phpMyAdmin 4.x before 4.0.3 allows remote authenticated users to inject arbitrary web script or HTML via an invalid SQL CREATE VIEW statement with a crafted name that triggers an error message...

CVE-2013-3742

Cross-site scripting XSS vulnerability in viewcreate.php aka the Create View page in phpMyAdmin 4.x before 4.0.3 allows remote authenticated users to inject arbitrary web script or HTML via an invalid SQL CREATE VIEW statement with a crafted name that triggers an error message...

Cross site scripting

Cross-site scripting XSS vulnerability in viewcreate.php aka the Create View page in phpMyAdmin 4.x before 4.0.3 allows remote authenticated users to inject arbitrary web script or HTML via an invalid SQL CREATE VIEW statement with a crafted name that triggers an error message...

CVE-2013-3742

CVE-2013-3742 is a cross-site scripting (XSS) vulnerability in phpMyAdmin 4.x prior to 4.0.3, exploitable via view_create.php (Create View page). The issue arises from handling an invalid SQL CREATE VIEW statement with a crafted name that triggers an error message, enabling remote authenticated u...

CVE-2013-1972

Cross-site request forgery CSRF vulnerability in the elFinder file manager module 6.x-0.x before 6.x-0.8 and 7.x-0.x before 7.x-0.8 for Drupal allows remote attackers to hijack the authentication of unspecified victims to create, modify, or delete files via unknown vectors...

DEBIAN-CVE-2013-1989

Multiple integer overflows in X.org libXv 1.0.7 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the 1 XvQueryPortAttributes, 2 XvListImageFormats, and 3 XvCreateImage function...

Youku open platform storage type XSS script attack vulnerability success hijacking the background-bug warning-the black bar safety net

Youku open platform in the“Create an application”feature of the plurality of fields, not from the client to submit the variables into the database, the output of the safety of the escape process. http://open.youku.com/app/create ! Lead can be directly stepped into the background. Vulnerability...

FreeBSD : phpMyAdmin -- XSS due to unescaped HTML output in Create View page (6b97436c-ce1e-11e2-9cb2-6805ca0b3d42)

The phpMyAdmin development team reports : When creating a view with a crafted name and an incorrect CREATE statement, it is possible to trigger an XSS. This vulnerability can be triggered only by someone who logged in to phpMyAdmin, as the usual token protection prevents non-logged-in users from...

phpMyAdmin -- XSS due to unescaped HTML output in Create View page

The phpMyAdmin development team reports: When creating a view with a crafted name and an incorrect CREATE statement, it is possible to trigger an XSS. This vulnerability can be triggered only by someone who logged in to phpMyAdmin, as the usual token protection prevents non-logged-in users from...

XSS due to unescaped HTML output in Create View page.

PMASA-2013-6 Announcement-ID: PMASA-2013-6 Date: 2013-06-05 Summary XSS due to unescaped HTML output in Create View page. Description When creating a view with a crafted name and an incorrect CREATE statement, it is possible to trigger an XSS. Severity We consider this vulnerability to be non...

XOOPS 2.5.6 CSRF Vulnerability

Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...

OPC UA Create Session Request Command

...

OPC UA Create Subscription Response Command

...

OPC UA Create Monitored Items Response Command

...

OPC UA Create Subscription Request Command

...

OPC UA Create Session Response Command

...

OPC UA Monitored Item Create Request Command

...

CVE-2013-1956

The createuserns function in kernel/usernamespace.c in the Linux kernel before 3.8.6 does not check whether a chroot directory exists that differs from the namespace root directory, which allows local users to bypass intended filesystem restrictions via a crafted clone system call...

CVE-2013-0129

Multiple cross-site scripting XSS vulnerabilities in pd-admin before 4.17 allow remote authenticated users to inject arbitrary web script or HTML via 1 the WebFTP Overview "Create new directory" field or 2 the body of an e-mail autoresponder message...