XOOPS 2.5.6 CSRF Vulnerability

Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...

OPC UA Create Session Request Command

...

OPC UA Create Subscription Response Command

...

OPC UA Create Monitored Items Response Command

...

OPC UA Create Subscription Request Command

...

OPC UA Create Session Response Command

...

OPC UA Monitored Item Create Request Command

...

CVE-2013-1956

The createuserns function in kernel/usernamespace.c in the Linux kernel before 3.8.6 does not check whether a chroot directory exists that differs from the namespace root directory, which allows local users to bypass intended filesystem restrictions via a crafted clone system call...

CVE-2013-0129

Multiple cross-site scripting XSS vulnerabilities in pd-admin before 4.17 allow remote authenticated users to inject arbitrary web script or HTML via 1 the WebFTP Overview "Create new directory" field or 2 the body of an e-mail autoresponder message...

MailOrderWorks 5.907 - Multiple Vulnerabilities

MailOrderWorks 5.907 - Multiple Vulnerabilities Title: ====== MailOrderWorks v5.907 - Multiple Web Vulnerabilities Date: ===== 2013-01-02 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=798 VL-ID: ===== 796 Common Vulnerability Scoring System:...

Google Fusion Tables Cross Site Scripting

Title: Google Fusion Tables XSS HTML Injection Vulnerability Release Date: 07/03/2013 Author: Junaid Hussain - illSecure Research Group Contact: [email protected] | Website: http://illSecure.com Vulnerable Application: https://www.google.com/fusiontables/DataSource?dsrcid=implicit...

CVE-2012-3363

ZendXmlRpc in Zend Framework 1.x before 1.11.12 and 1.12.x before 1.12.0 does not properly handle SimpleXMLElement classes, which allows remote attackers to read arbitrary files or create TCP connections via an external entity reference in a DOCTYPE element in an XML-RPC request, aka an XML...

CVE-2012-6530

Stack-based buffer overflow in Sysax Multi Server before 5.52, when HTTP is enabled, allows remote authenticated users with the create folder permission to execute arbitrary code via a crafted request...

CVE-2012-6508

Multiple cross-site request forgery CSRF vulnerabilities in NetArt Media Car Portal 3.0 allow remote attackers to hijack the authentication of administrators for requests that 1 change arbitrary user passwords via a nouveau action in the security module to cars/ADMIN/index.php; 2 create a user or...

Buffer overflow

Buffer overflow in the "create torrent dialog" functionality in uTorrent 1.8.3 build 15772, and possibly other versions before 1.8.3 Build 16010, allows user-assisted remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a text file containing a...

CVE-2009-5134

Buffer overflow in the "create torrent dialog" functionality in uTorrent 1.8.3 build 15772, and possibly other versions before 1.8.3 Build 16010, allows user-assisted remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a text file containing a...

CVE-2012-3220

Unspecified vulnerability in the Spatial component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote authenticated users with Create Session privileges to affect confidentiality, integrity, and availability via unknown vectors...

Design/Logic Flaw

Unspecified vulnerability in the Spatial component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote authenticated users with Create Session privileges to affect confidentiality, integrity, and availability via unknown vectors...

FCK 0day FCKeditor create a folder,Upload a file when"." Change"_"to break-vulnerability warning-the black bar safety net

A lot of times the uploaded file for example: shell.php.rar or shell.php;. jpg becomes shellphp;. jpg this is the new version of the FCK change, try to upload 1. asp;jpg Submitted shell.php+space to get around, but the spaces only support win system is nix is not supported, shell.php and...

Directory traversal

Multiple directory traversal vulnerabilities in Axway SecureTransport 5.1 SP2 and earlier allow remote authenticated users to 1 read, 2 delete, or 3 create files, or 4 list directories, via a ..%5C encoded dot dot backslash in a URI...