Lucene search
K

15 matches found

Hacker One
Hacker One
added 2017/09/18 10:11 a.m.47 views

Hiro: Weak crossdomain.xml

The e-mail list management service used by Blockstack operated by MailChimp has a lenient cross-domain flash policy -- this is not a vulnerability, however, the crossdomain.xml used by the mailing service is more lenient than used by normal web services...

6.9AI score
Exploits0
Hacker One
Hacker One
added 2017/07/29 2:44 a.m.15 views

Socusoft: XSS in HTML Content Generated by Flash Slideshow Maker (All Versions)

The vulnerability identified does not exist within the software application itself, instead, the vulnerability presents itself within the application's exported files which end up hosted on an external web-server. Socusoft's Flash Slideshow Maker application has two configuration themes associate...

0.6AI score
Exploits0
Packet Storm
Packet Storm
added 2017/07/29 12:0 a.m.36 views

Flash Slideshow Maker Professional XSS / Content Forgery / Redirect

================================================================================= | | | | | | | | | | | |/' | / / / / | ' | /| | ' \ \ / | '| \ \ \ /\ / / | | | \ |/ / | | | | |./ / | | ./ /\ V V / || ||/|| || ||/ || / // C O N T A C T : Twitter: @ret2eax Email: [email protected] Blog:...

0.2AI score
Exploits0
Hacker One
Hacker One
added 2015/01/21 10:7 p.m.103 views

Mobile Vikings: Insecure crossdomain.xml

Hi, https://mobilevikings.be/crossdomain.xml contains the following xml file: This will make any one able to receive content from https://mobilevikings.be/. More information about this issue is available here: http://gursevkalra.blogspot.nl/2013/08/bypassing-same-origin-policy-with-flash.html Bes...

1.2AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.20 views

123 flashchat 7.8 - Multiple Vulnerabilities

No description provided by source. |------------------------------------------------------------------| | | | / / / / | | / / / / / / / \ / / / / \ | | / // // / / / / / // / / / / / // / // / / / / / / | | /// //,// // //,// // // | | | | http://www.corelan.be:8800 | |...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2013/09/28 12:0 a.m.26 views

phpwind配置不当可导致CSRF发帖

简要描述: phpwind配置不当可导致CSRF发帖 详细说明: crossdomain.xml的默认设置: - 虽然有建议 但是普通站长谁没事改这个啊,还不如你们在安装时直接根据host重写下crossdomain.xml得了。 先取到csrf的token function gethash function getformhashtxt txt = txt.split'csrftoken" value="'1.split'"'0; return txt; var resultlv:LoadVars = new LoadVars; resultlv.onData = functiontx...

7AI score
Exploits0
Packet Storm
Packet Storm
added 2013/08/29 12:0 a.m.21 views

Geonick Social Network Clickjacking / Credential Disclosure

GEONICK SOCIAL-NETWORK Insecure crossdomain.xml file / Clickjacking: X-Frame-Options header missing / User credentials are sent in clear text Time-Line Vulnerability Multiple Advisories but NOT RESPONSE Then Full Disclosure I-VULNERABILITY ------------------------- Title: GEONICK SOCIAL-NETWORK...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2013/03/13 12:0 a.m.14 views

flash crossdomain.xml 跨站请求伪造

No description provided by source...

7.1AI score
Exploits0
erpscan
erpscan
added 2012/12/03 12:0 a.m.17 views

SAP Xcelsius - insecure crossdomain policy

Application: SAP Portal Xcelsius dashboards Vendor URL: http://www.sap.com Bugs: insecure crossdomain policy Exploits: YES Reported: 12.03.2012 Vendor response: 12.03.2012 Date of SAP Security Note Published: 08.01.2013 Date of Public Advisory: 29.01.2013 Reference: SAP Security Note 1412864...

7.3AI score
Exploits0
Packet Storm
Packet Storm
added 2010/08/17 12:0 a.m.21 views

123 Flashchat Directory Traversal / Cross Site Scripting

|------------------------------------------------------------------| | | | / / / / | | / / / / / / / \ / / / / \ | | / // // / / / / / // / / / / / // / // / / / / / / | | /// //,// // //,// // // | | | | http://www.corelan.be:8800 | | [email protected] | | |...

0.1AI score
Exploits0
0day.today
0day.today
added 2010/08/16 12:0 a.m.27 views

123 Flashchat version 7.8 Multiple Remote Vulnerabilities

Exploit for windows platform in category remote exploits ========================================================= 123 Flashchat version 7.8 Multiple Remote Vulnerabilities ========================================================= |-----------------------------------------------------------------...

7.1AI score
Exploits0
0day.today
0day.today
added 2010/08/16 12:0 a.m.25 views

123 Flashchat version 7.8 Multiple Remote Vulnerabilities

Exploit for windows platform in category remote exploits ========================================================= 123 Flashchat version 7.8 Multiple Remote Vulnerabilities ========================================================= |-----------------------------------------------------------------...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2010/08/16 12:0 a.m.39 views

123 FlashChat 7.8 - Multiple Vulnerabilities

|------------------------------------------------------------------| | | | / / / / | | / / / / / / / \ / / / / \ | | / // // / / / / / // / / / / / // / // / / / / / / | | /// //,// // //,// // // | | | | http://www.corelan.be:8800 | | [email protected] | | |...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2010/08/16 12:0 a.m.18 views

123 FlashChat 7.8 - Multiple Vulnerabilities

123 FlashChat 7.8 - Multiple Vulnerabilities |------------------------------------------------------------------| | | | / / / / | | / / / / / / / \ / / / / \ | | / // // / / / / / // / / / / / // / // / / / / / / | | /// //,// // //,// // // | | | | http://www.corelan.be:8800 | |...

0.2AI score
Exploits0
0day.today
0day.today
added 2010/04/29 12:0 a.m.25 views

Ucenter Projekt 2.0 Insecure crossdomain (XSS) Vulnerability

Exploit for php platform in category web applications ============================================================ Ucenter Projekt 2.0 Insecure crossdomain XSS Vulnerability ============================================================...

7.1AI score
Exploits0
Rows per page
Query Builder