DynPG CMS v4.1.0 Multiple Vulnerabilities

Exploit for php platform in category web applications ========================================= DynPG CMS v4.1.0 Multiple Vulnerabilities ========================================= +Title : DynPG CMS Multiple Remote File Inclusion Vulnerability +Version: 4.1.0 Other or lower versions may also be...

CVE-2010-1189

MediaWiki before 1.15.2 does not prevent wiki editors from linking to images from other web sites in wiki pages, which allows editors to obtain IP addresses and other information of wiki users by adding a link to an image on an attacker-controlled web site, aka "CSS validation issue."...

Input validation

MediaWiki before 1.15.2 does not prevent wiki editors from linking to images from other web sites in wiki pages, which allows editors to obtain IP addresses and other information of wiki users by adding a link to an image on an attacker-controlled web site, aka "CSS validation issue."...

CVE-2010-1189

MediaWiki before 1.15.2 does not prevent wiki editors from linking to images from other web sites in wiki pages, which allows editors to obtain IP addresses and other information of wiki users by adding a link to an image on an attacker-controlled web site, aka "CSS validation issue."...

CVE-2010-1189

MediaWiki prior to 1.15.2 is affected by a CSS validation issue that allows editors to link to images on attacker‑controlled sites, enabling collection of IP addresses and other user information. The root cause is the CSS validation check not preventing this behavior. Impact is limited to disclos...

CVE-2010-1189

MediaWiki before 1.15.2 does not prevent wiki editors from linking to images from other web sites in wiki pages, which allows editors to obtain IP addresses and other information of wiki users by adding a link to an image on an attacker-controlled web site, aka "CSS validation issue."...

Mozilla to Fix CSS History Leak Soon

The developers at Mozilla soon will be adding a new privacy enhancement to the Firefox browser that will help prevent attackers and the operators of third-party Web sites from seeing which other sites a user has visited. The technology is meant to address one of the older privacy problems on the...

Mozilla Firefox缓存XUL样式表更改浏览器UI漏洞

BUGTRAQ ID: 38922 CVECAN ID: CVE-2010-0169 Firefox是一款流行的开源WEB浏览器。 远程XUL文档所使用的样式表可能会污染用户的XUL缓存，而浏览器Chrome之后会使用这个缓存确定用户界面的样式。恶意网站可以利用这个漏洞更改浏览器的样式属性，如字体大小和颜色。 Mozilla Firefox 3.6 Mozilla Firefox 3.5.x Mozilla Firefox 3.0.x Mozilla Thunderbird 3.0 Mozilla SeaMonkey 2.0 厂商补丁： Mozilla -------...

Code injection

The CSSLoaderImpl::DoSheetComplete function in layout/style/nsCSSLoader.cpp in Mozilla Firefox 3.0.x before 3.0.18, 3.5.x before 3.5.8, and 3.6.x before 3.6.2; Thunderbird before 3.0.2; and SeaMonkey before 2.0.3 changes the case of certain strings in a stylesheet before adding this stylesheet to...

CVE-2010-0169

The CSSLoaderImpl::DoSheetComplete function in layout/style/nsCSSLoader.cpp in Mozilla Firefox 3.0.x before 3.0.18, 3.5.x before 3.5.8, and 3.6.x before 3.6.2; Thunderbird before 3.0.2; and SeaMonkey before 2.0.3 changes the case of certain strings in a stylesheet before adding this stylesheet to...

CVE-2010-0169

Technical details about CVE-2010-0169 are not provided in the supplied documents. Please monitor official advisories and vendor patches for affected products and versions.

Update Protection against Mozilla Firefox Browser Engine Memory Corruption

A memory corruption was reported in vulnerability in Mozilla Firefox. This flaw is due to the way Mozilla Firefox handles firstletter CSS style elements. A remote attacker can exploit this vulnerability by persuading a target user to open a malicious webpage. Successful exploitation could allow f...

Update Protection against Mozilla Firefox Browser Engine Memory Corruption

A memory corruption vulnerability was reported in Mozilla Firefox, a popular Web browser developed by Mozilla Foundation. This flaw is due to the way Mozilla Firefox handles first-letter CSS style elements. A remote attacker can exploit this vulnerability by persuading a target user to open a...

Debian DSA-2022-1 : mediawiki - several vulnerabilities

Several vulnerabilities have been discovered in mediawiki, a web-based wiki engine. The following issues have been identified : - Insufficient input sanitization in the CSS validation code allows editors to display external images in wiki pages. This can be a privacy concern on public wikis as it...

[SECURITY] [DSA 2022-1] New mediawiki packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA-2022-1 [email protected] http://www.debian.org/security/ Nico Golde March 23th, 2010 http://www.debian.org/security/faq -...

Apple Saferi multiple vulnerabilities (Mar10)

The host is running Apple Saferi and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: secpodapplesafarimultvuln.nasl 5394 2017-02-22 09:22:42Z teissa $ Apple Safari multiple vulnerabilities Mar10 Authors: Madhuri D Updated By: Antu Sanadi on 2010-18-2010 Added the CVE and...

DSA-2022-1 mediawiki - several vulnerabilities

Bulletin has no description...

Apple Safari Multiple Vulnerabilities (Mar 2010)

Apple Safari is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apple:safari"; ifdescription...

Mozilla Browser engine crashes

The browser engine in Mozilla Firefox before 3.0.12 and Thunderbird allows remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via vectors related to 1 the frame chain and synchronous events, 2 a SetMayHaveFrame assertion and...

Apple WebKit CSS run-in Attribute Rendering Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari and other WebKit based browsers. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the handling of...