100 matches found
Joomla Furniture Virtuemart Templates 1.5 SQL Injection
Exploit Title : Joomla Furniture Virtuemart Templates 1.5 SQL Injection Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 25/02/2019 Vendor Homepage : ordasoft.com Software Download Link : ordasoft.com/download-furniture-joomla-virtuemart-template Software...
Browser Side-Channel Flaw De-Anonymizes Facebook Data
A side-channel vulnerability in Google Chrome and Mozilla Firefox allows drive-by de-anonymization of Facebook users. An exploit would allow an attacker to pick up the profile picture, username and the “likes” of unsuspecting visitors who find themselves landing on a malicious website – with no...
Web India Solutions CMS 2015 SQL Injection
Document Title: =============== Web India Solutions CMS 2015 - SQL Injection Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1495 Release Date: ============= 2015-05-13 Vulnerability Laboratory ID VL-ID: ====================================...
Web India Solutions CMS 2015 - SQL Injection Vulnerability
Document Title: =============== Web India Solutions CMS 2015 - SQL Injection Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1495 Release Date: ============= 2015-05-12 Vulnerability Laboratory ID VL-ID: ====================================...
Design/Logic Flaw
WebKit in Apple Safari before 4.0 allows remote attackers to spoof the browser's display of 1 the host name, 2 security indicators, and unspecified other UI elements via a custom cursor in conjunction with a modified CSS3 hotspot property...
CVE-2009-1710
WebKit in Apple Safari before 4.0 allows remote attackers to spoof the browser's display of 1 the host name, 2 security indicators, and unspecified other UI elements via a custom cursor in conjunction with a modified CSS3 hotspot property...
CVE-2009-1710
WebKit in Apple Safari before 4.0 allows remote attackers to spoof the browser's display of 1 the host name, 2 security indicators, and unspecified other UI elements via a custom cursor in conjunction with a modified CSS3 hotspot property...
CVE-2009-1710
WebKit in Apple Safari before 4.0 allows remote attackers to spoof the browser's display of 1 the host name, 2 security indicators, and unspecified other UI elements via a custom cursor in conjunction with a modified CSS3 hotspot property...
CVE-2009-1710
CVE-2009-1710 affects Apple Safari/WebKit prior to version 4.0. Q: What’s vulnerable? WebKit’s handling of a modified CSS3 hotspot property combined with a custom cursor can spoof the browser UI—host name, security indicators, and other UI elements. Impact: remote attackers could deceive users by...
security flaw
GUI overlay vulnerability in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 allows remote attackers to spoof certain user interface elements, such as the host name or security indicators, via the CSS3 hotspot property with a large, transparent, custom...
Mozilla Foundation Security Advisory 2007-04
Mozilla Foundation Security Advisory 2007-04 Title: Spoofing using custom cursor and CSS3 hotspot Impact: Low Announced: February 23, 2007 Reporter: David Eckel Products: Firefox, SeaMonkey Fixed in: Firefox 2.0.0.2 Firefox 1.5.0.10 SeaMonkey 1.0.8 Description David Eckel reported that browser UI...
CVE-2007-0779
GUI overlay vulnerability in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 allows remote attackers to spoof certain user interface elements, such as the host name or security indicators, via the CSS3 hotspot property with a large, transparent, custom...
CVE-2007-0779
GUI overlay vulnerability in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 allows remote attackers to spoof certain user interface elements, such as the host name or security indicators, via the CSS3 hotspot property with a large, transparent, custom...
Code injection
GUI overlay vulnerability in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 allows remote attackers to spoof certain user interface elements, such as the host name or security indicators, via the CSS3 hotspot property with a large, transparent, custom...
CVE-2007-0779
GUI overlay vulnerability in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 allows remote attackers to spoof certain user interface elements, such as the host name or security indicators, via the CSS3 hotspot property with a large, transparent, custom...
CVE-2007-0779
CVE-2007-0779 concerns a GUI overlay spoofing flaw in SeaMonkey prior to 1.0.8 (and Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2) where a large, transparent cursor via CSS3 hotspot could spoof UI elements such as the hostname or security indicators. The vulnerability allows remote observe...
FreeBSD : mozilla -- multiple vulnerabilities (12bd6ecf-c430-11db-95c5-000c6ec775d9)
The Mozilla Foundation reports of multiple security issues in Firefox, SeaMonkey, and Thunderbird. Several of these issues can probably be used to run arbitrary code with the privilege of the user running the program. - MFSA 2007-08 onUnload + document.write memory corruption - MFSA 2007-07...
security flaw
GUI overlay vulnerability in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 allows remote attackers to spoof certain user interface elements, such as the host name or security indicators, via the CSS3 hotspot property with a large, transparent, custom...
mozilla -- multiple vulnerabilities
The Mozilla Foundation reports of multiple security issues in Firefox, Seamonkey, and Thunderbird. Several of these issues can probably be used to run arbitrary code with the privilege of the user running the program. MFSA 2007-08 onUnload + document.write memory corruption MFSA 2007-07 Embedded...
Spoofing using custom cursor and CSS3 hotspot — Mozilla
David Eckel reported that browser UI elements--such as the host name and security indicators--could be spoofed by using a large, mostly transparent, custom cursor and adjusting the CSS3 hotspot property so that the visible part of the cursor floated outside the browser content area...