ErfurtWiki <= R1.02b (css) Local File Inclusion Vulnerabilities

No description provided by source. / | || | | | | | | | | /| | | | | || ||| ||||| || C. H. R. O. O. T. SECURITY GROUP - -- ----- --- -- -- ---- --- -- - http://www.chroot.org Hacks In Taiwan | || | | | | | | | Conference 2008 | | | | | | | | | || ||| || |||| http://www.hitcon.org Title...

wordpress 3.0.3 - Stored XSS (ie7,6 ns8.1)

No description provided by source. Exploit Title: Wordpress 3.0.3 stored XSS IE7,6 NS8.1 Date: 27 december 2010 Author: Saif Software Link:wordpress.org Version: 3.0.3 Tested on: IE 6 a stored XSS vulnerability using CSS styles affecting users surfing the malicious post using IE6, IE7, NS 8.1 POC...

MS Internet Explorer "mshtml.dll" CSS Parsing Buffer Overflow

No description provided by source. / Taken from http://www.securiteam.com/exploits/5NP042KF5A.html The exploit will create a .CSS file that should be included in an HTML file. When a user loads the HTML file, Internet Explorer will try to parse the CSS and will trigger the buffer overflow. /...

Active Calendar 1.2 data/m_2.php css Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/22705/info Active Calendar is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the...

Active Calendar 1.2 data/m_3.php css Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/22705/info Active Calendar is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the...

M-TECH P-Synch 6.2.5 nph-psf.exe css Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/7745/info P-Synch does not adequately filter HTML code from URL parameters, making it prone to cross-site scripting attacks. Code will be executed in the security context of the system running P-Synch. This may enable a...

Minify4Joomla Upload and Persistent XSS Vulnerability

No description provided by source. ======================================================= Minify4Joomla Upload and Persistent XSS Vulnerability ======================================================= Name : Minify4Joomla Upload and Persistent XSS Vulnerability Date : july 9,2010 Critical Level :...

WebSiteSniffer v1.41 - Captures all Web site files downloaded by your Web browser while browsing the Internet

WebSiteSniffer is a packet sniffer tool that captures all Web site files downloaded by your Web browser while browsing the Internet, and stores them on your hard drive under the base folder that you choose. WebSiteSniffer allows you to choose which type of Web site files will be captured: HTML...

openSUSE Security Update : chromium (openSUSE-SU-2014:0243-1)

Chromium was updated to version 32.0.1700.102: Stable channel update : - Security Fixes : - CVE-2013-6649: Use-after-free in SVG images - CVE-2013-6650: Memory corruption in V8 - and 12 other fixes - Other : - Mouse Pointer disappears after exiting full-screen mode - Drag and drop files into...

openSUSE Security Update : phpMyAdmin (openSUSE-SU-2014:0344-1)

phpMyAdmin was updated to 4.1.8 to fix bugs, security issues and also bring new features. Fixed security issue : - PMASA-2014-1 CVE-2014-1879, CWE-661 CWE-79 - update to 4.1.8 2014-02-22 - sf4276 Login loop on session expiry - sf4249 Incorrect number of result rows for SQL with subqueries - sf427...

openSUSE Security Update : opera (openSUSE-SU-2010:0370-1)

Opera was upgraded to the 10.60 release. It brings lots of new features, bugfixes and security fixes. Security fixes include: CVE-2010-0653: Opera permits cross-origin loading of CSS style sheets even when the style sheet download has an incorrect MIME type and the style sheet document is...

openSUSE Security Update : mozilla-xulrunner191 (mozilla-xulrunner191-2779)

This update brings Mozilla XULRunner to the 1.9.1.11 security release. It fixes following security bugs: MFSA 2010-34 / CVE-2010-1211: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs show...

Microsoft Internet Explorer CSS Out-Of-Bounds Indexing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Respondly: Full Path Disclosure

"code":500,"error":"Failed to render CSS stylesheet.","file":"/assets/packages/app/shared/css/","message":"ENOENT, open '/srv/www/respondly/releases/20140421220734/marketingbundle/programs/server/assets/packages/app/shared/css/" Request ------------ GET /css/shared/%22ns=%22alert9 HTTP/1.1...

Microsoft Internet Explorer CSS Table Handling Memory Corruption (MS10-090; CVE-2010-3962)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...

(Pwn2Own) Apple Safari Heap Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of CSS...

AppFish Offline Coder 2.2 Persistent Script Insertion

Document Title: =============== AppFish Offline Coder v2.2 iOS - Persistent Software Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1252 Release Date: ============= 2014-04-08 Vulnerability Laboratory ID VL-ID:...

AppFish Offline Coder v2.2 iOS - Persistent Vulnerability

Document Title: =============== AppFish Offline Coder v2.2 iOS - Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1252 Release Date: ============= 2014-04-07 Vulnerability Laboratory ID VL-ID: ====================================...

Microsoft Internet Explorer Heap Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

visibility: visible undoes visibility: hidden

If you set an element to display: none the browser ignores all of its children, if a child sets itself to display: block it will remain hidden. This isn't true of visibility. Serious? Serious. html.show-only-the-button visibility: hidden; html.show-only-the-button .the-button visibility: visible;...