CVE-2012-6037

Multiple cross-site scripting XSS vulnerabilities in Mahara 1.4.x before 1.4.5 and 1.5.x before 1.5.4, and other versions including 1.2, allow remote attackers to inject arbitrary web script or HTML via a CSV header with "unknown fields," which are not properly handled in error messages in the 1...

CVE-2012-6037

Multiple cross-site scripting XSS vulnerabilities in Mahara 1.4.x before 1.4.5 and 1.5.x before 1.5.4, and other versions including 1.2, allow remote attackers to inject arbitrary web script or HTML via a CSV header with "unknown fields," which are not properly handled in error messages in the 1...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Mahara 1.4.x before 1.4.5 and 1.5.x before 1.5.4, and other versions including 1.2, allow remote attackers to inject arbitrary web script or HTML via a CSV header with "unknown fields," which are not properly handled in error messages in the 1...

CVE-2012-6037

CVE-2012-6037 affects Mahara installations vulnerable to cross-site scripting via a CSV header with “unknown fields” in error messages during bulk user, group, and group member uploads. Affected versions include Mahara 1.2 and 1.4.x before 1.4.5, and 1.5.x before 1.5.4. The root cause is improper...

CVE-2012-6037

Multiple cross-site scripting XSS vulnerabilities in Mahara 1.4.x before 1.4.5 and 1.5.x before 1.5.4, and other versions including 1.2, allow remote attackers to inject arbitrary web script or HTML via a CSV header with "unknown fields," which are not properly handled in error messages in the 1...

Joomla Component com_fabrik File Upload Vulnerability

Exploit for php platform in category web applications $ $ +================================================= ================+ | Joomla Component comFabrik Remote Shell Upload Vulnerability | +================================================= ================+ Google Dork :...

ActiveFax (ActFax) 4.3 - Client Importer Buffer Overflow (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'ActiveFax ActFax...

ActiveFax (ActFax) 4.3 Client Importer Buffer Overflow

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'ActiveFax ActFax...

ActiveFax (ActFax) 4.3 Client Importer Buffer Overflow

This module exploits a vulnerability in ActiveFax Server. The vulnerability is a stack based buffer overflow in the "Import Users from File" function, due to the insecure usage of strcpy while parsing the csv formatted file. The module creates a .exp file that must be imported with ActiveFax...

CVE-2011-5141

Directory traversal vulnerability in exportcsv/exportcsvindex.php in Open Business Management OBM 2.4.0-rc13 and earlier allows remote authenticated users to include and execute arbitrary local files via a .. dot dot in the module parameter in an exportpage action...

WordPress Plugin Email NewsLetter 8.0 - 'option' Information Disclosure

source: https://www.securityfocus.com/bid/53850/info The Email Newsletter plugin for WordPress is prone to an information-disclosure vulnerability because it fails to sufficiently validate user-supplied data. An attackers can exploit this issue to obtain sensitive information that may aid in...

WordPress Email Newsletter 8.0 Information Disclosure

Description : Wordpress Plugins - Email Newsletter Information Disclosure Vulnerability Version : 8.0 Link : http://wordpress.org/extend/plugins/email-newsletter/ Plugins : http://downloads.wordpress.org/plugin/email-newsletter.zip Date : 28-05-2012 Google Dork :...

Multi Gather Skype User Data Enumeration

This module will enumerate Skype account settings, contact list, call history, chat logs, file transfer history, and voicemail logs, saving all the data to CSV files for analysis. This module requires Metasploit: https://metasploit.com/download Current source:...

Several vulnerabilities in third party extensions

Several vulnerabilities have been found in the following third-party TYPO3 extensions: fewhois, cagtables, additionalreports, generaldatadisplay, realty, dkdfeuserbelogin, tcfbconnect, dixeasylogin, ajadofacebook, facebook2t3, sociallogin2t3, kbeventboard, news Release Date: March 28, 2012 Please...

BigDump Importer v0.32b remote file upload

Exploit for php platform in category web applications +--------------------------------------------------------------------------------------------------------------------------------+ Exploit Title : BigDump Importer v0.32b RFU Date : 05-03-2012 Author : TeaM MosTa Version : ALL Dork :...

Hyper-V CSV Backup - Blue Screen

Challenge During Hyper-V backup via CSV, a node in Hyper-V connected to the CSV shows Blue Screen error and crashes. Cause This is a known Microsoft error requiring updates. Solution Apply hotfixes mentioned in these articles to resolve this behavior. http://support.microsoft.com/kb/2494162...

[SECURITY] Fedora 16 Update: phpMyAdmin-3.4.8-1.fc16

phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface managing databases, tables, fields, relations, index es, users, permissions, while you still have the ability to directly...

Patch 3 Release Notes for Veeam Backup & Replication 6.0.0.153

More Recent Version Available Please find the latest version of Veeam Backup & Replication here: Veeam Downloads - Latest Version Challenge These are the issues resolved by the Patch 3 for Veeam Backup version 6.0.0.153. All patches are cumulative so each below fix is contained in this patch...

Debian DSA-2338-1 : moodle - several vulnerabilities

Several cross-site scripting and information disclosure issues have been fixed in Moodle, a course management system for online learning : - MSA-11-0020 Continue links in error messages can lead offsite - MSA-11-0024 reCAPTCHA images were being authenticated from an older server - MSA-11-0025 Gro...

DSA-2338-1 moodle - several

Bulletin has no description...