7425 matches found
WordPress Developer Formatter Cross Site Request Forgery
==================================================================================================================== Exploit Title: Wordpress Developer Formatter CSRF Vulnerability Date: 21/01/13 Author: Junaid Hussain - illSecure Research Group - Contact: [email protected] | Website:...
Oracle Application Framework - Diagnostic Mode Bypass
Trustwave SpiderLabs Security Advisory TWSL2012-023: Oracle Application Framework Diagnostic Mode Bypass Vulnerability Published: 1/15/2013 Version: 1.0 Vendor: Oracle www.oracle.com Product: Oracle Application Framework Version affected: 11.5.10.2, 12.0.6, 12.1.3 Product description: The Oracle...
[SECURITY] Fedora 18 Update: drupal6-ctools-1.10-1.fc18
This suite is primarily a set of APIs and tools to improve the developer experience. It also contains a module called the Page Manager whose job is to manage pa ges. In particular it manages panel pages, but as it grows it will be able to manage far more than just Panels. For the moment, it...
Compartment mismatch with quickstubs returned values — Mozilla
Mozilla developer Boris Zbarsky reported reported a problem where jsval-returning quickstubs fail to wrap their return values, causing a compartment mismatch. This mismatch can cause garbage collection to occur incorrectly and lead to a potentially exploitable crash...
Faux, Hacked Apps Continue to Litter Google Play Marketplace, Developer Alleges
Phony, potentially malicious apps are continuing to make their way into Google’s Play marketplace, triggering debate over whether applications are being properly vetted for adhering to the company’s marketplace policies. Developers at the Root Uninstaller Team have called out another app publishe...
Simple Web Server 2.3-rc1 - Directory Traversal
Simple Web Server 2.3-rc1 - Directory Traversal Exploit Title: Simple Webserver 2.3-rc1 Directory Traversal Date: 01/02/2013 Exploit Author: CwG GeNiuS Vendor Homepage: http://www.pmx.it Software Link: http://www.pmx.it/download/sws-2.3-rc1-i686.exe Version: 2.3-rc1 and earlier Tested on: Windows...
Persistent XSS vulnerability in WP-UserOnline
Hello 3APA3A! in 2010 I've disclosed multiple vulnerabilities Cross-Site Scripting and Full path disclosure in WordPress plugin WP-UserOnline http://securityvulns.ru/Ydocument162.html, http://seclists.org/fulldisclosure/2010/Jul/8. And recently I've disclosed the exploit for persistent XSS...
Developer expelled by Google Play Store on posting Malicious Android apps
Google Play Developer Console enables developers to easily publish and distribute their applications directly to users of Android-compatible phones. Recently someone posted on Reddit that a developer is trying to spread malware by masquerading infected programs as legitimate software. The account...
Developer expelled by Google Play Store on posting Malicious Android apps
Google Play Developer Console enables developers to easily publish and distribute their applications directly to users of Android-compatible phones. Recently someone posted on Reddit that a developer is trying to spread malware by masquerading infected programs as legitimate software. The account...
IBM Rational Developer for System z Information Disclosure Vulnerability (Windows)
This host is installed with IBM Rational Developer for System z and is prone information disclosure vulnerability. OpenVAS Vulnerability Test $Id: gbibmrationaldeveforsystemzinfodiscvulnwin.nasl 5366 2017-02-20 13:55:38Z cfi $ IBM Rational Developer for System z Information Disclosure Vulnerabili...
portable-phpMyAdmin(WordPress plugin authentication bypass-vulnerability warning-the black bar safety net
Part1. Description portable-phpMyAdmin is Wordpress a plug-in, direct access to plug-ins when there are no validation Wordpress session and permissions. Since this plugin has quite a lot of management functions, without a custom over the portable-phpMyAdmin plugin provides a full phpMyAdmin conso...
IBM Rational Developer for System z Information Disclosure Vulnerability - Windows
IBM Rational Developer for System z is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
IBM RBD Web Services Information Disclosure Vulnerability (Windows)
This host is installed with IBM Rational Business Developer and is prone information disclosure vulnerability. OpenVAS Vulnerability Test $Id: gbibmrationalbusideveloperinfodiscvulnwin.nasl 5366 2017-02-20 13:55:38Z cfi $ IBM RBD Web Services Information Disclosure Vulnerability Windows Authors:...
IBM RBD Web Services Information Disclosure Vulnerability - Windows
IBM Rational Business Developer is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
JVN#18731696: Welcart vulnerable to cross-site scripting
Welcart provided by Collne Inc. is a WordPress plugin for creating shopping websites. Welcart contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the management page of Welcart. Solution Update the software Update to the latest version according to the...
[SECURITY] Fedora 17 Update: drupal6-ctools-1.10-1.fc17
This suite is primarily a set of APIs and tools to improve the developer experience. It also contains a module called the Page Manager whose job is to manage pa ges. In particular it manages panel pages, but as it grows it will be able to manage far more than just Panels. For the moment, it...
CVE-2012-4862
The Host Connect emulator in IBM Rational Developer for System z 7.1 through 8.5.1 does not properly store the SSL certificate password, which allows local users to obtain sensitive information via unspecified vectors...
CVE-2012-4862
The Host Connect emulator in IBM Rational Developer for System z 7.1 through 8.5.1 does not properly store the SSL certificate password, which allows local users to obtain sensitive information via unspecified vectors...
CVE-2012-4862
CVE-2012-4862 concerns the IBM Rational Developer for System z product family (versions 7.1 through 8.5.1). The issue is an information disclosure where the Host Connect emulator does not properly store the SSL certificate password, enabling local users to obtain sensitive information through uns...
[SECURITY] Fedora 16 Update: android-tools-20121120git3ddc005-1.fc16
The Android Debug Bridge ADB is used to: - keep track of all Android devices and emulators instances connected to or running on a given host developer machine - implement various control commands e.g. "adb shell", "adb pull", etc. for the benefit of clients command-line users, or helper programs...