[SECURITY] Fedora 20 Update: mupdf-1.1-5.fc20

MuPDF is a lightweight PDF viewer and toolkit written in portable C. The renderer in MuPDF is tailored for high quality anti-aliased graphics. MuPDF renders text with metrics and spacing accurate to within fractions of a pixel for the highest fidelity in reproducing the look of a printed page on...

Eventum - Insecure File Permissions

Eventum - Insecure File Permissions source: https://www.securityfocus.com/bid/65186/info Eventum is prone to an insecure file-permission vulnerability. An attacker can exploit this issue to reinstall vulnerable application. This may aid in further attacks. Eventum 2.3.4 is vulnerable; other...

Eventum - Insecure File Permissions

source: https://www.securityfocus.com/bid/65186/info Eventum is prone to an insecure file-permission vulnerability. An attacker can exploit this issue to reinstall vulnerable application. This may aid in further attacks. Eventum 2.3.4 is vulnerable; other versions may also be affected. Following...

Cross-Site Scripting (XSS) in Komento Joomla Extension

High-Tech Bridge Security Research Lab discovered two XSS vulnerabilities in Komento Joomla Extension, which can be exploited to perform script insertion attacks. 1 Cross-Site Scripting XSS in Komento Joomla Extension: CVE-2014-0793 1.1 The vulnerability exists due to insufficient sanitisation of...

CVE-2013-5583

Cross-site scripting XSS vulnerability in libraries/idnaconvert/example.php in Joomla! 3.1.5 allows remote attackers to inject arbitrary web script or HTML via the lang parameter...

phpcms multiple versions of the background holding shell vulnerability-vulnerability warning-the black bar safety net

Brief description: phpcms multiple versions of the background holding shell vulnerability. Detailed description: url rules with generated static can get the shell. Vulnerability proof: 1, the landing in the background." Extension"—"the URL rule Management"—"Add a rule" ! 2,“URL rule name”must be...

phpcms v9 arbitrary file read vulnerability exp-vulnerability warning-the black bar safety net

? php / PHPcms V9 arbitrary file read vulnerability Detection Tool @author the Return of the Blog: www.creturn.com Email: [email protected] Note that this app only to learn reference, shall not be used for illegal interactions Otherwise the consequences conceited, and I is independent of! /...

http-errors NSE Script

This script crawls through the website and returns any error pages. The script will return all pages sorted by error code that respond with an http code equal or above 400. To change this behaviour, please use the errcodes option. The script, by default, spiders and searches within forty pages. F...

Code injection

An ActiveX control in exlauncher.dll in the Help subsystem in National Instruments LabWindows/CVI before 2013 allows remote attackers to cause a denial of service by triggering the display of local example files...

CVE-2013-5025

An ActiveX control in exlauncher.dll in the Help subsystem in National Instruments LabWindows/CVI before 2013 allows remote attackers to cause a denial of service by triggering the display of local example files...

imacs CMS 0.3.0 Shell Upload

?php / ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH Underground Hacking Team .. +---------------------------^----------| ,-------, | / XXXXXX /| / / XXXXXX / \ / / XXXXXX /\ / XXXXXX / / XXXXXX / ------' Exploit Title : imacs CMS Unrestricted File Upload Exploit Date...

[SECURITY] Fedora 18 Update: phpMyAdmin-3.5.8-1.fc18

phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface managing databases, tables, fields, relations, index es, users, permissions, while you still have the ability to directly...

JAOW 2.4.8 Cross Site Scripting

Script Name : JAOW 2.4.8 Version : 2.4.8 Bug Type : XSS vulnerability Found by : Metropolis Home : http://metropolis.fr.cr Discovered : 23/03/2013 Download app : http://www.jaow.net/uploads/jaow2.4.8.zip Google search : Propulsé par Jaow 2.4.8 - PoC : http://target/path/addons.php?addons=Xss...

Petite Annonce 1 Cross Site Scripting

Script Name : SCRIPT PETITE ANNONCE v1 Version : v1 Bug Type : XSS vulnerability Found by : Metropolis Home : http://metropolis.fr.cr Discovered : 14/03/2013 Download app : http://www.script-php-petite-annonce.com/achat.html Google search : inurl:/annonce/moteur-prix.php?categoriemoteur= PoC :...

ClipShare 4.1.4 - Multiple Vulnerabilities

===================================================================== Vulnerable Software: ClipShare - Video Sharing Community Script 4.1.4 Official site: http://www.clip-share.com Software License: Commercial. Vulns: Blind SQl injection && Plaintext Password...

ClipShare 4.1.4 SQL Injection / Plaintext Password Vulnerabilities

ClipShare version 4.1.4 suffers from remote blind SQL injection and plaintext password vulnerabilities. ===================================================================== Vulnerable Software: ClipShare - Video Sharing Community Script 4.1.4 Official site: http://www.clip-share.com Software...

AdaptCMS 2.0.4 - config.php?question SQL Injection

AdaptCMS 2.0.4 - config.php?question SQL Injection Exploit Title: AdaptCMS = 2.0.4 SQL Injection vulnerability Date: 26/10/2012 Exploit Author: Kallimero Vendor Homepage: http://www.adaptcms.com/ Software Link: http://www.insanevisions.com/page/3/Downloads/ Version: 2.0.4 Tested on: Debian...

quota security and bug fix update

1:3.13-8.0.1 - Add ocfs2 support Orabug: 14208111 1:3.13-8 - Fix CVE-2012-3417 incorrect use of tcpwrappers Resolves: 841448 1:3.13-7 - Fix parsing numeric arguments of setquota Resolves: 831520 1:3.13-6 - Do not use real domains in warnquota example Resolves: 680429 - Use /proc/mounts for...

Fedora 16 : php-pear-CAS-1.3.2-1.fc16 (2012-21122)

Changes in version 1.3.2 Security Fixes : - CVE-2012-5583 Missing CN validation of CAS server certificate 58 Joachim Fritschi Bug Fixes : - Fix broken character encoding in Greek and French 40 Joachim Fritschi - Minor error corrections in a few example files Joachim Fritschi - Remove erroneous...

. net file upload vulnerability in the code example and solution-vulnerability warning-the black bar safety net

At this point in the test when stripped down the code and some lost, and only a patch solution. We make do and see. Something very simple. string str = filename. Substringfilename. LastIndexOf"." + 1, 3; if str == "png" || str == "gif" || str == "jpg" || str == "jpeg" || str == "PNG" || str ==...