Cetil Cross Site Scripting

Post Cross Site Scripting on Cetil - Demonstrativo de Pagamento de Salário + Date: 27/05/2014 + Risk: LOW + CWE number: CWE-79 + Author: Felipe Andrian Peixoto + Vendor Homepage: http://www.cetil.com.br/ + Contact: [email protected] + Tested on: Windows 7 and Linux + Vulnerable File:...

Apple Safari libxslt File Create

Added: 10/24/2011 CVE: CVE-2011-1774 BID: 48840 OSVDB: 74017 Background Safari is a web browser for Mac OS X and Windows. Problem Safari versions prior to 5.0.6 use unsafe security settings when implementing libxslt. An attacker may leverage this weakness by creating a web page that references a...

Microsoft Rich Textbox ActiveX control SaveFile vulnerability

Added: 10/07/2008 CVE: CVE-2008-0237 BID: 27201 OSVDB: 40234 Background Microsoft Rich Textbox is an ActiveX control which comes with Visual Basic and allows creation of formatted text in RTF files. It is located in the Richtx32.ocx file. Problem The SaveFile method in the Rich Textbox ActiveX...

Cyrus IMAPD 2.3.2 - 'pop3d' Remote Buffer Overflow (2)

!/usr/bin/ruby cyrus-imapd pop3d exploit by bannedit 05/23/2006 This exploit takes advantage of a stack based overflow. Once the stack corruption has occured it is possible to overwrite a pointer which is later used for a memcpy this gives us a write anything anywhere condition similar to a forma...