Firebug Cross Context Scripting

http://www.80vul.com/firefox/Firebug%20Firefox%20Extension%20Cross%20Context%20Scripting%20Vulnerability.htm Firebug Firefox Extension Cross Context Scripting Vulnerability Author: www.80vul.com Email:5up3rh3igmail.com 2011/06/18 - Public Disclosure Description 80vul.com discovered firebug that a...

DiscuzX1.5 门户管理权限SQL注入漏洞

source\include\portalcp\portalcparticle.php //90行 if$G''gpconver'' $converfiles = unserializestripcslashes$G''gpconver''; $setarr''pic'' = $converfiles''pic''; $setarr''thumb'' = $converfiles''thumb''; $setarr''remote'' = $converfiles''remote''; 可以看出变量 $converfiles 没有 addcslashes。 $aid =...

DiscuzX1.5 门户管理权限SQL注入漏洞

简要描述： DiscuzX1.5 门户管理权限SQL注入漏洞 详细说明： DiscuzX1.5 门户管理权限SQL注入漏洞 详细说明： source\include\portalcp\portalcparticle.php //90行 if$G'gpconver' $converfiles = unserializestripcslashes$G'gpconver'; $setarr'pic' = $converfiles'pic'; $setarr'thumb' = $converfiles'thumb'; $setarr'remote' = $converfiles'remote';...

CentOS Update for firefox CESA-2010:0966 centos4 i386

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

CentOS 4 : firefox (CESA-2010:0966)

Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

firefox security update

CentOS Errata and Security Advisory CESA-2010:0966 Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System...

SA-CONTRIB-2010-110 - Drupal For Firebug - Cross-site Request Forgery

The Drupal For Firebug module allows developers to use Firebug to get debugging information about their Drupal installation. The module does not properly protect the form used to submit PHP code against Cross-site Request Forgeries CSRF, allowing a malicious user to trick an authorized user into...

CVE-2010-3773

Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, when the XMLHttpRequestSpy module in the Firebug add-on is used, does not properly handle interaction between the XMLHttpRequestSpy object and chrome privileged objects, which allows remote attackers to execute...

Design/Logic Flaw

Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, when the XMLHttpRequestSpy module in the Firebug add-on is used, does not properly handle interaction between the XMLHttpRequestSpy object and chrome privileged objects, which allows remote attackers to execute...

CVE-2010-3773

CVE-2010-3773 affects Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11. The flaw involves the XMLHttpRequestSpy module in the Firebug add-on mishandling interaction between the XMLHttpRequestSpy object and chrome privileged objects, allowing remote attackers to e...

CVE-2010-3773

Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, when the XMLHttpRequestSpy module in the Firebug add-on is used, does not properly handle interaction between the XMLHttpRequestSpy object and chrome privileged objects, which allows remote attackers to execute...

Mozilla incomplete fix for CVE-2010-0179 (MFSA 2010-82)

Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, when the XMLHttpRequestSpy module in the Firebug add-on is used, does not properly handle interaction between the XMLHttpRequestSpy object and chrome privileged objects, which allows remote attackers to execute...

CVE-2010-3773

Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, when the XMLHttpRequestSpy module in the Firebug add-on is used, does not properly handle interaction between the XMLHttpRequestSpy object and chrome privileged objects, which allows remote attackers to execute...

Joomla Component Mosets Tree 2.1.5 Shell Upload Vulnerability

No description provided by source. Exploit Title: Joomla Component Mosets Tree 2.1.5 Shell Upload Vulnerability Date: 6 September 2010 Author: jdc Software Link: http://www.mosets.com/tree/ Version: 2.1.5 Patched: 2.1.6 Tested on: PHP5, MySQL5 Mosets Tree suffers from a shell upload vulnerabilty...

Joomla Component Mosets Tree 2.1.5 Shell Upload Vulnerability

Exploit for php platform in category web applications ============================================================= Joomla Component Mosets Tree 2.1.5 Shell Upload Vulnerability ============================================================= Exploit Title: Joomla Component Mosets Tree 2.1.5 Shell...

Joomla! Component com_mtree 2.1.5 - Arbitrary File Upload

Joomla! Component commtree 2.1.5 - Arbitrary File Upload Exploit Title: Joomla Component Mosets Tree 2.1.5 Shell Upload Vulnerability Date: 6 September 2010 Author: jdc Software Link: http://www.mosets.com/tree/ Version: 2.1.5 Patched: 2.1.6 Tested on: PHP5, MySQL5 Mosets Tree suffers from a shel...

Ubuntu: Security Advisory (USN-921-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Update : mozilla-xulrunner190 (mozilla-xulrunner190-2261)

This patch updates Mozilla XULRunner 3.0 engine the 1.9.0.19 release. It includes also following security fixes: MFSA 2010-16: Mozilla developers identified and fixed several stability bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these crashes showed eviden...

openSUSE Security Update : MozillaFirefox (openSUSE-SU-2010:0102-3)

This patch updates Mozilla Firefox to the 3.5.9 release. It includes the following security fixes: MFSA 2010-16: Mozilla developers identified and fixed several stability bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these crashes showed evidence of memory...

Mozilla Products Firebug Code Execution Vulnerability (Windows)

The host is installed with Mozilla Firefox/Seamonkey and is prone to code execution vulnerability OpenVAS Vulnerability Test $Id: gbmozillaprdtsfirebugcodeexecvulnwin.nasl 6444 2017-06-27 11:24:02Z santu $ Mozilla Products Firebug Code Execution Vulnerability Windows Authors: Madhuri D Copyright:...