10 matches found
[SECURITY] [DLA 3062-1] ublock-origin security update
Debian LTS Advisory DLA-3062-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany June 29, 2022 https://wiki.debian.org/LTS Package : ublock-origin Version : 1.42.0+dfsg-1deb9u1 CVE ID : CVE-2021-36773 Debian Bug : 991386 uBlock, a Firefox add-on and efficient ads,...
UBUNTU-CVE-2015-7187
The Add-on SDK in Mozilla Firefox before 42.0 misinterprets a "script: false" panel setting, which makes it easier for remote attackers to conduct cross-site scripting XSS attacks via inline JavaScript code that is executed within a third-party extension...
Rash CMS SQL Injection Vulnerability
No description provided by source. ========================================== Rash CMS SQL Injection Vulnerability ========================================== InformatioN Title : Rash CMS SQL Injection Vulnerability Author : keracker Vendor or Software Link : http://rashcms.com Email :...
phpMyAdmin preg_replace()远程PHP代码执行
BUGTRAQ ID: 59460 CVECAN ID: CVE-2013-3238 phpmyadmin是MySQL数据库的在线管理工具,主要功能包括在线创建数据表、运行SQL语句、搜索查询数据以及导入导出数据等。 phpMyAdmin 3.5.8、4.0.0-rc2及其他版本的pregreplace函数可被利用在服务器端执行任意PHP代码,攻击者用特制参数作为常规表达式,在此表达式内包含空字节,当phpMyAdmin使用"Replace table prefix"功能时,会错误地过滤传递到pregreplace的特制参数。导致在Web服务器上下文中执行任意PHP代码。 0...
Bypass SOPA (Stop Online Piracy Act) DNS Blocking with DeSopa 1.1
Bypass SOPA Stop Online Piracy Act DNS Blocking with DeSopa 1.1 A developer who calls himself T Rizk doesn't have much faith in Congress making the right decision on anti-piracy legislation, so he's built a work around for the impending censorship measures being considered DeSOPA. The Firefox...
IPfucK -- A Proxy tool for Firefox -- New Version
Having your IP address considered as private from a legal point of view, it is always interesting to increase your on-line privacy. Not only to hide your illegal activity indeed for most politicians and anti-fraud organizations, behind each surfers lives, but to just keep your personal informatio...
New Firefox add-on "Firesheep" - hijacks Facebook, Twitter sessions
A new Firefox add-on called "Firesheep," developed by Seattle-based freelance Web application developer Eric Butler, enables almost anyone to scan a Wi-Fi network and hijack others' access to popular services like Facebook, Twitter, and others. Butler unveiled Firesheep at the ToorCon security...
Mozilla Apologizes for Blaming Malware on Developers
Mozilla acknowledged that it had falsely accused a developer of infecting a Firefox add-on with attack code. The admission came a week after Mozilla announced that a pair of add-ons, Sothink Web Video Downloader 4.0 and Master Filer, had slipped through its security check-in. Read the full articl...
Firefox Add-on Spies on Google Search Results
Security researchers have intercepted a fake Flash Player update creating a Firefox add-on that spies on the user’s Google search results. The malicious Firefox extension, called “Adobe Flash Player 0.2,” injects ads into the user’s Google search results pages and even has the capability to monit...
MouseoverDictionary vulnerable to arbitrary script execution
Overview MouseoverDictionary, an add-on for Mozilla Firefox, contains a vulnerability that allows an attacker to execute an arbitrary script. MouseoverDictionary, an add-on mouseover English-Japanese dictionary for Mozilla Firefox, contains a vulnerability that allows an attacker to execute an...