EUVD-2015-8633

Malware in sbrugna...

Open Redirect

Overview typo3/cms is a free open source Content Management Framework. Affected versions of this package are vulnerable to Open Redirect via unspecified vectors. An attacker can embed Flash videos from external domains by exploiting the Flvplayer component. Remediation Upgrade typo3/cms to versio...

idub.csb.gov.tr XSS vulnerability

Vulnerable URL: http://idub.csb.gov.tr/flvplayer/player.swf?tracecall=promptopenbugbounty Details: Description| Value ---|--- Patched:| No Latest check for patch:| 30.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website status...

TYPO3 Flvplayer Component Flash Embedding Vulnerability

TYPO3 is a free and open source content management system. flvplayer is one of the video player components. A security vulnerability exists in the Flvplayer component of TYPO3, which allows remote attackers to exploit the vulnerability to embed Flash videos from an external domain...

CVE-2015-8760

The Flvplayer component in TYPO3 6.2.x before 6.2.16 allows remote attackers to embed Flash videos from external domains via unspecified vectors, aka "Cross-Site Flashing."...

CVE-2015-8760

The Flvplayer component in TYPO3 6.2.x before 6.2.16 allows remote attackers to embed Flash videos from external domains via unspecified vectors, aka "Cross-Site Flashing."...

Cross site scripting

The Flvplayer component in TYPO3 6.2.x before 6.2.16 allows remote attackers to embed Flash videos from external domains via unspecified vectors, aka "Cross-Site Flashing."...

CVE-2015-8760

The Flvplayer component in TYPO3 6.2.x before 6.2.16 allows remote attackers to embed Flash videos from external domains via unspecified vectors, aka "Cross-Site Flashing."...

CVE-2015-8760

The CVE-2015-8760 issue affects TYPO3 6.2.x prior to 6.2.16, where the Flvplayer component can cause Cross-Site Flashing by embedding Flash videos from external domains via unspecified vectors. This vulnerability can allow remote attackers to load external media, with the impact described as pote...

TYPO3 is susceptible to Cross-Site Flashing

It has been discovered, that TYPO3 is susceptible to Cross-Site Flashing Component Type: TYPO3 CMS Release Date: December 15, 2015 Vulnerable subcomponent: Flvplayer Vulnerability Type: Affected Versions: Versions 6.2.0 to 6.2.15 Severity: Medium Suggested CVSS v2.0:...

Joomla HD FLV 2.1.0.1 SQL Injection

!/usr/bin/python Exploit Title : Joomla HD FLV 2.1.0.1 and below SQL Injection Exploit Author : Claudio Viviani Vendor Homepage : http://www.hdflvplayer.net/ Software Link : http://www.hdflvplayer.net/downloadcount.php?pid=5 Dork google 1: inurl:/component/hdflvplayer/ Dork google 2:...

CS, XSS and FPD vulnerabilities in MCImageManager for TinyMCE

Hello 3APA3A! I want to warn you about vulnerabilities in Moxiecode Image Manager MCImageManager. This is commercial plugin for TinyMCE. It concerns as MCImageManager, as all web applications which have MCImageManager in their bundle. These are Content Spoofing, Cross-Site Scripting and Full Path...

Vulnerabilities in multiple plugins for WordPress with GDD FLVPlayer

Hello 3APA3A! These are Content Spoofing and Cross-Site Scripting vulnerabilities in multiple web applications with GDD FLVPlayer. Earlier I wrote about vulnerabilities in GDD FLVPlayer http://seclists.org/fulldisclosure/2013/Aug/247. This is video and audio player, which is used at thousands web...

CS and XSS vulnerabilities in GDD FLVPlayer

Hello 3APA3A! These are Content Spoofing and Cross-Site Scripting vulnerabilities in GDD FLVPlayer. ------------------------- Affected products: ------------------------- Vulnerable are GDD FLVPlayer v3.635 and previous versions. ------------------------- Affected vendors: -----------------------...

Vulnerabilities in multiple web applications with GDD FLVPlayer

Hello 3APA3A! These are Content Spoofing and Cross-Site Scripting vulnerabilities in multiple web applications with GDD FLVPlayer. Earlier I've wrote about vulnerabilities in GDD FLVPlayer http://seclists.org/fulldisclosure/2013/Aug/247. This is video and audio player, which is used at thousands...

GDD FLVPlayer 3.635 Cross Site Scripting / Content Spoofing

Hello list! These are Content Spoofing and Cross-Site Scripting vulnerabilities in GDD FLVPlayer. ------------------------- Affected products: ------------------------- Vulnerable are GDD FLVPlayer v3.635 and previous versions. ------------------------- Affected vendors: -------------------------...

Moxiecode Image Manager 3.1.5 XSS / Content Spoofing / Disclosure

Hello list! I want to warn you about vulnerabilities in Moxiecode Image Manager MCImageManager. This is commercial plugin for TinyMCE. It concerns as MCImageManager, as all web applications which have MCImageManager in their bundle. These are Content Spoofing, Cross-Site Scripting and Full Path...

WordPress I Love It XSS / Content Spoofing / Path Disclosure

Hello list! These are Cross-Site Scripting, Content Spoofing and Full path disclosure vulnerabilities in I Love It theme for WordPress. This is commercial premium theme. ------------------------- Affected products: ------------------------- All versions of I Love It theme for WordPress. The theme...

TinyMCE / flvPlayer Cross Site Scripting / Disclosure

No description provided by source. I want to warn you about multiple vulnerabilities in TinyMCE and flvPlayer and hundreds of web applications and tens millions of web sites. These are Full path disclosure, Content Spoofing and Cross-Site Scripting vulnerabilities in TinyMCE CS and XSS are in...

Multiple vulnerabilities in TinyMCE and flvPlayer and hundreds of web applications

Hello 3APA3A! I want to warn you about multiple vulnerabilities in TinyMCE and flvPlayer and hundreds of web applications and tens millions of web sites. These are Full path disclosure, Content Spoofing and Cross-Site Scripting vulnerabilities in TinyMCE CS and XSS are in flvPlayer, which is...