WordPress MM Forms Community plugin <= 1.2.3 SQL Injection Vulnerability

No description provided by source. Exploit Title: WordPress MM Forms Community plugin = 1.2.3 SQL Injection Vulnerability Date: 2011-08-26 Author: Miroslav Stampar miroslav.stamparatgmail.com @stamparm Software Link: http://downloads.wordpress.org/plugin/mm-forms-community.zip Version: 1.2.3 test...

WordPress Plugin MM Forms Community 1.2.3 - SQL Injection

Exploit Title: WordPress MM Forms Community plugin 1,BENCHMARK5000000,MD5CHAR115,113,108,109,97,112,0--%20 --------------- Vulnerable code --------------- foreach $REQUEST as $key = $value $SQL="UPDATE wpcontactformsubmitdata SET value=".quoteString$value." WHERE fkformjoinerid='".$REQUEST'ID'."'...

WordPress MM Forms Community 1.2.3 SQL Injection

Exploit Title: WordPress MM Forms Community plugin 1,BENCHMARK5000000,MD5CHAR115,113,108,109,97,112,0--%20 --------------- Vulnerable code --------------- foreach $REQUEST as $key = $value $SQL="UPDATE wpcontactformsubmitdata SET value=".quoteString$value." WHERE fkformjoinerid='".$REQUEST'ID'."'...

WordPress MM Forms Community Plugin <= 1.2.3 - SQL Injection

MM Forms Community plugin is prone to an SQL injection. This vulnerability allows an attacker to modify data, alter queries to the application SQL database, compromise the access and application or exploit hidden vulnerabilities in the underlying database. Solution Upgrade the plugin...

WordPress MM Forms Community plugin <= 1.2.3 SQL Injection

Exploit for php platform in category web applications Exploit Title: WordPress MM Forms Community plugin 1,BENCHMARK5000000,MD5CHAR115,113,108,109,97,112,0--%20 --------------- Vulnerable code --------------- foreach $REQUEST as $key = $value $SQL="UPDATE wpcontactformsubmitdata SET...

Mambo 4.6.5 CSRF Vuln (Change Admin Password)

Exploit for php platform in category web applications ===================================================================== . . . . | | ||/ | || | / / \ / /\ | | / | \ \ | |/ | \ / | || | // | / // | \ /\ | /|//|||| |\ | / /|| / Exploit-ID is the Exploit Information Disclosure Web :...

WordPress MM Forms Community File Upload

. . . . | | | / || \ \ | / | | / \ / | / \ / \ / \ / /| |\ \ / \ / \ / / \ / | / \ \ \ | || | / // | | | \ / \ \ | | / | | \ \ / // | \ / | | / |||| /\ | / || / \ / || /|| / \ / / \ | \ || / / / / / / / / / /...

CVE-2011-2547

The web-based management interface on Cisco SA 500 series security appliances with software before 2.1.19 allows remote authenticated users to execute arbitrary commands via crafted parameters to web forms, aka Bug ID CSCtq65681...

Apple Safari 'AutoFill web forms'功能信息泄露漏洞

Bugtraq ID: 48839 CVE ID：CVE-2011-0217 Apple Safari是一款流行的WEB浏览器。 Safari浏览器的"AutoFill web forms"功能可填充不可见表单字段，在用户提交表单之前站上的脚本可访问这些信息。 Apple Safari 5.0.5 for Windows Apple Safari 5.0.5 Apple Safari 5.0.4 for Windows Apple Safari 5.0.4 Apple Safari 5.0.3 for Windows Apple Safari 5.0.3 Apple Safari 5.0...

OmniSecure v7.x DLX - Multiple SQL Injection Vulnerabilities

Document Title: =============== OmniSecure v7.x DLX - Multiple SQL Injection Vulnerabilities Release Date: ============= 2011-07-15 Vulnerability Laboratory ID VL-ID: ==================================== 101 Product & Service Introduction: =============================== One Click Folder Protecti...

OmniSecure v7.x DLX - Multiple SQL Injection Vulnerabilities

Document Title: =============== OmniSecure v7.x DLX - Multiple SQL Injection Vulnerabilities Release Date: ============= 2011-07-15 Vulnerability Laboratory ID VL-ID: ==================================== 101 Product & Service Introduction: =============================== One Click Folder Protecti...

SA-CONTRIB-2011-023 - Prepopulate - Multiple vulnerabilities

The Prepopulate module enables pre-populating forms in Drupal using the $REQUEST vairable. The module does not adequately validate user input leading to an cross-site scripting XSS possibility in certain circumstances. Users privileged to use forms with certain form fields can insert arbitrary HT...

Google Chrome < 11.0.696.57 Multiple Vulnerabilities (May 2011) - Windows

Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2011-0067

CVE-2011-0067 affects Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey before 2.0.14. It stems from improper autocompletion for forms, allowing a Java applet to spoof interaction with autocomplete controls to read form history entries. Mitigation in the connected documents sho...

CVE-2011-1456

Google Chrome before 11.0.696.57 does not properly handle PDF forms, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "stale pointers."...

Design/Logic Flaw

Google Chrome before 11.0.696.57 does not properly handle PDF forms, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "stale pointers."...

CVE-2011-1456

CVE-2011-1456 affects Google Chrome earlier than 11.0.696.57. The vulnerability arises from Chrome’s handling of PDF forms, allowing remote attackers to cause a denial of service or potentially other unspecified impact via vectors that lead to “stale pointers.” Exploitation details are not provid...

CVE-2011-1456

Removed by vendor...

CVE-2011-1456

Google Chrome before 11.0.696.57 does not properly handle PDF forms, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "stale pointers."...

CVE-2010-3260

oxf/xml/xerces/XercesSAXParserFactoryImpl.java in the xforms-server component in the XForms service in Orbeon Forms before 3.9 does not properly restrict DTDs in Ajax requests, which allows remote attackers to read arbitrary files or send HTTP requests to intranet servers via an entity declaratio...