8132 matches found
CVE-2014-1727
Use-after-free vulnerability in content/renderer/rendererwebcolorchooserimpl.h in Google Chrome before 34.0.1847.116 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to forms...
Design/Logic Flaw
Use-after-free vulnerability in content/renderer/rendererwebcolorchooserimpl.h in Google Chrome before 34.0.1847.116 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to forms...
CVE-2014-1727
Use-after-free vulnerability in content/renderer/rendererwebcolorchooserimpl.h in Google Chrome before 34.0.1847.116 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to forms...
CVE-2014-1727
Removed by vendor...
CVE-2014-1727
Use-after-free vulnerability in content/renderer/rendererwebcolorchooserimpl.h in Google Chrome before 34.0.1847.116 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to forms...
Oracle Forms and Reports 代码执行漏洞
No description provided by source...
Kloxo 6.1.18 Stable - Cross-Site Request Forgery
Exploit Title :Kloxo 6.1.18 Stable CSRF Vulnerability Vendor Homepage :http://lxcenter.org/software/kloxo Version :6.1.18 Exploit Author :Necmettin COSKUN =@babayarisi Blog :http://www.ncoskun.com http://www.grisapka.org Discovery date :03/12/2014 CVE :N/A Kloxo formerly known as Lxadmin is a fre...
Kloxo-MR 6.5.0 - Cross-Site Request Forgery
Kloxo-MR 6.5.0 - Cross-Site Request Forgery Exploit Title :Kloxo-MR 6.5.0 CSRF Vulnerability Vendor Homepage :https://github.com/mustafaramadhan/kloxo/tree/dev Version :Kloxo-MR 6.5.0.f-2014020301 Tested on :Centos 6.4 Exploit Author :Necmettin COSKUN =@babayarisi Blog :http://www.ncoskun.com...
IBM Forms Viewer XFDL Form Processing Stack Buffer Overflow - Ver2 (CVE-2013-5447)
A buffer overflow vulnerability has been reported in IBM Forms Viewer. The vulnerability is due to an error when processing XFDL forms and can be exploited to cause a stack-based buffer overflow. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Domain Technologie Control DTC before 0.34.1 allow remote authenticated users to inject arbitrary web script or HTML via the 1 message body of a support ticket or unspecified vectors to the 2 DNS and 3 MX form, as demonstrated by the "Domain ro...
GNU Emacs: Multiple vulnerabilities
Background GNU Emacs is a highly extensible and customizable text editor. Description Multiple vulnerabilities have been discovered in GNU Emacs: When ‘global-ede-mode’ is enabled, EDE in Emacs automatically loads a Project.ede file from the project directory CVE-2012-0035. When...
CVE-2013-4193
typeswidget.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 does not properly enforce the immutable setting on unspecified content edit forms, which allows remote attackers to hide fields on the forms via a crafted URL...
PYSEC-2014-57
typeswidget.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 does not properly enforce the immutable setting on unspecified content edit forms, which allows remote attackers to hide fields on the forms via a crafted URL...
PYSEC-2014-57
typeswidget.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 does not properly enforce the immutable setting on unspecified content edit forms, which allows remote attackers to hide fields on the forms via a crafted URL...
CVE-2013-4193
typeswidget.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 does not properly enforce the immutable setting on unspecified content edit forms, which allows remote attackers to hide fields on the forms via a crafted URL...
CVE-2014-2236
Multiple cross-site scripting XSS vulnerabilities in Askbot before 0.7.49 allow remote attackers to inject arbitrary web script or HTML via vectors related to the 1 tag or 2 user search forms...
[Havij 1.17] Automated and Advanced SQL Injection
Havij is an automated SQL Injection tool that helps penetration testers to find and exploit SQL Injection vulnerabilities on a web page. It can take advantage of a vulnerable web application. By using this software, user can perform back-end database fingerprinting, retrieve DBMS login names and...
Oracle Forms and Reports - Remote Code Execution (Metasploit)
This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'uri' class Metasploit3 'Oracle Forms and Reports Remote Code Execution', 'Description' = %q This module uses two vulnerabilities in Oracle form...
Oracle Forms / Reports Remote Code Execution Exploit
This Metasploit module uses two vulnerabilities in Oracle forms and reports to get remote code execution on the host. The showenv url can be used to disclose information about a server. A second vulnerability that allows arbitrary reading and writing to the host filesystem can then be used to wri...
IBM Forms Viewer XFDL Form Processing Stack Buffer Overflow (CVE-2013-5447)
A stack buffer overflow vulnerability exists in IBM Forms Viewer. The vulnerability is due to an error when processing XFDL forms and can be exploited to cause a stack-based buffer overflow. A remote attacker can exploit this vulnerability by enticing a user to download and process a specially...