Уязвимости в теме The Gazette Edition для WordPress

Здравствуйте 3APA3A! Сообщаю вам о найденных мною Cross-Site Scripting, Full path disclosure, Abuse of Functionality и Denial of Service уязвимостях в теме The Gazette Edition для WordPress. Это коммерческий шаблон для WP. XSS WASC-08:...

Live Wire 2.0 For WordPress Cross Site Scripting / Denial Of Service

Hello list! I want to warn you about Cross-Site Scripting, Full path disclosure, Abuse of Functionality and Denial of Service vulnerabilities in Live Wire 2.0 and Live Wire Style themes for WordPress. These are another two themes which are a part of Live Wire series together with Live Wire Editio...

The Gazette Edition Cross Site Scripting

Hello list! I want to warn you about Cross-Site Scripting, Full path disclosure, Abuse of Functionality and Denial of Service vulnerabilities in The Gazette Edition theme for WordPress. It's commercial theme for WP by WooThemes. ------------------------- Affected products: -----------------------...

Уязвимости в теме Live Wire Edition для WordPress

Здравствуйте 3APA3A! Сообщаю вам о найденных мною Cross-Site Scripting, Full path disclosure, Abuse of Functionality и Denial of Service уязвимостях в теме Live Wire Edition для WordPress. Это коммерческий шаблон для WP. XSS WASC-08:...

Important: Red Hat Security Advisory: kernel security and bug fix update

Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...

Live Wire 2.3.1 XSS / Disclosure / Denial Of Service

Hello list! I want to warn you about Cross-Site Scripting, Full path disclosure, Abuse of Functionality and Denial of Service vulnerabilities in Live Wire Edition theme for WordPress. It's commercial theme for WP by WooThemes. ------------------------- Affected products: -------------------------...

Fedora 14 : wordpress-3.1-1.fc14 (2011-3746)

In order to protect against two CVEs, I'm upgrading Wordpress in all releases to 3.1. In addition, this will obsolete wordpress-mu, since this functionality has been migrated to the main wordpress release as of wordpress 3.0, and wordpress-mu has been deprecated upstream. I would not normally mak...

Searching within restricted pages/spaces

panel:bgColor=e7f4fa NOTE: This suggestion is for Confluence Cloud. Using Confluence Server? See the corresponding suggestion|http://jira.atlassian.com/browse/CONFSERVER-22074. panel This is the issue reference:...

MC Content Manager 10.1.1 Cross Site Scripting

Hello list! I want to warn you about Cross-Site Scripting, Abuse of Functionality and Insufficient Anti-automation vulnerabilities in MC Content Manager. It's Ukrainian commercial CMS. ------------------------- Affected products: ------------------------- Vulnerable are potentially all versions o...

XSS, AoF и IAA уязвимости в MC Content Manager

Здравствуйте 3APA3A! Сообщаю вам о найденных мною Cross-Site Scripting уязвимостях в системе MC Content Manager. Это украинская коммерческая CMS. XSS WASC-08: Уязвимости на страницах регистрации и восстановления пароля. http://websecurity.com.ua/uploads/2011/MC20Content20Manager20XSS.html...

(0Day) IBM Lotus Domino Server Controller Authentication Bypass Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Lotus Domino Server Controller. Authentication is not required to exploit this vulnerability. The flaw exists within the remote console functionality which listens by default on TCP port 2050. When...

Unfixed XSS vulnerability at www.southsoundchristian.org

Security researcher P0W3RFU7, has submitted on 14/03/2011 a cross-site-scripting XSS vulnerability affecting www.southsoundchristian.org, which at the time of submission ranked 3792048 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 09/12/2011...

CVE-2011-0167

The windows functionality in WebKit in Apple Safari before 5.0.4 allows remote attackers to bypass the Same Origin Policy, and force the upload of arbitrary local files from a client computer, via a crafted web site...

CVE-2011-1198

The video functionality in Google Chrome before 10.0.648.127 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger use of a malformed "out-of-bounds structure."...

CVE-2011-1198

The video functionality in Google Chrome before 10.0.648.127 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger use of a malformed "out-of-bounds structure."...

Out-of-bounds

The video functionality in Google Chrome before 10.0.648.127 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger use of a malformed "out-of-bounds structure."...

CVE-2011-1198

Removed by vendor...

CVE-2011-1198

The video functionality in Google Chrome before 10.0.648.127 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger use of a malformed "out-of-bounds structure."...

CVE-2011-1198

The CVE-2011-1198 entry concerns Google Chrome’s video functionality prior to version 10.0.648.127. The vulnerability arises from a malformed out-of-bounds structure which can be triggered by unspecified vectors, leading to a denial-of-service and possibly other unspecified impacts. The provided ...

Citrix Licensing Administration Console Security Bypass And Denial Of Service Vulnerabilities

This host is installed with Citrix Licensing Administration Console and is prone to security bypass and denial of service vulnerabilities. OpenVAS Vulnerability Test $Id: gbcitrixlicensingadminconsolemultvuln.nasl 7019 2017-08-29 11:51:27Z teissa $ Citrix Licensing Administration Console Security...