141 matches found
Joomla yt_color YOOOtheme XSS and Cookie Stealing
No description provided by source. andresg888 Exploit Title : Joomla ytcolor YOOOtheme xss, cookie stealing Date : 2009-12-04 Author : andresg888 Software Link : http://www.yootheme.com/ Contact : andresg8884tgmaildotcom Web: : www.ilegalintrusion.net & www.bl4ck-p0rtal.org Dork : No DoRk f0R...
Mandriva Linux Security Advisory : php (MDVSA-2008:126)
A number of vulnerabilities have been found and corrected in PHP : PHP 5.2.1 would allow context-dependent attackers to read portions of heap memory by executing certain scripts with a serialized data input string beginning with 'S:', which did not properly track the number of input bytes being...
Mandriva Update for php MDVSA-2008:127 (php)
Check for the Version of php OpenVAS Vulnerability Test Mandriva Update for php MDVSA-2008:127 php Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...
Mandriva Update for php MDVSA-2008:126 (php)
Check for the Version of php OpenVAS Vulnerability Test Mandriva Update for php MDVSA-2008:126 php Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...
Mandriva Update for php MDVSA-2008:126 (php)
Check for the Version of php OpenVAS Vulnerability Test Mandriva Update for php MDVSA-2008:126 php Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...
Mandriva Update for php MDVSA-2008:127 (php)
Check for the Version of php OpenVAS Vulnerability Test Mandriva Update for php MDVSA-2008:127 php Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...
CentOS Update for php CESA-2008:0544 centos3 x86_64
Check for the Version of php OpenVAS Vulnerability Test CentOS Update for php CESA-2008:0544 centos3 x8664 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under th...
social-sql.txt
HACKATTACK Advisory 2008-11-20Social Engine 2.7 CRLF Injection + SQL injection Details Product: Social Engine Security-Risk: moderate Remote-Exploit: yes Vendor-URL: http://www.socialengine.net/ Vendor-Status: informed Advisory-Status: published Credits Discovered by: David Vieira-Kurz of...
FlexCMS <= 2.5 Cross Site Scripting Vulnerability
---------------------------------------------------------------- Script : FlexCMS = 2.5 Type : Cross Site Scripting Vulnerability Alert : Low ---------------------------------------------------------------- Download From : http://www.flexcms.com/...
flexcms-xss.txt
---------------------------------------------------------------- Script : FlexCMS alertdocument.cookie Attacker can hijack admin cookie with this vulnerability .... Solution for patch : filter PreviousColorsString variable with htmlspecialchars function...
Xampp Linux 1.6.7 Multiple Cross Site Scripting Vulnerabilities
---------------------------------------------------------------- Program : Xampp Linux 1.6.7 Type : Multiple Cross Site Scripting Vulnerabilities Alert : Medium ---------------------------------------------------------------- Download From :...
xampp-xss.txt
---------------------------------------------------------------- Program : Xampp Linux 1.6.7 Type : Multiple Cross Site Scripting Vulnerabilities Alert : Medium ---------------------------------------------------------------- Download From :...
mjguest68-xss.txt
---------------------------------------------------------------- Script : MJGuest 6.8 GT Type : Cross Site Scripting Vulnerability Alert : Medium ---------------------------------------------------------------- Discovered by : Khashayar Fereidani Our Team : IRCRASH My Official Website :...
Ubuntu 6.06 LTS / 7.04 / 7.10 / 8.04 LTS : php5 vulnerabilities (USN-628-1)
It was discovered that PHP did not properly check the length of the string parameter to the fnmatch function. An attacker could cause a denial of service in the PHP interpreter if a script passed untrusted input to the fnmatch function. CVE-2007-4782 Maksymilian Arciemowicz discovered a flaw in t...
USN-628-1: PHP vulnerabilities
It was discovered that PHP did not properly check the length of the string parameter to the fnmatch function. An attacker could cause a denial of service in the PHP interpreter if a script passed untrusted input to the fnmatch function. CVE-2007-4782 Maksymilian Arciemowicz discovered a flaw in t...
php htmlentities/htmlspecialchars multibyte sequences
The 1 htmlentities and 2 htmlspecialchars functions in PHP before 5.2.5 accept partial multibyte sequences, which has unknown impact and attack vectors, a different issue than CVE-2006-5465...
maranphp-xss.txt
---------------------------------------------------------------- Script : Maran PHP Blog Type : XSS Pasive Method : GET Alert : Medium ---------------------------------------------------------------- Discovered by : Khashayar Fereidani a.k.a. Dr.Crash My Offical Website : HTTP://FEREIDANI.IR...
php htmlentities/htmlspecialchars multibyte sequences
The 1 htmlentities and 2 htmlspecialchars functions in PHP before 5.2.5 accept partial multibyte sequences, which has unknown impact and attack vectors, a different issue than CVE-2006-5465...
php htmlentities/htmlspecialchars multibyte sequences
The 1 htmlentities and 2 htmlspecialchars functions in PHP before 5.2.5 accept partial multibyte sequences, which has unknown impact and attack vectors, a different issue than CVE-2006-5465...
php htmlentities/htmlspecialchars multibyte sequences
The 1 htmlentities and 2 htmlspecialchars functions in PHP before 5.2.5 accept partial multibyte sequences, which has unknown impact and attack vectors, a different issue than CVE-2006-5465...