Kayako ESupport 2.3 Index.PHP Multiple Parameter Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/12868/info Kayako ESupport is prone to a cross-site scripting vulnerability. Multiple parameters of the 'index.php' script can be exploited to pass malicious HTML and script code to the application. This would occur in th...

Mtp-Target Server 1.2.2 Memory Corruption Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13463/info The Mtp-Target server is prone to a memory corruption vulnerability. The issue exists because a comparison fails to ensure that an integer value parameter retrieved from a client is signed. A check is made to...

Apple Motion Integer Overflow Vulnerability

Apple Motion Integer Overflow Vulnerability =========================================== Vendor: Apple http://www.apple.com Software: Motion 5.0.7 Testcase verified on: OS X 10.8 Credit: Jean Pascal Pereira [email protected] DESCRIPTION =========== An integer overflow vulnerability has been...

Apple Motion 5.0.7 Integer Overflow Vulnerability

An integer overflow vulnerability has been identified in Apple Motion. The issue has been verified for Motion 5.0.7 current release. Prior versions may also be affected. An attacker has the possibility to provide a crafted .motn file containing a viewer element with a subview attribute. If the...

Barracuda Bug Bounty #9 CT - Cross Site Vulnerabilities

Document Title: =============== Barracuda Bug Bounty 9 CT - Cross Site Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=577 Barracuda Networks Security ID: BNSEC-305 Release Date: ============= 2013-05-09 Vulnerability Laboratory ID VL-ID:...

Oracle Outside In Excel File TxO Parsing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of products utilizing Oracle's Outside In Technology. User interaction is required to exploit this vulnerability in that the target must open a malicious file. The specific flaw exists within the...

WordPress Comment Rating Cross Site Scripting / SQL Injection

Exploit Title: Wordpress comment rating plugin multiple Vulnerabilities Google Dork: 1- inurl:"/wp-content/plugins/comment-rating/" 2- inurl:"/ck-processkarma.php?id=" Date: 2/1/2012 Author: The Evil Thinker Contact : [email protected] Software Link: www.wordpress.com Vulnerable plugin: Comme...

Apple QuickTime m1s Parsing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the quicktime.qtx. When...

KDE Konqueror Select Object Denial of Service Vulnerability

This host is installed with KDE Konqueror and is prone to Denial of Service Vulnerability. OpenVAS Vulnerability Test $Id: secpodkdekonquerorselectdosvuln.nasl 5055 2017-01-20 14:08:39Z teissa $ KDE Konqueror Select Object Denial of Service Vulnerability Authors: Nikita MR Copyright c 2009 SecPod...

Authentication flaw

index.php in Desi Short URL Script 1.0 allows remote attackers to bypass authentication by setting the logged cookie to 1 and the uid cookie to an integer value, as demonstrated by a value of 13...

CVE-2009-2535

Mozilla Firefox before 2.0.0.19 and 3.x before 3.0.5, SeaMonkey, and Thunderbird allow remote attackers to cause a denial of service memory consumption and application crash via a large integer value for the length property of a Select object, a related issue to CVE-2009-1692...

Authentication flaw

Whole Hog Ware Support 1.x allows remote attackers to bypass authentication and obtain administrative access via an integer value in the adminid cookie...

Authentication flaw

Whole Hog Password Protect: Enhanced 1.x allows remote attackers to bypass authentication and obtain administrative access via an integer value in the adminid cookie...

CVE-2008-5396

Array index error in the 1 torisa.c and 2 dahdi/tor2.c drivers in Zaptel aka DAHDI 1.4.11 and earlier allows local users in the dialout group to overwrite an integer value in kernel memory by writing to /dev/zap/ctl, related to missing validation of the sync field associated with the ZTSPANCONFIG...

Design/Logic Flaw

Array index error in the 1 torisa.c and 2 dahdi/tor2.c drivers in Zaptel aka DAHDI 1.4.11 and earlier allows local users in the dialout group to overwrite an integer value in kernel memory by writing to /dev/zap/ctl, related to missing validation of the sync field associated with the ZTSPANCONFIG...

CVE-2008-5396

Array index error in the 1 torisa.c and 2 dahdi/tor2.c drivers in Zaptel aka DAHDI 1.4.11 and earlier allows local users in the dialout group to overwrite an integer value in kernel memory by writing to /dev/zap/ctl, related to missing validation of the sync field associated with the ZTSPANCONFIG...

Design/Logic Flaw

A certain ActiveX control in the Microsoft Internet Authentication Service IAS Helper COM Component in iashlpr.dll allows remote attackers to cause a denial of service browser crash via a large integer value in the first argument to the PutProperty method. NOTE: this issue was disclosed by an...

CVE-2008-4299

A certain ActiveX control in the Microsoft Internet Authentication Service IAS Helper COM Component in iashlpr.dll allows remote attackers to cause a denial of service browser crash via a large integer value in the first argument to the PutProperty method. NOTE: this issue was disclosed by an...

CVE-2008-1979

The Discovery Service casdscvc in CA ARCserve Backup 12.0.5454.0 and earlier allows remote attackers to cause a denial of service crash via a packet with a large integer value used in an increment to TCP port 41523, which triggers a buffer over-read...

CVE-2008-1302

The Perforce service p4s.exe in Perforce Server 2007.3/143793 and earlier allows remote attackers to cause a denial of service daemon crash via a 1 server-DiffFile or 2 server-ReleaseFile command with a large integer value, which is used in an array initialization calculation, and leads to invali...