integralis-hamburg.de Improper Access Control vulnerability OBB-3765570

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

File Sharing Wizard 1.5.0 Buffer Overflow

!/usr/bin/python http://www.sharing-file.net/ File Sharing Wizard Version 1.5.0 build on 26-8-2008 controlling EAX ESP points to our buffer buffer grows if we increase our string more details on http://www.s3cur1ty.de have fun m1k3 at m1k3 dot at import socket import sys if lensys.argv " sys.exit...

XSS and Content Injection in HTC Windows Mobile SMS Preview PopUp

No description provided by source. - Description Windows Mobile shows message previews if configured to do so. Due to missing input \ validation the contents of a sms is not properly sanitized and interpreted as it is. \ This can lead to content injection and xss. - Example Send a sms with the...

XSS and Content Injection in HTC Windows Mobile SMS Preview PopUp

------------------------------------------------------------------ XSS and Content Injection in HTC Windows Mobile SMS Preview PopUp Date: 22.04.2010 ------------------------------------------------------------------- - Description Windows Mobile shows message previews if configured to do so. Due...

OXID eShop Enterprise: Session Fixation and XSS Vulnerabilities

No description provided by source. bugtraq logo Bugtraq mailing list archives By Date By Thread OXID eShop Enterprise: Session Fixation and XSS Vulnerabilities From: michael.mueller integralis com Date: Tue, 30 Mar 2010 00:13:28 -0600 --------------------------------------------- OXID eShop...

OXID eShop Enterprise: Session Fixation and XSS Vulnerabilities

--------------------------------------------- OXID eShop Enterprise Edition - Session Fixation Vulnerability - Stored Cross Site Scripting Vulnerability Date: 30.03.2010 --------------------------------------------- - Description OXID eShop EE is a widespread and popular CMS for online shops. The...

OXID eShop Enterprise Edition Cross Site Scripting / Session Fixation

--------------------------------------------- OXID eShop Enterprise Edition - Session Fixation Vulnerability - Stored Cross Site Scripting Vulnerability Date: 30.03.2010 --------------------------------------------- - Description OXID eShop EE is a widespread and popular CMS for online shops. The...

Easy Enterprise DMS Cross Site Scripting / Unauthorized Access

------------------------------------------------ Multiple Vulnerabilities in EASY Enterprise DMS - Stored XSS - XSS - Content Injection / Phishing through Frames - Unauthorized access to files - Unauthorized manipulation of data Date: 25.03.2010 ------------------------------------------------ EA...