Fedora Core 11 FEDORA-2009-10329 (python-markdown2)

The remote host is missing an update to python-markdown2 announced via advisory FEDORA-2009-10329. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyrig...

Fedora 11 : python-markdown2-1.0.1.15-1.fc11 (2009-10329)

Update from 1.0.1.11 to 1.0.1.15, which fixes some issues, including these two security-related bugs: - Issue 30 Fix a possible XSS via JavaScript injection in a carefully crafted image reference usage of double-quotes in the URL. - Issue 29 Fix security hole in the md5-hashing scheme for handlin...

Palm Pre WebOS <=1.1 Remote File Access Vulnerability

I. Description The Palm Pre WebOS =1.1 suffers from a JavaScript injection attack that allows a malicious attacker to access any file on the mobile device. Palm has patched this vulnerability and all users are recommended to upgrade to WebOS version 1.2+. Palm WebOS 1.2 patch information can be...

Palm Pre WebOS <=1.1 Remote File Access Vulnerability

No description provided by source. I. Description The Palm Pre WebOS =1.1 suffers from a JavaScript injection attack that allows a malicious attacker to access any file on the mobile device. Palm has patched this vulnerability and all users are recommended to upgrade to WebOS version 1.2+. Palm...

Palm Pre WebOS 1.1 - Remote File Access

I. Description The Palm Pre WebOS =1.1 suffers from a JavaScript injection attack that allows a malicious attacker to access any file on the mobile device. Palm has patched this vulnerability and all users are recommended to upgrade to WebOS version 1.2+. Palm WebOS 1.2 patch information can be...

Palm Pre WebOS 1.1 - Remote File Access

Palm Pre WebOS 1.1 - Remote File Access I. Description The Palm Pre WebOS =1.1 suffers from a JavaScript injection attack that allows a malicious attacker to access any file on the mobile device. Palm has patched this vulnerability and all users are recommended to upgrade to WebOS version 1.2+...

Google Chrome < 3.0.195.21 Multiple Vulnerabilities

The version of Google Chrome installed on the remote host is earlier than 3.0.195.21. Such versions are reportedly affected by multiple issues : - Google Chrome's inbuilt RSS/ATOM reader renders untrusted JavaScript in an RSS/ATOM feed. Provided a victim connects to a RSS/ATOM feed link controlle...

Update Protection against Joomla! HTTP Header Script Injection

Joomla! is a content management system CMS designed for building Web sites and online applications. Joomla! fails to parse HTTP headers, allowing an attacker to inject JavaScript or DHTML code that can be executed in the context of a target user browser...

php version ewebeditor 3.8. vulnerability-vulnerability warning-the black bar safety net

php 版本 后台 是 调用 ../ewebeditor/admin/config.php,we went to look at the source code will know, here I talk about using the method: 1 First of course to find a landing back,默认 是 ../eWebEditor/admin/login.php,into the background after casually enter a user and password,of course,will prompt an error,...

Joomla! 1.5.10 JA_Purity Cross Site Scripting

============================================= INTERNET SECURITY AUDITORS ALERT 2009-006 - Original release date: April 5th, 2009 - Last revised: June 5th, 2009 - Discovered by: Juan Galiana Lara - Severity: 6.4/10 CVSS Base Score ============================================= I. VULNERABILITY...

Tutorial Share 3.5.0 Insecure Cookie

-------------------------------------------------------------- Tutorial Share 3.4 Insecure Cookie Handling Vulnerability --------------------------------------------------------------- Auothr :Evil-Cod3r Home: Creativexploit.com Contact : [email protected] & [email protected] Software : Tutorial...

Steam Cross Site Scripting

STEAM - Phishing and Cross-site Scripting =========================================== = APP: STEAM - Valve Software = =========================================== - STEAM - Valve Software - Vulnerability Discovery: Gabriel Lima - http://www.falandodeseguranca.com in portuguese...

Symantec Log Viewer JavaScript Injection Vulnerabilities

SUMMARY The Log Viewer feature in some Symantec products contains two parsing errors which could be exploited through Java script injection. AFFECTED PRODUCTS Product | Version | Solution ---|---|--- Norton 360 | 1.0 | Run LiveUpdate in Interactive Mode Norton Internet Security | 2005 through 200...

NovaBoard <= 1.0.1 (message) Persistent XSS Vulnerability

Exploit for unknown platform in category web applications ========================================================= NovaBoard alertdocument.cookie you can also send the user cookie to another site Non-persistent XSS:...

Novaboard 1.0.1 - Cross-Site Scripting

Novaboard 1.0.1 - Cross-Site Scripting -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= NovaBoard eNYe-Sec - www.enye-sec.org -- About the program by the author's page -- NovaBoard is a free, feature rich community message board software written in PHP & MySQL that allows you to set up your own forum withi...

NovaBoard 1.0.1 Cross Site Scripting

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= NovaBoard eNYe-Sec - www.enye-sec.org -- About the program by the author's page -- NovaBoard is a free, feature rich community message board software written in PHP & MySQL that allows you to set up your own forum within minutes. With a smart modules feature...

OptusHuawei E960 HSDPA Router - Sms Cross-Site Scripting

OptusHuawei E960 HSDPA Router - Sms Cross-Site Scripting XSS Attack using SMS to Optus/Huawei E960 HSDPA Router Synopsis -------- Huawei E960 HSDPA Router firmware version 246.11.04.11.110sp04 is vulnerable to XSS attack using SMS. One of the feature of this router is the ability to send and...

Simple Machines Forum (SMF) - &#039;BBCode&#039; Cookie Stealing

Author: Xianur0 BBCode of the smf not filtered properly specified urls: centersize=14pturl=javascript:alert'xss'Saltando Filtro :D.../url/size...

Flatnuke 3 Cookie Grabber Exploit

titolo" name="name" type="text" / Immagine File -- "alert69%3B...

Openfire Server <= 3.6.0a (Auth Bypass/SQL/XSS) Multiple Vulnerability

Exploit for unknown platform in category web applications ======================================================================== Openfire Server = 3.6.0a Auth Bypass/SQL/XSS Multiple Vulnerabilities ======================================================================== Advisory: Openfire Serv...