CVE-2011-2881

Google Chrome before 14.0.835.202 does not properly handle Google V8 hidden objects, which allows remote attackers to cause a denial of service memory corruption or possibly have unspecified other impact via crafted JavaScript code...

CVE-2011-2881

CVE-2011-2881 corresponds to multiple vulnerability entries affecting Google Chrome before 14.0.835.202 . The issue stems from improper handling of Google V8 hidden objects , allowing a remote attacker to cause a denial of service via memory corruption (and possibly other impact). Public referenc...

CVE-2011-2998

Integer underflow in Mozilla Firefox 3.6.x before 3.6.23 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via JavaScript code containing a large RegExp expression...

Integer overflow

Integer underflow in Mozilla Firefox 3.6.x before 3.6.23 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via JavaScript code containing a large RegExp expression...

ProjectForum XSS vulnerability

Overview ProjectForum 7.0.1.3038 and possibly previous versions, are vulnerable to cross site scripting XSS. Description CourseForum's ProjectForum software fails to sanitize all input fields. As a result, cross site scripting XSS attacks can be conducted. By default, a non-credentialed user can...

ManageEngine ServiceDesk Plus <= 8.0 Build 8013 Authentication Bypass Vulnerability

ManageEngine ServiceDesk Plus is prone to an authentication bypass vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Multiples Vulnerabilities in ManageEngine ServiceDesk Plus

Core Security - Corelabs Advisory 1. Advisory Information Title: Multiples Vulnerabilities in ManageEngine ServiceDesk Plus Advisory ID: CORE-2011-0506 Advisory URL: http://www.coresecurity.com/content/multiples-vulnerabilities-manageengine-sdp Date published: 2011-09-14 Date of last update:...

Multiple XSS.

PMASA-2011-14 Announcement-ID: PMASA-2011-14 Date: 2011-09-14 Summary Multiple XSS. Description Firstly, if a row contains javascript code, after inline editing this row and saving, the code is executed. Secondly, missing sanitization on the db, table and column names leads to XSS vulnerabilities...

phpMyAdmin -- multiple XSS vulnerabilities

phpMyAdmin development team reports: Firstly, if a row contains javascript code, after inline editing this row and saving, the code is executed. Secondly, missing sanitization on the db, table and column names leads to XSS vulnerabilities. Versions 3.4.0 to 3.4.4 were found vulnerable...

Joomla Simple File Lister 1.0 Directory Traversal

Exploit Title: Joomla Simple File Lister module = 1.0 Directory Traversal Vulnerability Google Dork: "Simple File Lister v1.0" "Files in directory" Date: 2011-08-28 Author: evilsocket evilsocket at gmail dot com Software Link:...

CVE-2011-2984

Mozilla Firefox before 3.6.20, SeaMonkey 2.x, Thunderbird 3.x before 3.1.12, and possibly other products does not properly handle the dropping of a tab element, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges by establishing a content area and registering...

Nuclear-Blog v4. 0 message Board XSS vulnerability-vulnerability warning-the black bar safety net

In fact, this vulnerability, at the time the release of the Nuclear-Blog v4. 0 Source Code the day it was discovered, found that people are t00ls a core, and then I directly up, but the network disk download is still not up, so the current market for all Nuclear-Blog v4. 0 are the presence of thi...

HTB22979: Multiple XSS &#40;Cross Site Scripting&#41; vulnerabilities in Argyle Social

Vulnerability ID: HTB22979 Reference: http://www.htbridge.ch/advisory/multiplexsscrosssitescriptingvulnerabilitiesinargylesocial.html Product: Argyle Social Vendor: Argyle Social http://argylesocial.com/ Vulnerable Version: Current at 26/04/2011 Vendor Notification: 28 April 2011 Vulnerability...

PHP Directory Listing Script 3.1 Cross Site Scripting

Vulnerability ID: HTB22968 Reference: http://www.htbridge.ch/advisory/xssinphpdirectorylistingscript.html Product: PHP Directory Listing Script Vendor: http://www.evoluted.net http://www.evoluted.net Vulnerable Version: 3.1 Vendor Notification: 21 April 2011 Vulnerability Type: XSS Cross Site...

HTB22965: Multiple XSS vulnerabilities in BackupPC

Vulnerability ID: HTB22965 Reference: http://www.htbridge.ch/advisory/multiplexssvulnerabilitiesinbackuppc.html Product: BackupPC Vendor: Craig Barratt http://backuppc.sourceforge.net/ Vulnerable Version: 3.1.0, perhaps 3.2.0 also vulnerable Vendor Notification: 14 April 2011 Vulnerability Type:...

phpGraphy 0.9.13b Cross Site Request Forgery / Cross Site Scripting

===================================== Vulnerability ID: HTB22959 Reference: http://www.htbridge.ch/advisory/csrfcrosssiterequestforgeryinphpgraphy.html Product: phpGraphy Vendor: http://phpgraphy.sourceforge.net/ http://phpgraphy.sourceforge.net/ Vulnerable Version: 0.9.13b Vendor Notification: 1...

Snom IP Phone Web Interface Multiple Vulnerabilities

Exploit for hardware platform in category web applications / / / / / // | / // \ | / / / / / /// / / / / / / / // / / / |/ / // / , / / // / / / / / //// //|///||/,/ / /// Live by the byte |// Members: Pr0T3cT10n -=M.o.B.=- TheLeader Sro Debug Contact: email protected...

Noahs Classifieds 5.0.4 - index.php Multiple HTML Injection Vulnerabilities

Noahs Classifieds 5.0.4 - index.php Multiple HTML Injection Vulnerabilities source: https://www.securityfocus.com/bid/47578/info Noah's Classifieds is prone to multiple HTML-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data. Attacker-supplied HTML or JavaScrip...

HTB22956: XSS vulnerabilities in phpList

Vulnerability ID: HTB22956 Reference: http://www.htbridge.ch/advisory/xssvulnerabilitiesinphplist.html Product: phpList Vendor: Tincan Ltd http://www.phplist.com/ Vulnerable Version: 2.10.13 and probably prior versions Vendor Notification: 12 April 2011 Vulnerability Type: XSS Risk level: Medium...

Snom IP Phone Web Interface XSS / Disclosure

/ / / / / // | / // \ | / / / / / /// / / / / / / / // / / / |/ / // / , / / // / / / / / //// //|///||/,/ / /// Live by the byte |// Members: Pr0T3cT10n -=M.o.B.=- TheLeader Sro Debug Contact: [email protected] ----------------------------------- Snom IP Phone is vulnerable for a xss...