3107 matches found
Mozilla Thunderbird Multiple Vulnerabilities (Nov 2008) - Windows
Mozilla Thunderbird is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Acc PHP eMail 1.1Insecure Cookie Handling Vulnerability
No description provided by source. / / \ / / / / / / / / / / / /\ / / / / / / / / / / / / / / \ / // // / / / / // // / // / / / / / / / // / / / / / / //, / // //,/// // // /,// // // // Discovered by : Hakxer Type Gap :Acc PHP eMail v1.1 Insecure Cookie Handling Script :...
Acc Statistics 1.1 - Insecure Cookie Handling
/ / \ / / / / / / / / / / / /\ / / / / / / / / / / / / / / \ / // // / / / / // // / // / / / / / / / // / / / / / / //, / // //,/// // // /,// // // // Discovered by : Hakxer Type Gap : AccStatistics v1.1 Insecure Cookie Handling Script : http://www.accscripts.com/accstatistics.html...
absolutelive-cookie.txt
| | / | \ \ / / / | / | | | | \ | | | | \ V / | | | | | | | | | | | | | || | | | | | | | | | | | | | | || | / || | || \ | Discovered By: Hakxer Home : Www.educ-up.com Type Gap : Insecure Cookie Handling script : Absolute Live Support see script http://www.xigla.com/absolutelsnet/demo.htm Greetz...
absoluteform-cookie.txt
| | / | \ \ / / / | / | | | | \ | | | | \ V / | | | | | | | | | | | | | || | | | | | | | | | | | | | | || | / || | || \ | Author : Hakxer Home : Www.educ-up.com Type Gap : Insecure Cookie Handling script : Absolute Form Processor see script http://www.xigla.com/absolutefpnet/demo.htm Team : EgY...
Absolute Form Processor 4.0 - Insecure Cookie Handling
| | / | \ \ / / / | / | | | | \ | | | | \ V / | | | | | | | | | | | | | || | | | | | | | | | | | | | | || | / || | || \ | Author : Hakxer Home : Www.educ-up.com Type Gap : Insecure Cookie Handling script : Absolute Form Processor see script http://www.xigla.com/absolutefpnet/demo.htm Team : EgY...
Mozilla Seamonkey Multiple Vulnerability July-08 (Windows)
The host is installed with Mozilla Seamonkey, that is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbseamonkeymultvulnjuly08win.nasl 6519 2017-07-04 14:08:14Z cfischer $ Mozilla Seamonkey Multiple Vulnerability July-08 Windows Authors: Chandan S Copyright: Copyright c 2008...
webshell431-xssxsrf.txt
======================================================================= . .. | | / / | | | | / \ / / /\ / / \ | | | / / \ /\ \| | / // / /\ \ / / / // http://www.lowsec.org ========================================================================...
Google Chrome回车远程拒绝服务漏洞
BUGTRAQ ID: 31375 CNCAN ID:CNCAN-2008092512 Google Chrome是一款GOOGLE公司开发的WEB浏览器。 Google Chrome处理回车输入存在问题,远程攻击者可以利用漏洞对应用程序进行拒绝服务攻击。 当回车\r\n\r\n作为参数传递给window.open函数时,可导致Google Chrome在同一时间中生成大量窗口而导致内存耗竭。构建恶意WEB页,诱使用户访问,可导致应用程序崩溃。 Google Chrome 0.2.149 30 Google Chrome 0.2.149 29 Google Chrome 0.2.149 ...
Design/Logic Flaw
The nsXMLDocument::OnChannelRedirect function in Mozilla Firefox before 2.0.0.17, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allows remote attackers to bypass the Same Origin Policy and execute arbitrary JavaScript code via unknown vectors...
Critical: Red Hat Security Advisory: firefox security update
An updated firefox package that fixes various security issues is now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. Mozilla Firefox is an open source Web browser. Several flaws were found in the...
Gentoo Security Advisory GLSA 200507-24 (mozilla)
The remote host is missing updates announced in advisory GLSA 200507-24. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
BOM characters, low surrogates stripped from JavaScript before execution — Mozilla
Microsoft developer Dave Reed reported that certain BOM characters are stripped from JavaScript code before it is executed. This can lead to code, which would otherwise be treated as part of a quoted string, to be executed. The issue could potentially be used by an attacker to bypass or evade...
XSS in RSS feed creation
URL http://localhost:8080/dashboard/doconfigurerssfeed.action The RSS feed creation process is vulnerable to XSS attacks. It is possible to inject javascript code into the page by changing the types field to: types="alertdocument.cookie complete example from the testenvironment:...
XSS in RSS feed creation
URL http://localhost:8080/dashboard/doconfigurerssfeed.action The RSS feed creation process is vulnerable to XSS attacks. It is possible to inject javascript code into the page by changing the types field to: types="alertdocument.cookie complete example from the testenvironment:...
Chrome script loading from fastload file — Mozilla
Mozilla security researcher mozbugra4 reported that when non-privileged XUL documents include scripts from chrome: URIs used in the browser it was possible to take advantage of the privilege level stored in the pre-compiled "fastload" file. This could allow an attacker to run arbitrary JavaScript...
visualsentinel-cas.txt
VisualSentinel 0.7 Cross Agent Scripting Discovered by: Alfredo Panzera, Opencosmo Security Software vendor: http://www.opencosmo.com Date: 31-05-2008 Vulnerability: The vulnerability consists on inject javascript code falsify the user agent's attacker during an attack and then save in the log th...
VisualSentinel 0.7 Cross Agent Scripting Vulnerability
VisualSentinel 0.7 Cross Agent Scripting Discovered by: Alfredo Panzera, Opencosmo Security Software vendor: http://www.opencosmo.com Date: 31-05-2008 Vulnerability: The vulnerability consists on inject javascript code falsify the user agent's attacker during an attack and then save in the log th...
eCMS 0.4.2 - Multiple Vulnerabilities
source: https://www.securityfocus.com/bid/29304/info eCMS is prone to multiple security vulnerabilities, including a security-bypass issue and an SQL-injection issue. Exploiting these issues may allow an attacker to bypass certain security restrictions and gain unauthorized access to the...
Multi-Page Comment System 1.1.0 Insecure Cookie Handling Vulnerability
No description provided by source. --==+================================================================================+==-- --==+ Multi-Page Comment System 1.1.0 Insecure Cookie Handling +==-- --==+================================================================================+==-- Discovered...