Goople CMS 1.7 - Arbitrary Code Execution

-============================================- Autore: x0r - Evolution Team Msn: [email protected] Cms: Goople Cms 1.7 Bug: Arbitrary File Creation Download: http://ovh.dl.sourceforge.net/sourceforge/gooplecms/GoopleCMS1.7.rar -============================================- Exploit: Attack One...

Mozilla Seamonkey Multiple Vulnerabilities November-08 (Windows)

The host is installed with Mozilla Seamonkey and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbseamonkeymultvulnnov08win.nasl 5375 2017-02-20 16:39:23Z cfi $ Mozilla Seamonkey Multiple Vulnerabilities November-08 Windows Authors: Chandan S Copyright: Copyright c 2008...

Mozilla Thunderbird Multiple Vulnerabilities (Nov 2008) - Windows

Mozilla Thunderbird is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mozilla Seamonkey Multiple Vulnerabilities (Nov 2008) - Linux

Mozilla Seamonkey is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mozilla Firefox Multiple Vulnerabilities November-08 (Linux)

The host is installed with Mozilla Firefox browser and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbfirefoxmultvulnnov08lin.nasl 6539 2017-07-05 12:02:14Z cfischer $ Mozilla Firefox Multiple Vulnerabilities November-08 Linux Authors: Chandan S Copyright: Copyright c 200...

Mozilla Thunderbird Multiple Vulnerabilities (Nov 2008) - Linux

Mozilla Thunderbird is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Acc PHP eMail 1.1Insecure Cookie Handling Vulnerability

No description provided by source. / / \ / / / / / / / / / / / /\ / / / / / / / / / / / / / / \ / // // / / / / // // / // / / / / / / / // / / / / / / //, / // //,/// // // /,// // // // Discovered by : Hakxer Type Gap :Acc PHP eMail v1.1 Insecure Cookie Handling Script :...

Acc Statistics 1.1 - Insecure Cookie Handling

/ / \ / / / / / / / / / / / /\ / / / / / / / / / / / / / / \ / // // / / / / // // / // / / / / / / / // / / / / / / //, / // //,/// // // /,// // // // Discovered by : Hakxer Type Gap : AccStatistics v1.1 Insecure Cookie Handling Script : http://www.accscripts.com/accstatistics.html...

absolutelive-cookie.txt

| | / | \ \ / / / | / | | | | \ | | | | \ V / | | | | | | | | | | | | | || | | | | | | | | | | | | | | || | / || | || \ | Discovered By: Hakxer Home : Www.educ-up.com Type Gap : Insecure Cookie Handling script : Absolute Live Support see script http://www.xigla.com/absolutelsnet/demo.htm Greetz...

absoluteform-cookie.txt

| | / | \ \ / / / | / | | | | \ | | | | \ V / | | | | | | | | | | | | | || | | | | | | | | | | | | | | || | / || | || \ | Author : Hakxer Home : Www.educ-up.com Type Gap : Insecure Cookie Handling script : Absolute Form Processor see script http://www.xigla.com/absolutefpnet/demo.htm Team : EgY...

Absolute Form Processor 4.0 - Insecure Cookie Handling

| | / | \ \ / / / | / | | | | \ | | | | \ V / | | | | | | | | | | | | | || | | | | | | | | | | | | | | || | / || | || \ | Author : Hakxer Home : Www.educ-up.com Type Gap : Insecure Cookie Handling script : Absolute Form Processor see script http://www.xigla.com/absolutefpnet/demo.htm Team : EgY...

Mozilla Seamonkey Multiple Vulnerability July-08 (Windows)

The host is installed with Mozilla Seamonkey, that is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbseamonkeymultvulnjuly08win.nasl 6519 2017-07-04 14:08:14Z cfischer $ Mozilla Seamonkey Multiple Vulnerability July-08 Windows Authors: Chandan S Copyright: Copyright c 2008...

webshell431-xssxsrf.txt

======================================================================= . .. | | / / | | | | / \ / / /\ / / \ | | | / / \ /\ \| | / // / /\ \ / / / // http://www.lowsec.org ========================================================================...

Google Chrome回车远程拒绝服务漏洞

BUGTRAQ ID: 31375 CNCAN ID：CNCAN-2008092512 Google Chrome是一款GOOGLE公司开发的WEB浏览器。 Google Chrome处理回车输入存在问题，远程攻击者可以利用漏洞对应用程序进行拒绝服务攻击。 当回车\r\n\r\n作为参数传递给window.open函数时，可导致Google Chrome在同一时间中生成大量窗口而导致内存耗竭。构建恶意WEB页，诱使用户访问，可导致应用程序崩溃。 Google Chrome 0.2.149 30 Google Chrome 0.2.149 29 Google Chrome 0.2.149 ...

Design/Logic Flaw

The nsXMLDocument::OnChannelRedirect function in Mozilla Firefox before 2.0.0.17, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allows remote attackers to bypass the Same Origin Policy and execute arbitrary JavaScript code via unknown vectors...

Critical: Red Hat Security Advisory: firefox security update

An updated firefox package that fixes various security issues is now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. Mozilla Firefox is an open source Web browser. Several flaws were found in the...

Gentoo Security Advisory GLSA 200507-24 (mozilla)

The remote host is missing updates announced in advisory GLSA 200507-24. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Gentoo Security Advisory GLSA 200504-18 (Mozilla)

The remote host is missing updates announced in advisory GLSA 200504-18. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

BOM characters, low surrogates stripped from JavaScript before execution — Mozilla

Microsoft developer Dave Reed reported that certain BOM characters are stripped from JavaScript code before it is executed. This can lead to code, which would otherwise be treated as part of a quoted string, to be executed. The issue could potentially be used by an attacker to bypass or evade...

XSS in RSS feed creation

URL http://localhost:8080/dashboard/doconfigurerssfeed.action The RSS feed creation process is vulnerable to XSS attacks. It is possible to inject javascript code into the page by changing the types field to: types="alertdocument.cookie complete example from the testenvironment:...