ALPINE-CVE-2014-7204

jscript.c in Exuberant Ctags 5.8 allows remote attackers to cause a denial of service infinite loop and CPU and disk consumption via a crafted JavaScript file...

CVE-2014-7204

jscript.c in Exuberant Ctags 5.8 allows remote attackers to cause a denial of service infinite loop and CPU and disk consumption via a crafted JavaScript file...

Code injection

jscript.c in Exuberant Ctags 5.8 allows remote attackers to cause a denial of service infinite loop and CPU and disk consumption via a crafted JavaScript file...

CVE-2014-7204

jscript.c in Exuberant Ctags 5.8 allows remote attackers to cause a denial of service infinite loop and CPU and disk consumption via a crafted JavaScript file...

UBUNTU-CVE-2014-7204

jscript.c in Exuberant Ctags 5.8 allows remote attackers to cause a denial of service infinite loop and CPU and disk consumption via a crafted JavaScript file...

atmail email server appliance 6.4 - Stored XSS - csrf - rce

No description provided by source. Exploit Title: Atmail Email Server Appliance 6.4 Remote Code Execution Date: Jul 21 2012 Author: muts Version: Atmail Email Server 6.4 By sending an email to a user with the Atmail administrative interface open, we can call a remote JavaScript file that will...

ManageEngine OpUtils 6.0 - Stored XSS

No description provided by source. Author: loneferret of Offensive Security Product: ManageEngine OpUtils Version: 6 Vendor Site: http://www.manageengine.com Software Download: http://www.manageengine.com/products/oputils/download.html Software Description:...

CVE-2013-2086

The configuration loader in ownCloud 5.0.x before 5.0.6 allows remote attackers to obtain CSRF tokens and other sensitive information by reading an unspecified JavaScript file...

Cross site request forgery (csrf)

The configuration loader in ownCloud 5.0.x before 5.0.6 allows remote attackers to obtain CSRF tokens and other sensitive information by reading an unspecified JavaScript file...

UBUNTU-CVE-2013-2086

The configuration loader in ownCloud 5.0.x before 5.0.6 allows remote attackers to obtain CSRF tokens and other sensitive information by reading an unspecified JavaScript file...

CVE-2013-2086

The configuration loader in ownCloud 5.0.x before 5.0.6 allows remote attackers to obtain CSRF tokens and other sensitive information by reading an unspecified JavaScript file...

CVE-2013-6797

Cross-site request forgery CSRF vulnerability in bluewrench-video-widget.php in the Blue Wrench Video Widget plugin before 2.0.0 for WordPress allows remote attackers to hijack the authentication of administrators for requests that embed arbitrary URLs via the bwurl parameter in the bw-videos pag...

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in bluewrench-video-widget.php in the Blue Wrench Video Widget plugin before 2.0.0 for WordPress allows remote attackers to hijack the authentication of administrators for requests that embed arbitrary URLs via the bwurl parameter in the bw-videos pag...

CVE-2013-6797

Cross-site request forgery CSRF vulnerability in bluewrench-video-widget.php in the Blue Wrench Video Widget plugin before 2.0.0 for WordPress allows remote attackers to hijack the authentication of administrators for requests that embed arbitrary URLs via the bwurl parameter in the bw-videos pag...

Server: CSRF token leakage

The configuration loader in ownCloud 5.0.x before 5.0.6 includes private data such as CSRF tokens in a JavaScript file, which allows remote attackers to obtain sensitive information. For more information please consult the official advisory. This advisory is licensed CC BY-SA 4.0...

CVE-2012-1579

The resource loader in MediaWiki 1.17.x before 1.17.3 and 1.18.x before 1.18.2 includes private data such as CSRF tokens in a JavaScript file, which allows remote attackers to obtain sensitive information...

Cross site request forgery (csrf)

The resource loader in MediaWiki 1.17.x before 1.17.3 and 1.18.x before 1.18.2 includes private data such as CSRF tokens in a JavaScript file, which allows remote attackers to obtain sensitive information...

op5 Monitoring 5.4.2 - VM Applicance Multiple Vulnerabilities

op5 Monitoring 5.4.2 - VM Applicance Multiple Vulnerabilities Author: loneferret of Offensive Security Product: op5 Monitoring VM appliance Version: 5.4.2 Vendor Site: http://www.op5.com/ Software Download: http://www.op5.com/get-op5-monitor/get-started/ Software Description: op5 is a market...

ManageEngine OpUtils 6.0 - Persistent Cross-Site Scripting

Author: loneferret of Offensive Security Product: ManageEngine OpUtils Version: 6 Vendor Site: http://www.manageengine.com Software Download: http://www.manageengine.com/products/oputils/download.html Software Description: http://www.manageengine.com/products/oputils/oputils.html The toolset can ...

AtMail Email Server Appliance 6.4 - Persistent Cross-Site Scripting Cross-Site Request Forgery Remote Code Execution

AtMail Email Server Appliance 6.4 - Persistent Cross-Site Scripting Cross-Site Request Forgery Remote Code Execution Exploit Title: Atmail Email Server Appliance 6.4 Remote Code Execution Date: Jul 21 2012 Author: muts Version: Atmail Email Server 6.4 By sending an email to a user with the Atmail...