4524 matches found
JW Player 5.9 Cross Site Scripting / Content Spoofing
Hello list! I want to warn you about security vulnerabilities in JW Player. These are Content Spoofing and Cross-Site Scripting vulnerabilities. ------------------------- Affected products: ------------------------- Vulnerable are JW Player 5.9.2156 and 5.9.2206, except one vulnerability and...
JW Player 5.9 Cross Site Scripting / Content Spoofing
Exploit for multiple platform in category web applications Hello list! I want to warn you about security vulnerabilities in JW Player. These are Content Spoofing and Cross-Site Scripting vulnerabilities. ------------------------- Affected products: ------------------------- Vulnerable are JW Play...
EZEIP3. 0 multi-page upload validation vulnerability-vulnerability warning-the black bar safety net
Modify the IE browser security settings, the modulation is the highest, however, prohibit the js execution. 2. Open the Modify upload Type page, add aspx type, click Save, and then open the upload page to upload There is a problem of the upload Type page: http://www.XXX.com/...
PJBlog 3.2.9.518 getwebshell exploit-vulnerability warning-the black bar safety net
Author: do not go to the bell Version: PJblog 3.2.9.518(2012/5/9, When is the latest version The exploit conditions: 1, Using full static mode by default is a fully static mode 2, The user can post the default regular users can not post, so a little tasteless) Vulnerability description: PJblog...
CVE-2012-2400
Unspecified vulnerability in wp-includes/js/swfobject.js in WordPress before 3.3.2 has unknown impact and attack vectors...
EZEIP3. 0 multi-page upload validation vulnerability and fix-vulnerability warning-the black bar safety net
Modify the IE browser security settings, the modulation is the highest, however, prohibit the js execution. 2. Open the Modify upload Type page, add aspx type, click Save, and then open the upload page to upload There is a problem of the upload Type page:...
Search for a cms with php through the kill-vulnerability warning-the black bar safety net
Author: z2681 From: 90sec Vulnerability files to the admin directory adminloginstate.php Look at the code ifempty$COOKIE'SAdminID' echo "scriptwindow. location='adminlogin.php'/script"; exit; elseif$COOKIE'SLogin'!= md5$COOKIE'SAdminID'.$ COOKIE'SAdminUserName'.$ COOKIE'SAdminPassWord'.$...
Whois Cart Billing - Multiple Web Vulnerabilities
Document Title: =============== Whois Cart Billing - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=343 Release Date: ============= 2011-12-22 Vulnerability Laboratory ID VL-ID: ==================================== 343 Produ...
Google Android - 'content://' URI Multiple Information Disclosure Vulnerabilities
Android Data Stealing Web PageClick: Malicious Link"; // Stage 1: Redirect to Stage 2 which will force a download of the HTML/JS payload, then a few seconds later redirect...
DEBIAN-CVE-2011-3646
phpmyadmin.css.php in phpMyAdmin 3.4.x before 3.4.6 allows remote attackers to obtain sensitive information via an array-typed jsframe parameter to phpmyadmin.css.php, which reveals the installation path in an error message...
OCS Inventory NG 2.0.1 Persistent XSS
Exploit for windows platform in category web applications OCS Inventory NG 2.0.1 - Persistent XSS CVE-2011-4024 ------------------------------------------------------- Software : Open Computer and Software OCS Inventory NG Download : http://www.ocsinventory-ng.org/ Discovered by : Nicolas DEROUET...
Virus removal website compromised to serving malware
Virus removal website compromised to serving malware One of the Famous Virus Removal Service website : laptopvirusrepair.co.uk is compromised and Hacker is Serving Malware on the website. In above screenshot Avira detects the JS/Blacole.psak Java script Virus hosted on the site. The snippet of co...
Virus removal website compromised to serving malware
Virus removal website compromised to serving malware One of the Famous Virus Removal Service website : laptopvirusrepair.co.uk is compromised and Hacker is Serving Malware on the website. In above screenshot Avira detects the JS/Blacole.psak Java script Virus hosted on the site. The snippet of co...
Fedora 15 : phpMyAdmin-3.4.4-1.fc15 (2011-11630)
Changes for 3.4.4.0 2011-08-24 : - parser SQL parser breaks AJAX requests if query has unclosed quotes - parser Invalid escape sequence in SQL parser - config $cfg'Export''asfile' set to false does not select as Text option - export Working SQL query exports error page - interface 'Create an inde...
PhpBB2 Custom Mass PM 1.4.7 Cross Site Scripting
No description provided by source. ^ Exploit title: PhpBB2 Module "Custom Mass PM" Cross Site Scripting Vulnerability ^ Author : Silic0n sciencemedia017Atyahoo.com ^ MOD Title: Custom mass PM ^ MOD Description: Add mass PM functionnality to group members or all forums members for authorized users...
WordPress Js-appointment plugin <= 1.5 SQL Injection Vulnerability
No description provided by source. Exploit Title: WordPress Js-appointment plugin = 1.5 SQL Injection Vulnerability Date: 2011-08-26 Author: Miroslav Stampar miroslav.stamparatgmail.com @stamparm Software Link: http://downloads.wordpress.org/plugin/js-appointment.1.5.zip Version: 1.5 tested Note:...
WordPress JS-Appointment 1.5 SQL Injection
Exploit Title: WordPress Js-appointment plugin 1,BENCHMARK5000000,MD5CHAR115,113,108,109,97,112,0--%20 --------------- Vulnerable code --------------- if !empty$REQUEST'searchaction' switch$REQUEST'searchaction' case 'searchadv': requireoncePLUGINPATHALLBOOK."/libs/class.book.php"; $settings =...
WordPress Plugin Js-appointment 1.5 - SQL Injection
Exploit Title: WordPress Js-appointment plugin 1,BENCHMARK5000000,MD5CHAR115,113,108,109,97,112,0--%20 --------------- Vulnerable code --------------- if !empty$REQUEST'searchaction' switch$REQUEST'searchaction' case 'searchadv': requireoncePLUGINPATHALLBOOK."/libs/class.book.php"; $settings =...
WordPress Js-Appointment Plugin <= 1.5 - SQL Injection
Js-Appointment plugin is prone to an SQL injection. This vulnerability allows an attacker to modify data, alter queries to the application SQL database, compromise the access and application or exploit hidden vulnerabilities in the underlying database. Solution Upgrade the plugin...
WordPress Js-appointment plugin <= 1.5 SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: WordPress Js-appointment plugin 1,BENCHMARK5000000,MD5CHAR115,113,108,109,97,112,0--%20 --------------- Vulnerable code --------------- if !empty$REQUEST'searchaction' switch$REQUEST'searchaction' case 'searchadv':...