Frog CMS 0.9.5 Multiple CSRF Vulnerabilities

Exploit for php platform in category web applications ============================================ Frog CMS 0.9.5 Multiple CSRF Vulnerabilities ============================================ Date: Sun 11 Jul 2010 10:22:48 AM EEST Vendor: http://www.madebyfrog.com/ Download:...

Frog CMS 0.9.5 - Multiple Cross-Site Request Forgery Vulnerabilities

Frog CMS 0.9.5 - Multiple Cross-Site Request Forgery Vulnerabilities Date: Sun 11 Jul 2010 10:22:48 AM EEST Vendor: http://www.madebyfrog.com/ Download: http://www.madebyfrog.com/public/download/files/frog095.tar.gz --- -= CSRF PoC 1 - Create Admin User =- Frog CMS 0.9.5 Multiple CSRF...

Frog CMS 0.9.5 - Multiple Cross-Site Request Forgery Vulnerabilities

Date: Sun 11 Jul 2010 10:22:48 AM EEST Vendor: http://www.madebyfrog.com/ Download: http://www.madebyfrog.com/public/download/files/frog095.tar.gz --- -= CSRF PoC 1 - Create Admin User =- Frog CMS 0.9.5 Multiple CSRF Vulnerabilities - Create Admin User -= CSRF PoC 2 - Delete User =- img...

[SECURITY] Fedora 12 Update: python-mako-0.3.4-1.fc12

Mako is a template library written in Python. It provides a familiar, non-X ML syntax which compiles into Python modules for maximum performance. Mako's syntax and API borrows from the best ideas of many others, including Django templates, Cheetah, Myghty, and Genshi. Conceptually, Mako is an...

Debian DSA-2064-1 : xulrunner - several vulnerabilities

Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2010-0183 'wushi' discovered that incorrect pointer handling in the frame processing code could...

Joomla Component com_jejob SQL Injection Vulnerability

Exploit for php platform in category web applications ====================================================== Joomla Component comjejob SQL Injection Vulnerability ====================================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 ...

linux/x86-64 Disable ASLR Security 143 bytes

Exploit for linux/x86-64 platform in category shellcode ============================================ linux/x86-64 Disable ASLR Security 143 bytes ============================================ / Title: Linux/x86-64 - Disable ASLR Security - 143 bytes Date: 2010-06-17 Tested: Archlinux x8664 k2.6.33...

CVE-2010-1397

Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service application crash via vectors related to a layout change during selection...

CVE-2010-1397

Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service application crash via vectors related to a layout change during selection...

EUVD-2010-1425

Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service application crash via vectors related to a layout change during selection...

CVE-2010-1397

CVE-2010-1397 is a use-after-free in WebKit used by Safari (and related WebKit deployments) that can allow remote code execution or a crash through a layout-change during selection rendering and the DOCUMENT_POSITION_DISCONNECTED attribute in an unspecified container. Affected: Safari before 5.0 ...

Hotel Resort Site Script with OnLine Reservation System - SQL Injection

Hotel Resort Site Script with OnLine Reservation System - SQL Injection Author: L0rd CrusAd3r aka VSN [email protected] Exploit Title:Hotel / Resort Site Script with OnLine Reservation System SQLi Vulnerable Published: 2010-06-08 Vendor url:http://www.mformula.com.br Greetz to:Sid3^effects,...

Mozilla Falls Short on Firefox ASLR Implementation

Like Apple’s Safari, the open-source Mozilla Firefox browser does not properly implement ASLR, a key anti-exploit mitigation that can limit the damage from hacker attacks. Nils, the U.K.-based researcher who compromised a Windows machine running Firefox for the second year in a row told me it’s...

DSA-2027-1 xulrunner - several vulnerabilities

Bulletin has no description...

CVE-2010-0167

The browser engine in Mozilla Firefox 3.0.x before 3.0.18, 3.5.x before 3.5.8, and 3.6.x before 3.6.2; Thunderbird before 3.0.2; and SeaMonkey before 2.0.3 allows remote attackers to cause a denial of service memory corruption and application crash and possibly execute arbitrary code via vectors...

CORE-2009-0803: Virtual PC Hypervisor Memory Protection Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Virtual PC Hypervisor Memory Protection Vulnerability 1. Advisory Information Title: Virtual PC Hypervisor Memory Protection Vulnerability Advisory Id: CORE-2009-0803...

Virtual PC Hypervisor - Memory Protection

Virtual PC Hypervisor - Memory Protection -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Virtual PC Hypervisor Memory Protection Vulnerability 1. Advisory Information Title: Virtual PC Hypervisor Memory Protection...

Directory traversal

Directory traversal vulnerability in index.php in SkaDate Dating allows remote attackers to read arbitrary files via a .. dot dot in the layout parameter...

Debian Security Advisory DSA 1999-1 (xulrunner)

The remote host is missing an update to xulrunner announced via advisory DSA 1999-1. OpenVAS Vulnerability Test $Id: deb19991.nasl 6614 2017-07-07 12:09:12Z cfischer $ Description: Auto-generated from advisory DSA 1999-1 xulrunner Authors: Thomas Reinke Copyright: Copyright c 2010 E-Soft Inc...

Mozilla Firefox Layout Frame Constructor Memory Corruption (CVE-2007-5959)

Firefox is an open source web browser developed by Mozilla Foundation. The application is capable of interpreting and rendering many types of Internet content, including various versions of HTML, XML, CSS Cascade Style Sheet, Javascript, various graphic formats, and so on. Firefox is made availab...