119 matches found
Microsoft Internet Explorer CDocument Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Microsoft Internet Explorer CElement::GetClassCacheArray Improper Indexing Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Siteman 1.1 User Database Privilege Escalation Vulnerability (2)
No description provided by source. source: http://www.securityfocus.com/bid/12304/info Siteman is reported prone to a vulnerability that may allow users to gain elevated privileges. This issue results from insufficient sanitization of user-supplied data. Apparently, an attacker can supply...
NAS Uploader 1.0 & 1.5 - Remote File Upload Vulnerability
No description provided by source. | | NAS Uploader V1.0&1.5 Remote File Upload Vulnerability | | Author : ViRuSMaN | | Contact : [email protected] | | Home : Islam-Attack.CoM , HackTeach.OrG | | Download : http://www.nasuploader.com/nasuploaderv10packdemo.php |...
CVE-2014-1223 - Cross-site Scripting in Telligent Evolution
Vulnerability title: Cross-site Scripting in Telligent Evolution CVE: CVE-2014-1223 Vendor: Telligent Product: Evolution Affected version: 7.5.0.32466 Fixed version: 7.6.7.36651 Reported by: Jerzy Kramarz Details: It is possible for an attacker to inject JavaScript by manipulating the 'msg'...
OkCupid: XSS - okcupid.com
Go to your profile, and go to upload a photo. Add a random description to the photo and upload it. Now go to your photos and go to the latest uploaded photo to edit the description, and paste this : and click Save and you will see the XSS. Regards, Florin...
Microsoft Internet Explorer CMarkup Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Cisco uBR10000 Series IPv4/IPv6 Dual Stack Vulnerability
Cisco uBR10000 Series Universal Broadband Routers contain a vulnerability that could allow an unauthenticated, adjacent attacker to trigger the reload of the routing engine on the affected device. An attacker could exploit this vulnerability by manipulating IPv4 and IPv6 address assignments on a...
Fedora Update for squashfs-tools FEDORA-2012-19203
Check for the Version of squashfs-tools OpenVAS Vulnerability Test Fedora Update for squashfs-tools FEDORA-2012-19203 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify ...
[SECURITY] Fedora 16 Update: libjpeg-turbo-1.2.1-1.fc16
The libjpeg-turbo package contains a library of functions for manipulating JPEG images...
IBM SPSS ExportHTML.dll ActiveX Control Render Method Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM SPSS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the Render method expos...
Oracle Hyperion Financial Management Code Execution
Oracle Hyperion Financial Management TList6 ActiveX Control Remote Code Execution Vulnerability tested against: Internet Explorer 8 Microsoft Windows Server 2003 r2 sp2 download url: http://www.oracle.com/technetwork/middleware/epm/downloads/index.html files tested: SystemInstaller-11121-win32.zi...
Mozilla Firefox - Array.reduceRight() Integer Overflow (1)
Mozilla Firefox - Array.reduceRight Integer Overflow 1 Title: Mozilla Firefox Array.reduceRight Integer Overflow Exploit Date: 12 Oct 2011 Author: Matteo Memelli ryujin -AT- offensive-security.com CVE-2011-2371 Full exploit package:...
Manipulating the window can be used to spoof the page address
Web page scripts can be used to alter the size of the browser window. In some cases, this manipulation can cause the wrong part of the Web page address to be displayed in the Address Bar, so that the part that is initially visible to the user is not the start of the address, and may contain conte...
Java Mini Web Server <= 1.0 Path Traversal and Cross Site Scripting
Exploit for multiple platform in category remote exploits =================================================================== Java Mini Web Server | www.DigitalWhisper.co.il Software Link: http://www.jibble.org/miniwebserver/ Version: YOURXSSHEREWork?Index of %00"Work?Index of %00"Work? Work?...
[SECURITY] Fedora 11 Update: xerces-c27-2.7.0-8.fc11
Xerces-C is a validating XML parser written in a portable subset of C++. Xerces-C makes it easy to give your application the ability to read and wri te XML data. A shared library is provided for parsing, generating, manipulatin g, and validating XML documents. Xerces-C is faithful to the XML 1.0...
Manipulating text input contents can allow execution of arbitrary code
Manipulating certain text-area contents can cause a buffer overflow, which may be exploited to execute arbitrary code...
WIDER : Social Engineering
Social engineering Professional programming Sequential hack one. Introduction 2. social engineering 3. Extraction of information. Social engineering. Sequential hack. four. Finding and processing information. 5. Some ways to divorce people. 6. Human denial of service HDoS 7. Advanced methods...
Maxwebportal <= 1.36 password.asp Change Password Exploit (3 - perl)
Exploit for unknown platform in category web applications ==================================================================== Maxwebportal Gr33tz To == mhp0rtal , Oilkarchack , Str0ke & AlphaST.Com And Iranian Hacking & Security Teams : IHS , Shabgard , Emperor ,Crouz & Simorgh-ev use IO::Socket...