CVE-2025-58763

Tautulli is a Python based monitoring and tracking tool for Plex Media Server. A command injection vulnerability in Tautulli v2.15.3 and prior allows attackers with administrative privileges to obtain remote code execution on the application server. This vulnerability requires the application to...

One client failed on installing CWA due to it failed detecting the Edge Webview2 installation

One client failed on installing CWA in an intranet environment due to it failed detecting the Edge Webview2 installation.Manually install Webview2 with full-blown installer again still can't fix this issue...

SUSE CVE-2006-2784

The PLUGINSPAGE functionality in Mozilla Firefox before 1.5.0.4 allows remote user-assisted attackers to execute privileged code by tricking a user into installing missing plugins and selecting the "Manual Install" button, then using nested javascript: URLs. NOTE: the manual install button is use...

WPScan v2.9.4 - Black Box WordPress Vulnerability Scanner

WPScan is a black box WordPress vulnerability scanner. INSTALL WPScan comes pre-installed on the following Linux distributions: BackBox Linux Kali Linux Pentoo SamuraiWTF BlackArch On macOS WPScan is packaged by Homebrew as wpscan. Windows is not supported We suggest you use the official Docker...

Update Rollup 3 for System Center 2012 R2 Orchestrator

Update Rollup 3 for System Center 2012 R2 Orchestrator Introduction This article describes the issues that are fixed in Update Rollup 3 for Microsoft System Center 2012 R2 Orchestrator. Additionally, this article contains the installation instructions for Update Rollup 3 for System Center 2012 R2...

Free Simple Software - SQL Injection

Free Simple Software - SQL Injection 'Free Simple Software' SQL Injection Vulnerability CVE-2010-4298 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- A vulnerability exists in the 'Free Simple Software' download module which allows for a 'UNION...

security flaw

The PLUGINSPAGE functionality in Mozilla Firefox before 1.5.0.4 allows remote user-assisted attackers to execute privileged code by tricking a user into installing missing plugins and selecting the "Manual Install" button, then using nested javascript: URLs. NOTE: the manual install button is use...

security flaw

The PLUGINSPAGE functionality in Mozilla Firefox before 1.5.0.4 allows remote user-assisted attackers to execute privileged code by tricking a user into installing missing plugins and selecting the "Manual Install" button, then using nested javascript: URLs. NOTE: the manual install button is use...

security flaw

The PLUGINSPAGE functionality in Mozilla Firefox before 1.5.0.4 allows remote user-assisted attackers to execute privileged code by tricking a user into installing missing plugins and selecting the "Manual Install" button, then using nested javascript: URLs. NOTE: the manual install button is use...

PLUGINSPAGE privileged JavaScript execution II — Mozilla

Paul Nickerson reports that the fix for MFSA 2005-34 can be bypassed using nested javascript: URLs, again allowing the attacker to execute privileged code. The attacker must first convince the user to first click on the missing-plugin icon in the page or the "Install Missing Plugins..." button in...

firefox -- PLUGINSPAGE privileged javascript execution

A Mozilla Foundation Security Advisory reports: When a webpage requires a plugin that is not installed the user can click to launch the Plugin Finder Service PFS to find an appropriate plugin. If the service does not have an appropriate plugin the EMBED tag is checked for a PLUGINSPAGE attribute,...