1410 matches found
CVE-2009-1669
The smartyfunctionmath function in libs/plugins/function.math.php in Smarty 2.6.22 allows context-dependent attackers to execute arbitrary commands via shell metacharacters in the equation attribute of the math function. NOTE: some of these details are obtained from third party information...
Memory corruption
The JavaScript engine in Mozilla Firefox 3.x before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service application crash and possibly trigger memory corruption via vectors involving 1 jsFindPropertyHelper, related to the definition...
Firefox 3 JavaScript engine crashes
The JavaScript engine in Mozilla Firefox 3.x before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service application crash and possibly trigger memory corruption via vectors involving 1 jsFindPropertyHelper, related to the definition...
irc-info NSE Script
Gathers information from an IRC server. It uses STATS, LUSERS, and other queries to obtain this information. Example Usage nmap -sV -sC Script Output 6665/tcp open irc | irc-info: | server: asimov.freenode.net | version: ircd-seven-1.1.320111112-b71671d1e846,charybdis-3.4-dev. asimov.freenode.net...
Unfixed XSS vulnerability at www.math-net.de
Security researcher xylitol, has submitted on 27/10/2008 a cross-site-scripting XSS vulnerability affecting www.math-net.de, which at the time of submission ranked 1890326 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 01/07/2009. It is...
Fedora 7 : perl-Imager-0.64-2.fc7 (2008-3920)
Thu Apr 24 2008 Steven Pritchard 0.64-2 - Rebuild. - Thu Apr 24 2008 Steven Pritchard 0.64-1 - Update to 0.64 CVE-2008-1928. - Add versioned Test::More BR. - Thu Mar 6 2008 Tom 'spot' Callaway - 0.62-3 - rebuild for new perl - Tue Feb 19 2008 Fedora Release Engineering - 0.62-2 - Autorebuild for...
Debian Security Advisory DSA 263-1 (netpbm-free)
The remote host is missing an update to netpbm-free announced via advisory DSA 263-1. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
WordPress Plugin Peter's Math Anti-Spam 0.1.6 - Audio CAPTCHA Security Bypass
source: https://www.securityfocus.com/bid/27287/info Peter's Math Anti-Spam for WordPress is prone to a security-bypass vulnerability. This issue occurs when presenting a visitor with challenge data to determine if they are a legitimate user or an automaton. The challenge data is poorly obfuscate...
WordPress Plugin Peters Math Anti-Spam 0.1.6 - Audio CAPTCHA Security Bypass
WordPress Plugin Peters Math Anti-Spam 0.1.6 - Audio CAPTCHA Security Bypass source: https://www.securityfocus.com/bid/27287/info Peter's Math Anti-Spam for WordPress is prone to a security-bypass vulnerability. This issue occurs when presenting a visitor with challenge data to determine if they...
Cross site request forgery (csrf)
Multiple cross-site request forgery CSRF vulnerabilities in math-comment-spam-protection.php in the Math Comment Spam Protection 2.1 and earlier plugin for WordPress allow remote attackers to perform actions as administrators via the 1 mcspoptmsgnoanswer or 2 mcspoptmsgwronganswer parameter to...
CVE-2008-0204
Multiple cross-site scripting XSS vulnerabilities in math-comment-spam-protection.php in the Math Comment Spam Protection 2.1 and earlier plugin for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 mcspoptmsgnoanswer or 2 mcspoptmsgwronganswer parameter to...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in math-comment-spam-protection.php in the Math Comment Spam Protection 2.1 and earlier plugin for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 mcspoptmsgnoanswer or 2 mcspoptmsgwronganswer parameter to...
CVE-2008-0205
Multiple cross-site request forgery CSRF vulnerabilities in math-comment-spam-protection.php in the Math Comment Spam Protection 2.1 and earlier plugin for WordPress allow remote attackers to perform actions as administrators via the 1 mcspoptmsgnoanswer or 2 mcspoptmsgwronganswer parameter to...
CVE-2008-0204
CVE-2008-0204 affects the WordPress plugin Math Comment Spam Protection (versions 2.1 and earlier). The vulnerability is multiple cross-site scripting (XSS) flaws in the file math-comment-spam-protection.php, exploitable via the parameters mcsp_opt_msg_no_answer or mcsp_opt_msg_wrong_answer in wp...
CVE-2008-0205
CVE-2008-0205 concerns the WordPress Math Comment Spam Protection plugin (version 2.1 and earlier). The vulnerability is a set of cross-site request forgery (CSRF) flaws in the file math-comment-spam-protection.php that let remote attackers perform administrator actions via the parameters mcsp_op...
CVE-2008-0205
Multiple cross-site request forgery CSRF vulnerabilities in math-comment-spam-protection.php in the Math Comment Spam Protection 2.1 and earlier plugin for WordPress allow remote attackers to perform actions as administrators via the 1 mcspoptmsgnoanswer or 2 mcspoptmsgwronganswer parameter to...
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. Math Comment Spam Protection: Crossite scripting...
DEBIAN-CVE-2006-5443
Unspecified vulnerability in XIAO Gang WWW Interactive Mathematics Server WIMS before 3.60 allows remote attackers to modify unspecified data via unspecified vectors involving "variable rights."...
ASPPortal <= 3.1.1 (downloadid) Remote SQL Injection Exploit
Exploit for unknown platform in category web applications ============================================================ ASPPortal use IO::Socket; use Math::BigInt; if@ARGV != 3 usage; else exploit; sub header print "\n- NukedX Security Advisory Nr.2006-21\r\n"; print "- ASPPortal \r\n"; print "- -...
DEBIAN-CVE-2005-3165
Multiple cross-site scripting XSS vulnerabilities in MediaWiki before 1.4.9 allow remote attackers to inject arbitrary web script or HTML via 1 tags or 2 Extension or sections that "bypass HTML style attribute restrictions" that are intended to protect against XSS vulnerabilities in Internet...