UBUNTU-CVE-2017-12626

Apache POI in versions prior to release 3.17 are vulnerable to Denial of Service Attacks: 1 Infinite Loops while parsing crafted WMF, EMF, MSG and macros POI bugs 61338 and 61294, and 2 Out of Memory Exceptions while parsing crafted DOC, PPT and XLS POI bugs 52372 and 61295...

Denial of service

Apache POI in versions prior to release 3.17 are vulnerable to Denial of Service Attacks: 1 Infinite Loops while parsing crafted WMF, EMF, MSG and macros POI bugs 61338 and 61294, and 2 Out of Memory Exceptions while parsing crafted DOC, PPT and XLS POI bugs 52372 and 61295...

CVE-2017-12626

Apache POI in versions prior to release 3.17 are vulnerable to Denial of Service Attacks: 1 Infinite Loops while parsing crafted WMF, EMF, MSG and macros POI bugs 61338 and 61294, and 2 Out of Memory Exceptions while parsing crafted DOC, PPT and XLS POI bugs 52372 and 61295...

Denial Of Service (DoS)

Apache poi is vulnerable to denial of service DoS attacks. Attackers can cause infinite loops, when parsing WMF, EMF, MSG and macro files. They can also cause Out-of-Memory OOM exceptions to occur when parsing DOC, PPT and XLS files...

eservice.gov.bd XSS vulnerability

Open Bug Bounty ID: OBB-442714 Description| Value ---|--- Affected Website:| eservice.gov.bd Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat...

CVE-2017-8279

In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, missing race condition protection while updating msg mask table can lead to buffer over-read. Also access to freed memory can happen while updating msgmask information...

kernel: Exploitable memory corruption due to UFO to non-UFO path switch

An exploitable memory corruption flaw was found in the Linux kernel. The append path can be erroneously switched from UFO to non-UFO in ipufoappenddata when building an UFO packet with MSGMORE option. If unprivileged user namespaces are available, this flaw can be exploited to gain root privilege...

kernel: Out of bounds read in inet_diag_msg_sctp{,l}addr_fill() and sctp_get_sctp_info() in SCTP stack

A kernel data leak due to an out-of-bound read was found in the Linux kernel in inetdiagmsgsctp,laddrfill and sctpgetsctpinfo functions present since version 4.7-rc1 through version 4.13. A data leak happens when these functions fill in sockaddr data structures used to export socket's diagnostic...

msg-giron-santander.gov.co XSS vulnerability

Open Bug Bounty ID: OBB-271680 Description| Value ---|--- Affected Website:| msg-giron-santander.gov.co Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Joomla My MSG 3.2.1 Component - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Joomla! Component My MSG v3.2.1 - SQL Injection Google Dork: N/A Date: 25.02.2017 Vendor Homepage: https://www.cmsplugin.com/ Software : https://www.cmsplugin.com/products/components/10-my-msg Demo:...

Joomla My MSG 3.2.1 SQL Injection

Exploit Title: Joomla! Component My MSG v3.2.1 - SQL Injection Google Dork: N/A Date: 25.02.2017 Vendor Homepage: https://www.cmsplugin.com/ Software : https://www.cmsplugin.com/products/components/10-my-msg Demo: http://extensions.cmsplugin.com/extensions/j3demo/my-msg Version: 3.2.1 Tested on:...

HelpDeskZ < 1.0.2 - (Authenticated) SQL Injection / Unauthorized File Download

''' Exploit Title: HelpDeskZ fetchRow"SELECT , COUNTid AS total FROM ".TABLEPREFIX."attachments WHERE id=".$db-realescapestring$params2." AND ticketid=".$params0." AND msgid=".$params3; third argument AND msgid=".$params3; sent to fetchRow query with out any senitization Steps to reproduce:...

SQL Injection Vulnerability in VOA (Pengwei) System oid Parameters

Shenzhen Pengwei Information Technology Co., Ltd VOA collaborative office platform is a kind of asp development OA system. VOA Pengwei system oid parameters exist SQL injection vulnerability, the vulnerability URL is...

Oracle Linux 7 : kernel (ELSA-2015-2152)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2015-2152 advisory. - kernel Initialize msg/shm IPC objects before doing ipcaddid Lennert Buytenhek 1271507 CVE-2015-7613 - fs vfs: Test for and handle paths that are...

Cross site scripting

Cross-site scripting XSS vulnerability in index-login.ant in the ANTlabs InnGate firmware on IG 3100, InnGate 3.01 E, InnGate 3.10 E, InnGate 3.10 M, SG 4, and SSG 4 devices allows remote attackers to inject arbitrary web script or HTML via the msg parameter...

Ebay Magento Bug Bounty #12 - CSRF MSG Vulnerability

Document Title: =============== Ebay Magento Bug Bounty 12 - CSRF MSG Vulnerability References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1526 View Video: https://www.youtube.com/watch?v=x7uaABfxxU0 Advisory: http://www.vulnerability-lab.com/getcontent.php?id=1460 EIBBP-31602...

CVE-2011-5297

Multiple cross-site scripting XSS vulnerabilities in TTChat 1.0.4 allow remote attackers to inject arbitrary web script or HTML via 1 the msg parameter to default.php or 2 the username parameter to chatform.php...

DayuCMS 1.525 /member/include/tag.class.php SQL注入漏洞

/member/include/member.class.phpfunction exists$field, $value return $this-db-fetchone"SELECT id FROM $this-table WHERE $this-table.$field='$value' LIMIT 0, 1"; 传入的$field和$value未经过过滤直接带入SQL语句中。 /member/include/msg.class.php function send$msgs global $userid,$username,$member;...

CVE-2014-4543

Multiple cross-site scripting XSS vulnerabilities in payper/payper.php in the Pay Per Media Player plugin 1.24 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 fcolor, 2 links, 3 stitle, 4 height, 5 width, 6 host, 7 bcolor, 8 msg, 9 id, or 10 size...

Cross site scripting

Cross-site scripting XSS vulnerability in oleggo-twitter/twitterloginform.php in the Oleggo LiveStream plugin 0.2.6 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the msg parameter...