335 matches found
regionalebronnenbank.nl XSS vulnerability
Vulnerable URL: http://www.regionalebronnenbank.nl/templates/mediaplayer.swf?file=http://content.bitsontherun.com/videos/bkaovAYt-364766.flv=falseℑ=http://appsec.ws/ExploitDB/cMon.jpg=true=javascript:confirm/openbugbounty/;//=blank&.swf Details: Description| Value ---|--- Patched:| No Latest chec...
food.com XSS vulnerability
Vulnerable URL: http://www.food.com/recipe/lemon-angel-cake-with-blueberry-sauce-164755?scaleto=6.0=x%22%3E%3CsvG%20onLoad=prompt%28%22OPENBUGBOUNTY%22%29%3E=us Details: Description| Value ---|--- Patched:| Yes, at 25.11.2017 Latest check for patch:| 25.11.2017 19:30 GMT Vulnerability type:| XSS...
hectormalot.arsene76.fr XSS vulnerability
Vulnerable URL: http://hectormalot.arsene76.fr/sg.do Details: Description| Value ---|--- Patched:| Yes, at 02.03.2017 Latest check for patch:| 02.03.2017 12:18 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website status:| No Check...
schwab.com Open Redirect vulnerability
Vulnerable URL: http://www.schwab.com/redirect/?url=http://www.google.com/search?btnI=https://www.openbugbounty.org/ Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| Open Redirect Vulnerability status:| Publicly disclosed Alexa Rank| 1133 VIP website status:| Yes Check...
java-1.7.0-openjdk security update
1:1.7.0.91-2.6.2.2.0.1 - Update DISTRONAME in specfile 1:1.7.0.91-2.6.2.2 - added and applied patch500 8072932or8074489.patch to fix tck failure - Resolves: rhbz1271919 1:1.7.0.91-2.6.2.1 - Bump to 2.6.2 and u91b00. - Resolves: rhbz1271919...
Piwigo vulnerable to SQL injection
Overview Piwigo is a software to manage and host image files on the web. Piwigo contains a SQL injection vulnerability. Yuji Tounai of bogus.jp reported this vulnerability to JPCERT/CC. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An...
PHPRecipeBook <= 2.35 (g_rb_basedir) Remote File Include Exploit
No description provided by source. !/usr/bin/perl PHPRecipeBook 2.36 Class: Remote File Include Vulnerability Date: 2006/10/16 Remote: Yes Type: Highly critical Vendor: http://phprecipebook.sourceforge.net/...
nginx 1.5.10 SPDY Memory Corruption
According to the self-reported version in the server response header, the installed nginx version is 1.5.10. It is, therefore, affected by a memory corruption vulnerability. A flaw exists with the SPDY module implementation, where worker process memory could be corrupted via a specially crafted...
cups security update
1:1.4.2-35:.1 - Applied patch to fix cupsd memory corruption vulnerability CVE-2010-2941, STR 3648, bug 624438...
JDK: XML parsing Denial-Of-Service (6845701)
Previously, a denial-of-service flaw was found in Java which allowed the creation of an inifinte loop in XML headers that would consume all CPU resources. This issue was patched and Java is no longer vulnerable to a denial-of-service flaw due to the initiation of an infinte loop by means of XML...
Important: cups security update
1.1.22-0.rc1.9.20.2:.5 - Prevented invalid memory accesses when a class and its singleton printer are timed out in the same sweep CVE-2008-0597, bug 433828. - Back-ported mimeDeleteType from 1.2.x CVE-2008-0596, bug 433828. 1.1.22-0.rc1.9.20.2:.4 - Prevent double-free when a browsed class has the...
PHPRecipeBook <= 2.35 (g_rb_basedir) Remote File Include Exploit
No description provided by source. !/usr/bin/perl PHPRecipeBook 2.36 Class: Remote File Include Vulnerability Date: 2006/10/16 Remote: Yes Type: Highly critical Vendor: http://phprecipebook.sourceforge.net/...
Mandrake Linux Security Advisory : cdrecord (MDKSA-2003:058-1)
A vulnerability in cdrecord was discovered that can be used to obtain root access because Mandrake Linux ships with the cdrecord binary suid root and sgid cdwriter. Updated packages are provided that fix this vulnerability. You may also elect to remove the suid and sgid bits from cdrecord manuall...
Mandrake Linux Security Advisory : shadow-utils (MDKSA-2003:026)
The shadow-utils package contains the tool useradd, which is used to create or update new user information. When useradd creates an account, it would create it with improper permissions; instead of having it owned by the group mail, it would be owned by the user's primary group. If this is a shar...
MS00-091: Incomplete TCP/IP Packet Vulnerability (199346)
The hotfix for the 'incomplete TCP/IP packet' problem has not been applied. This vulnerability allows a user to prevent this host from communicating with the network. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid10563; scriptversion"1.46"; scriptcvsdate"Date:...