226 matches found
manhattantowncenter.com Open Redirect vulnerability
Vulnerable URL: http://www.manhattantowncenter.com/go/forward.cfm?CameFrom=1=942=2137042137=https://www.xssposed.org/ Details: Description| Value ---|--- Patched:| Yes, at 26.07.2017 Latest check for patch:| 26.07.2017 15:19 GMT Vulnerability type:| Open Redirect Vulnerability status:| Publicly...
ais.at Open Redirect vulnerability
Vulnerable URL: http://www.ais.at/cfnews/forward.cfm?dest=https://www.xssposed.org/ Details: Description| Value ---|--- Patched:| Yes, at 11.04.2016 Latest check for patch:| 11.04.2016 17:34 GMT Vulnerability type:| Open Redirect Vulnerability status:| Publicly disclosed Alexa Rank| 1232978 Googl...
investor.mbfinancial.com Open Redirect vulnerability
Vulnerable URL: http://investor.mbfinancial.com/PDFPageView.aspx?iid=102316=https://www.xssposed.org/ Details: Description| Value ---|--- Patched:| Yes, at 16.03.2016 Latest check for patch:| 16.03.2016 04:28 GMT Vulnerability type:| Open Redirect Vulnerability status:| Publicly disclosed Alexa...
catalog.ringside.com XSS vulnerability
Vulnerable URL: http://catalog.ringside.com:8081/webchat/email/offline-mail.jsp?workgroup=%22%3E%3Csvg/onload=prompt%28/XSSPOSED/%29%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 26.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Ran...
jabber.fh-aachen.de XSS vulnerability
Vulnerable URL: https://jabber.fh-aachen.de:9091/webchat/email/offline-mail.jsp?workgroup=%22%3E%3Csvg/onload=prompt%28/XSSPOSED/%29%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 26.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Ran...
mankatomncoc.wliinc15.com Open Redirect vulnerability
Vulnerable URL: https://mankatomncoc.wliinc15.com/external/wcpages/referral.aspx?ReferralType=W=4816=108=11=0=http://xssposed.org Details: Description| Value ---|--- Patched:| Yes, at 25.07.2017 Latest check for patch:| 25.07.2017 12:37 GMT Vulnerability type:| Open Redirect Vulnerability status:...
UBUNTU-CVE-2015-1396
A Directory Traversal vulnerability exists in the GNU patch before 2.7.4. A remote attacker can write to arbitrary files via a symlink attack in a patch file. NOTE: this issue exists because of an incomplete fix for CVE-2015-1196...
GNU patch directory traversal vulnerability
The GNU Coreutils are the basic file, shell and text manipulation tools used by the GNU operating system. GNU patch suffers from a directory traversal vulnerability due to the program failing to properly handle file input. This allows an attacker to conduct a directory traversal attack to overwri...
Squid 3.3.5 - Denial of Service (PoC)
Squid 3.3.5 - Denial of Service PoC Squid Crash PoC Copyright C Kingcope 2013 tested against squid-3.3.5 this seems to be the patch for the vulnerability: http://www.squid-cache.org/Versions/v3/3.3/squid-3.3.8.patch The squid-cache service will respawn, looks like a kind of assert exception:...
AIX 5.3 TL 5 : perl (IZ10244)
A buffer overflow vulnerability exists in the 'perl.rte' fileset. A remote attacker may execute arbitrary code if a Perl script executing on the system is listening on a network port. If exploited the attacker can execute arbitrary code with the same privileges as the script. For more details...
AIX 5.3 TL 8 : iostat (IZ21506)
The iostat command contains an environment variable handling error. A local attacker may exploit this error to execute arbitrary code with root privileges because the command is setuid root. The following files are vulnerable : /usr/bin/iostat. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...
Yahoo Mail XSS Vulnerability Could Affect Millions of Accounts
Security researcher Shahin Ramezany developed an XSS proof-of-concept exploit that he claims puts some 400 million Yahoo Mail users at risk of having their accounts taken over. In a video posted on YouTube last night, Ramezanydemonstrated an exploit for what he claims is a document object...
GreenBrowser iframe Handling Double Free Vulnerability (Windows)
This host is installed with GreenBrowser and is prone to double free vulnerability. OpenVAS Vulnerability Test $Id: gbgreenbrowserdoublefreevulnwin.nasl 6022 2017-04-25 12:51:04Z teissa $ GreenBrowser iframe Handling Double Free Vulnerability Windows Authors: Rachana Shetty Copyright: Copyright c...
Every day buy UC_KEY not initialize the security risks and patch-vulnerability warning-the black bar safety net
Every day buy integrated ucenter one-stop login api,but UCkey not initialized will cause the attacker can log in to any account,or even operate the credit card information. Detailed description: $get = $post = array; $code = @$GET'code'; //get the token parsestrauthcode$code, 'DECODE', UCKEY, $ge...
PT-2011-5171 · Gnu +1 · Mailman +1
Name of the Vulnerable Software and Affected Versions: Mailman affected versions not specified Description: The issue is related to a cross-site scripting XSS vulnerability. This vulnerability allows remote attackers to inject arbitrary web script or HTML via the config parameter in the...
AIX 530012 : U841209
The remote host is missing AIX PTF U841209 which is related to the security of the package devices.iscsisw.rte You should install this PTF for your system to be up-to-date. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if ! definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc';...
AIX 610004 : U841466
The remote host is missing AIX PTF U841466 which is related to the security of the package bos.sysmgt.servaid You should install this PTF for your system to be up-to-date. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if ! definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc';...
Oracle database CREATE_CHANGE_SET the process of SQL injection vulnerabilities and patch-vulnerability warning-the black bar safety net
Vulnerability description: Oracle is a large commercial database system. Oracle database Change Data Capture components are provided in a DBMSCDCPUBLISH PL/SQL package, the package CREATECHANGESET process in the presence ofSQL injectionvulnerabilities. Malicious users can in a special parameter...
Fedora Update for openconnect FEDORA-2010-12253
Check for the Version of openconnect OpenVAS Vulnerability Test Fedora Update for openconnect FEDORA-2010-12253 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it und...
[security bulletin] HPSBMA02558 SSRT010158 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02290344 Version: 1 HPSBMA02558 SSRT010158 rev.1 - HP OpenView Network Node Manager OV NNM, Remote Execution of Arbitrary Code NOTICE: The information in this Security Bulletin should be acted up...