CVE-2010-4091

The EScript.api plugin in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.1, and 8.x before 8.2.6 on Windows and Mac OS X allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted PDF document that triggers memory corruption,...

firefox/thunderbird/seamonkey: crashes with evidence of memory corruption (MFSA 2010-11)

The browser engine in Mozilla Firefox 3.0.x before 3.0.18, 3.5.x before 3.5.8, and 3.6.x before 3.6.2; Thunderbird before 3.0.2; and SeaMonkey before 2.0.3 allows remote attackers to cause a denial of service memory corruption and application crash and possibly execute arbitrary code via vectors...

PHP and ASP upload vulnerability exploit-vulnerability warning-the black bar safety net

1 pass exploit the principles just for the form format of the upload of asp and php scripts ncnetcat For the submission packet the dos interface to run under: nc-vv www.. com 8 01.txt -vv: echo 8 0: the www port 1.txt: is your data packet to be transmitted use of more methods, please check this...

CVE-2008-7216

Peter's Math Anti-Spam Spinoff plugin for WordPress generates audio CAPTCHA clips by concatenating static audio files without any additional distortion, which allows remote attackers to bypass CAPTCHA protection by reading certain bytes from the generated clip...

CVE-2008-7216

Peter's Math Anti-Spam Spinoff plugin for WordPress generates audio CAPTCHA clips by concatenating static audio files without any additional distortion, which allows remote attackers to bypass CAPTCHA protection by reading certain bytes from the generated clip...

WordPress Plugin WP-Syntax 0.9.1 - Remote Command Execution

============================================================ Wordpress Plugin WP-Syntax Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 0 -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-1 + Discovered By : Inj3ct0r + Site : Inj3ct0r.com +...

Discuz! Underworld career plugin injection vulnerability-vulnerability warning-the black bar safety net

Plugin version: 2.2 2.5 Register a forum ID IE submit the following code blackband. php? mode=yule&action=enjoy&id=2 and 1=2 union select 1,0x2D312C67726F757069643D312C61646d696e69643d31,3,4/ Promoted to administrator discuz7. 0. 0 background to give webshell method If it is discuz6. 0 the...

Java WebStart allows hidden code privilege escalation

Java Web Start JWS and Java Plug-in with Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.218 and earlier allows remote attackers to make unauthorized network connections and hijack HTTP sessions via a crafted file that validates as both a GIF an...

XStandard Lite Plugin for Joomla! X_CMS_LIBRARY_PATH Header Directory Traversal

The version of Joomla! running on the remote host is distributed with a WYSIWYG editor plugin known as XStandard Lite. This plugin is affected by an information disclosure vulnerability in the attachmentlibrary.php script due to improper sanitization of user-supplied input to the XCMSLIBRARYPATH...

wpforum-sql.txt

remote sql injection exploit -::DESCRIPTION== WordPress forum plugin by Fredrik Fahlstad. Version: 1.7.4. exploit: 1+union+select+null,concatuserlogin,0x2f,userpass,0x2f,useremail,null,null,null,null,null+from+wpusers where id=1/ wptbvusers google: Fredrik Fahlstad. Version: 1.7.4. author websec...

CVE-2007-5229

Cross-site request forgery CSRF vulnerability in the FeedBurner FeedSmith 2.2 plugin for WordPress allows remote attackers to change settings and hijack blog feeds via a request to wp-admin/options-general.php that submits parameter values to FeedBurnerFeedSmithPlugin.php, as demonstrated by the ...

security flaw

Multiple cross-site scripting XSS vulnerabilities in Adobe Acrobat Reader Plugin before 8.0.0, and possibly the plugin distributed with Adobe Reader 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2, for Mozilla Firefox, Microsoft Internet Explorer 6 SP1, Google Chrome, Opera 8.5.4 build 770...

Mozilla Foundation Security Advisory 2006-68

Mozilla Foundation Security Advisory 2006-68 Title: Crashes with evidence of memory corruption rv:1.8.0.9/1.8.1.1 Impact: Critical Announced: December 19, 2006 Reporter: Mozilla Developers Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 2.0.0.1 Firefox 1.5.0.9 Thunderbird 1.5.0.9...

Joomla! Plugin JD-WordPress 2.0-1.0 RC2 - 'wp-comments-post.php' Remote File Inclusion

source: https://www.securityfocus.com/bid/19209/info JD-WordPress for Joomla is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these issues to include arbitrary remote files containing malicious PHP code and...

CVE-2005-3591

Macromedia Flash plugin 1 Flash.ocx 7.0.19.0 Windows and earlier and 2 libflashplayer.so before 7.0.25.0 Unix allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via parameters to the ActionDefineFunction ActionScript call in a SWF file, which causes an...

OS2A-1001.txt

OS2A ePing Arbitrary File Creation/Command Execution Vulnerability OS2A ID: OS2A1001 Status Published: 08/04/2005 Updated : 08/05/2005 Patch Released Class: File Creation/Command Execution Severity: CRITICAL Overview: ePing is a ping utility plugin for e107, a PHP-based content management system...