2 matches found
Ajax File And Image Manager 1.1 Code Execution
----------------------------------------------------------- PT-2013-41 Positive Technologies Security Advisory Arbitrary Code Execution in Ajax File and Image Manager ----------------------------------------------------------- --- Vulnerable software Ajax File and Image Manager Version: 1.1 and...
PT-2013-63: Hash Length Extension in HTMLPurifier
The specialists of the Positive Research center have detected a vulnerability in HTMLPurifier that allows attackers to carry out a "Hash Length Extension" attack.. Class HTMLPurifierURIFilterMunge implements a URI filter that replaces all links with a formatted URL, for example, it can be used to...