CVE-2024-37901

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Any user with edit right on any page can perform arbitrary remote code execution by adding instances of XWiki.SearchSuggestConfig and XWiki.SearchSuggestSourceClass to their user profile or an...

Fairly serious vulnerability in vBulletin 2.2.0

This is my first report to bugtraq, I hope this is useful. This has been tested on vBulletin version 2.2.0. The vendor is CC'd on this message. I would imagine this applies to many products, not just the vbulletin, which I would like to say is more secure than most. ------------ The Exploit:...

nt4.trojaned.profiles.txt

Date: Wed, 28 Apr 1999 20:36:58 +0100 From: Mnemonix To: [email protected] Subject: NT Security Advisory: Domain user to Domain Admin - Profiles and the Registry Problem : NT users can cause other users of the system to load a "trojaned" profile that could lead to a system...