15 matches found
ASB-A-246301995
In onActivityResult of AvatarPickerActivity.java, there is a possible way to access images belonging to other users due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
vBulletin 4.0.8 PL1 XSS Filter Bypass within Profile Customization
No description provided by source. Exploit Title: vBulletin 4.0.8 PL1 - XSS Filter Bypass within Profile Customization Google Dork: Powered by vBulletin Version 4.0.8 -vBulletin.com is now powered by Date: 20th November 2010 Author: MaXe Software Link: Commercial software. Version: 4.0.8 PL1...
vBulletin 4.0.8 PL1 - XSS Filter Bypass within Profile Customization
vBulletin - XSS Filter Bypass within Profile Customization Versions Affected: 4.0.8 PL1 3.8. is not vulnerable. Info: Content publishing, search, security, and more - vBulletin has it all. Whether it's available features, support, or ease-of-use, vBulletin offers the most for your money. Learn mo...
vBulletin 4.0.8 PL1 Cross Site Scripting Filter Bypass
vBulletin - XSS Filter Bypass within Profile Customization Versions Affected: 4.0.8 PL1 3.8. is not vulnerable. Info: Content publishing, search, security, and more - vBulletin has it all. Whether it's available features, support, or ease-of-use, vBulletin offers the most for your money. Learn mo...
vBulletin 4.0.8 PL1 XSS Filter Bypass within Profile Customization
Exploit for php platform in category web applications ================================================================== vBulletin 4.0.8 PL1 XSS Filter Bypass within Profile Customization ================================================================== Exploit Title: vBulletin 4.0.8 PL1 - XSS...
vBulletin 4.0.8 PL1 - Cross-Site Scripting Filter Bypass within Profile Customization
vBulletin 4.0.8 PL1 - Cross-Site Scripting Filter Bypass within Profile Customization Exploit Title: vBulletin 4.0.8 PL1 - XSS Filter Bypass within Profile Customization Google Dork: "Powered by vBulletin Version 4.0.8" -"vBulletin.com is now powered by" Date: 20th November 2010 Author: MaXe...
vBulletin 4.0.8 PL1 - Cross-Site Scripting Filter Bypass within Profile Customization
Exploit Title: vBulletin 4.0.8 PL1 - XSS Filter Bypass within Profile Customization Google Dork: "Powered by vBulletin Version 4.0.8" -"vBulletin.com is now powered by" Date: 20th November 2010 Author: MaXe Software Link: Commercial software. Version: 4.0.8 PL1 Screenshot: See attachment. Tested...
vBulletin 4.0.8 - Persistent XSS via Profile Customization
vBulletin - Persistent Cross Site Scripting via Profile Customization Versions Affected: 4.0.8 3.8. is not vulnerable. Info: Content publishing, search, security, and more— vBulletin has it all. Whether it’s available features, support, or ease-of-use, vBulletin offers the most for your money...
vBulletin Profile Customization功能HTML注入漏洞
BUGTRAQ ID: 44873 vBulletin是一款开放源代码的PHP论坛程序。 vBulletin的Profile Customization功能中存在持续性跨站脚本漏洞。在配置文件的自定义字段,可以输入颜色代码、rgb代码和图形。由于url函数没有正确的过滤用户输入,导致vBulletin受跨站脚本攻击的影响。 VBulletin 4.0.8 厂商补丁: VBulletin --------- 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: http://www.vbulletin.com/ url/scriptimg...
vBulletin 4.0.8 - Persistent XSS via Profile Customization
Exploit for php platform in category web applications ========================================================== vBulletin 4.0.8 - Persistent XSS via Profile Customization ========================================================== Body: vBulletin - Persistent Cross Site Scripting via Profile...
vBulletin 4.0.8 - Persistent XSS via Profile Customization
No description provided by source. Title: vBulletin 4.0.8 - Persistent XSS via Profile Customization Body: vBulletin - Persistent Cross Site Scripting via Profile Customization Versions Affected: 4.0.8 3.8. is not vulnerable. Info: Content publishing, search, security, and more— vBulletin has i...
vBulletin 4.0.8 - Persistent Cross-Site Scripting via Profile Customization
vBulletin 4.0.8 - Persistent Cross-Site Scripting via Profile Customization Title: vBulletin 4.0.8 - Persistent XSS via Profile Customization Body: vBulletin - Persistent Cross Site Scripting via Profile Customization Versions Affected: 4.0.8 3.8. is not vulnerable. Info: Content publishing,...
vBulletin 4.0.8 - Persistent Cross-Site Scripting via Profile Customization
Title: vBulletin 4.0.8 - Persistent XSS via Profile Customization Body: vBulletin - Persistent Cross Site Scripting via Profile Customization Versions Affected: 4.0.8 3.8. is not vulnerable. Info: Content publishing, search, security, and more— vBulletin has it all. Whether it’s available...
vBulletin 4.0.8 Cross Site Scripting
vBulletin - Persistent Cross Site Scripting via Profile Customization Versions Affected: 4.0.8 3.8. is not vulnerable. Info: Content publishing, search, security, and more vBulletin has it all. Whether its available features, support, or ease-of-use, vBulletin offers the most for your money...
2daybiz Network Community Script SQL Injection / XSS Vulnerability
Exploit for php platform in category web applications ================================================================== 2daybiz Network Community Script SQL Injection / XSS Vulnerability ==================================================================...