613 matches found
Fedora 17 : moodle-2.2.3-1.fc17 (2012-8284)
CVE-2012-2353 MSA-12-0024: Hidden information access issue CVE-2012-2354 MSA-12-0025: Personal communication access issue CVE-2012-2355 MSA-12-0026: Quiz capability issue CVE-2012-2356 MSA-12-0027: Question bank capability issues CVE-2012-2357 MSA-12-0028: Insecure authentication issue...
OSQA vulnerable to cross-site scripting
Overview OSQA The Open Source Q system contains a cross-site scripting vulnerability. OSQA is an open source question and answer system. OSQA contains a cross-site scripting vulnerability. Kousuke Ebihara reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Informati...
CVE-2012-1464
Dashboard Server for NetMechanica NetDecision before 4.6.1 allows remote attackers to obtain the installation path via a request with a trailing "?" character, which causes Dashboard to attempt to access a non-existent resource. NOTE: some of these details are obtained from third party informatio...
Miley Cyrus Needs A Lecture on Cyber Security
Miley Cyrus Needs A Lecture on Cyber Security The man, who is currently facing up to 121 years behind bars, has been charged with 26 counts of identity theft, wire-tapping and unauthorised access to protected computer.Chaney, who has been in contact with TMZ for the last two years, has contacted...
CVE-2011-0051
Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, does not properly handle certain recursive eval calls, which makes it easier for remote attackers to force a user to respond positively to a dialog question, as demonstrated by a question about granting privileges...
CVE-2011-0051
Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, does not properly handle certain recursive eval calls, which makes it easier for remote attackers to force a user to respond positively to a dialog question, as demonstrated by a question about granting privileges...
CVE-2011-0051
Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, does not properly handle certain recursive eval calls, which makes it easier for remote attackers to force a user to respond positively to a dialog question, as demonstrated by a question about granting privileges...
Question And Answer Forum 1.2.4 Cross Site Scripting
Vulnerability ID: HTB22861 Reference: http://www.htbridge.ch/advisory/xssinquestionandanswerforumwordpressplugin.html Product: Question and Answer Forum wordpress plugin Vendor: David Woodford hhttp://trevorpythag.co.uk Vulnerable Version: 1.2.4 Vendor Notification: 15 February 2011 Vulnerability...
Cross-site Scripting (XSS) Vulnerability in Question and Answer Forum
High-Tech Bridge SA Security Research Lab has discovered vulnerability in Question and Answer Forum WordPress plugin which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in Question and Answer Forum The vulnerability exists due to input...
CVE-2010-4213
The Bank of America application 2.12 for Android stores a security question's answer in cleartext, which might allow physically proximate attackers to obtain sensitive information by reading application data...
Security feature bypass
The Bank of America application 2.12 for Android stores a security question's answer in cleartext, which might allow physically proximate attackers to obtain sensitive information by reading application data...
CVE-2010-4213
The Bank of America application 2.12 for Android stores a security question's answer in cleartext, which might allow physically proximate attackers to obtain sensitive information by reading application data...
Windows MessageBox
Spawns a dialog via MessageBox using a customizable title, text & icon This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 231 include Msf::Payload::Windows include Msf::Payload::Singl...
Cross site scripting
Cross-site scripting XSS vulnerability in the twbkwbis.PSecurityQuestion aka Change Security Question page in SunGard Banner Student System 7.4 allows remote attackers to inject arbitrary web script or HTML via the New Question field...
oask question Answering System v2. 0 0day-vulnerability warning-the black bar safety net
Post a oask question and answer system 0day latest version http://127.0.0.1/admin/index.asp The background configuration file, in the Administrator's mailbox of written word a"%%eval request"a"'...
CVE-2010-0614
SQL injection vulnerability in ajax.php in evalSMSI 2.1.03 allows remote attackers to execute arbitrary SQL commands via the query parameter in the 1 question action, and possibly the 2 subpar or 3 numquest actions...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in staff/index.php in Kayako SupportSuite 3.60.04 and earlier allow remote authenticated users to inject arbitrary web script or HTML via the 1 subject parameter and 2 contents parameter aka body in an insertquestion action. NOTE: some of these...
CVE-2008-7171
Multiple cross-site scripting XSS vulnerabilities in Lightweight news portal LNP 1.0b allow remote attackers to inject arbitrary web script or HTML via the 1 photo parameter to showphoto.php, 2 potd parameter to showpotd.php, or 3 the Current question field in a vote action to admin.php...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Lightweight news portal LNP 1.0b allow remote attackers to inject arbitrary web script or HTML via the 1 photo parameter to showphoto.php, 2 potd parameter to showpotd.php, or 3 the Current question field in a vote action to admin.php...
CVE-2008-7171
Multiple cross-site scripting XSS vulnerabilities in Lightweight news portal LNP 1.0b allow remote attackers to inject arbitrary web script or HTML via the 1 photo parameter to showphoto.php, 2 potd parameter to showpotd.php, or 3 the Current question field in a vote action to admin.php...