19 matches found
XnView 1.99.1 JLS File Decompression Heap Overflow
No description provided by source. SUMMARY XnView Formats PlugIn is prone to an overflow condition. The JLS Plugin xjpegls.dll library fails to properly sanitize user-supplied input resulting in a heap-based buffer overflow. With a specially crafted JLS compressed image file, a context-dependent...
Hornbill Supportworks ITSM 1.0.0 - SQL Injection Vulnerability
No description provided by source. Summary SQL Injection Vulnerability in ITSM component of Hornbill Supportworks Application CVE number: CVE-2013-2594 Impact: High Vendor homepage: http://www.hornbill.com Vendor notified: 19/11/2012 Vendor response: This issue has reportedly been fixed but the...
hornbill supportworks SQL injection
Summary SQL Injection Vulnerability in ITSM component of Hornbill Supportworks Application CVE number: CVE-2013-2594 Impact: High Vendor homepage: http://www.hornbill.com Vendor notified: 19/11/2012 Vendor response: This issue has reportedly been fixed but the vendor refused to give version...
Hornbill Supportworks ITSM 1.0.0 - SQL Injection
Summary SQL Injection Vulnerability in ITSM component of Hornbill Supportworks Application CVE number: CVE-2013-2594 Impact: High Vendor homepage: http://www.hornbill.com Vendor notified: 19/11/2012 Vendor response: This issue has reportedly been fixed but the vendor refused to give version...
Hornbill Supportworks ITSM 1.0.0 SQL Injection
Summary SQL Injection Vulnerability in ITSM component of Hornbill Supportworks Application CVE number: CVE-2013-2594 Impact: High Vendor homepage: http://www.hornbill.com Vendor notified: 19/11/2012 Vendor response: This issue has reportedly been fixed but the vendor refused to give version...
Layton Helpbox 4.4.0 Stored Cross Site Scripting
Layton Helpbox 4.4.0 Embedded Cross-Site Scripting by Joseph Sheridan Summary Layton Technologies Helpbox product version 4.4.0 is vulnerable to an embedded cross-site scripting vulnerability. CVE number: CVE-2012-4972 Impact: Medium Vendor homepage: http://www.laytontechnology.com Vendor notifie...
Layton Helpbox 4.4.0 SQL Injection
Layton Helpbox 4.4.0 Multiple SQL Injection Points by Joseph Sheridan Summary Layton Technologies Helpbox product version 4.4.0 is vulnerable to multiple SQL injection vulnerabilities. CVE number: CVE-2012-4971 Impact: High Vendor homepage: http://www.laytontechnology.com Vendor notified:...
Layton Helpbox 4.4.0 Authorization Bypass
Layton Helpbox 4.4.0 Authorisation Bypass Vulnerability by Joseph Sheridan Summary Layton Technologies Helpbox product version 4.4.0 is vulnerable to an authorisation bypass vulnerability. CVE number: CVE-2012-4975 Impact: Medium Vendor homepage: http://www.laytontechnology.com Vendor notified:...
Layton Helpbox 4.4.0 Login Bypass
Layton Helpbox 4.4.0 Login Bypass Vulnerability by Joseph Sheridan Summary Layton Technologies Helpbox product version 4.4.0 is vulnerable to a login bypass vulnerability. CVE number: CVE-2012-4974 Impact: High Vendor homepage: http://www.laytontechnology.com Vendor notified: 10/09/2012 Vendor...
Layton Helpbox 4.4.0 Cross Site Scripting
Layton Helpbox 4.4.0 Reflected Cross-Site Scripting by Joseph Sheridan Summary Layton Technologies Helpbox product version 4.4.0 is vulnerable to a reflected cross-site scripting vulnerability. CVE number: CVE-2012-4972 Impact: Medium Vendor homepage: http://www.laytontechnology.com Vendor...
XnView JLS File Decompression Heap Overflow
XnView JLS File Decompression Heap Overflow Summary XnView Formats PlugIn is prone to an overflow condition. The JLS Plugin xjpegls.dll library fails to properly sanitize user-supplied input resulting in a heap-based buffer overflow. With a specially crafted JLS compressed image file, a...
Toshiba ConfigFree CF7 File Stack Buffer Overflow (ProfileName)
/-------------------------------------------------------------------------------- | Toshiba ConfigFree CF7 File Stack Buffer Overflow ProfileName | --------------------------------------------------------------------------------/ Summary ======= There is a stack buffer overflow vulnerability in t...
Toshiba ConfigFree CF7 File Stack Buffer Overflow (Comment Field
/----------------------------------------------------------------------------------- | Toshiba ConfigFree CF7 File Stack Buffer Overflow Comment Field | -----------------------------------------------------------------------------------/ Summary ======= There is a stack buffer overflow...
MF Gig Calendar Wordpress Plugin - Cross-Site Scripting
/--------------------------------------------------------- | MF Gig Calendar Wordpress Plugin - Cross-Site Scripting | ---------------------------------------------------------/ Summary ======= MF Gig Calendar 0.9.2 is subject to a cross-site scripting vulnerability. The value of a generic...
Microcart 1.0 Checkout Cross Site Scripting
Exploit for php platform in category web applications /-------------------------------------------------------------------\ | Microcart 1.0 Checkout Cross-Site Scripting Security Vulnerability | -------------------------------------------------------------------/ Summary ======= Microcart 1.0 is...
WordPress MF Gig Calendar 0.9.2 Cross Site Scripting
Exploit for php platform in category web applications /---------------------------------------------------------\ | MF Gig Calendar Wordpress Plugin - Cross-Site Scripting | ---------------------------------------------------------/ Summary ======= MF Gig Calendar 0.9.2 is subject to a cross-site...
WordPress MF Gig Calendar 0.9.2 Cross Site Scripting
/---------------------------------------------------------\ | MF Gig Calendar Wordpress Plugin - Cross-Site Scripting | ---------------------------------------------------------/ Summary ======= MF Gig Calendar 0.9.2 is subject to a cross-site scripting vulnerability. The value of a generic...
Wordpress Download Monitor 3.3.5.7 Cross Site Scripting
/-----------------------------------------------------------------\ | Wordpress Download Monitor - Download Page Cross-Site Scripting | -----------------------------------------------------------------/ Summary ======= Wordpress Download Monitor 3.3.5.7 is subject to a cross-site scripting...
Group-Office Calendar 4.0.88 SQL Injection Vulnerability
Exploit for php platform in category web applications /-------------------------------------\ | Group-Office Calendar SQL Injection | -------------------------------------/ Summary ======= Versions of Group-Office a web app for online collaboration prior to 4.0.90 are subject to a SQL injection...