36 matches found
Mozilla Firefox Denial of Service Vulnerability (CNVD-2020-01142)
Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A denial of service vulnerability exists in Mozilla Firefox. It allows attackers to send specially constructed URLs that crash/hang a remote user's browser...
Mozilla Firefox Denial Of Service
Exploit Title: Mozilla Firefox 72 Denial of Service Date: 2/1/20 Exploit Author: Social Engineering Neo - @EngineeringNeo Vendor Homepage: https://mozilla.org Software Link: https://firefox.com Version: 71.0 and below Tested on: Firefox 68.0, 69.0, 70.0, 71.0 Mozilla Firefox 72 Denial of Service ...
Tips for Successful Zero-Trust Implementation
The zero-trust concept is often and pithily summarized as “trust no one, verify everything.” No enterprise can stave off the myriad of cyberthreats as long as they assume that any individual element can be trusted as secure. No traffic, whether internal or external, can automatically be deemed...
i5KgPODid4AYSjd
A Remote Browser's Agent XSS is a piece of software that allows a remote "operator" to control a browser as if he has physical access to that system. While desktop sharing and remote administration have many legal uses, "XSS" software is usually associated with criminal or malicious activity...
NetIQ Access Manager Administration Console Cross-Site Scripting Vulnerability
NetIQ Access Manager NAM is a resource access control solution from NetIQ Corporation. The solution provides multiple authentication, data encryption, single sign-on and SSL VPN for local and remote users.Administration Console is one of the administration console programs. A cross-site scripting...
Selenium Server Unauthorized Access Vulnerability
Selenium is a tool for web application testing.Selenium tests run directly in the browser, just as a real user would do. Supported browsers include IE 7, 8, 9, 10, 11, Mozilla Firefox, Safari. Google Chrome, Opera, etc. An unauthorized access vulnerability exists in Selenium Server. A malicious...
Selenium Server 未授权访问漏洞
1.开篇 不知道大家在平日工作中有没有遇到过一些端口,使用浏览器打开是下面这样子的: 上图中我找了几个在不同端口下的例子。 2.Selenium-开源的自动化测试利器 本篇主要的主角-Selenium究竟是什么呢?有过QA经验或安全自动化测试经验的朋友应该知道,以下文字来自百度百科:Selenium1 是一个用于Web应用程序测试的工具。Selenium测试直接运行在浏览器中,就像真正的用户在操作一样。支持的浏览器包括IE(7, 8, 9, 10, 11),Mozilla Firefox,Safari,Google Chrome,Opera等。支持自动录制动作和自动生成...
g6LJ13AJmUiI3LV
A Remote Browser's Agent XSS is a piece of software that allows a remote "operator" to control a browser as if he has physical access to that system. While desktop sharing and remote administration have many legal uses, "XSS" software is usually associated with criminal or malicious activity...
1dr3WheuN0QMcPU
A Remote Browser's Agent XSS is a piece of software that allows a remote "operator" to control a browser as if he has physical access to that system. While desktop sharing and remote administration have many legal uses, "XSS" software is usually associated with criminal or malicious activity...
CVE-2017-1278
IBM DOORS Next Generation DNG/RRC 4.0, 5.0 and 6.0 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 124756...
ultrascripts ultraboard 1.6 - Directory Traversal vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/1164/info UltraBoard 1.6 and possibly all 1.x versions is vulnerable to a directory traversal attack that will allow any remote browser to download any file that the webserver has read access to. On Windows instalations,...
ChillyCMS 1.1.3 - Multiple Vulnerabilities
ChillyCMS 1.1.3 - Multiple Vulnerabilities www.BugReport.ir AmnPardaz Security Research Team Title: chillyCMS Multiple Vulnerabilities Vendor: http://frozenpepper.de/ Vulnerable Version: 1.1.3 Latest version till now Exploitation: Remote with browser Fix: N/A - Description: chillyCMS is a Content...
Xerver HTTP Server 4.32 - Arbitrary Source Code Disclosure
Xerver HTTP Server v4.32 Remote Arbitrary Source Code Disclosure Found By: DrIDE Download: http://www.javascript.nu/xerver Tested On: Windows XPSP3 - Description - Xerver v4.32 is a Windows based HTTP server. This is the latest version of the application available. Xerver v4.32 is vulnerable to...
OneCMS 2.4 Remote SQL Injection / Upload Vulnerabilities
No description provided by source. WwW.BugReport.ir AmnPardaz Security Research Team Title: OneCMS Vulnerabilities Vendor: http://www.insanevisions.com Bugs: SQL Injection Authentication bypass , Arbitrary file upload! Vulnerable Version: 2.4 prior versions also may be affected Exploitation: Remo...
Mozilla Firefox < 1.5.0.1 Multiple Vulnerabilities
Binary data 3405.prm...
ultrascripts ultraboard 1.6 - Directory Traversal
source: https://www.securityfocus.com/bid/1164/info UltraBoard 1.6 and possibly all 1.x versions is vulnerable to a directory traversal attack that will allow any remote browser to download any file that the webserver has read access to. On Windows instalations, the file must reside on the same...