49 matches found
Oracle GlassFish Server - REST Cross-Site Request Forgery
Details Vendor Site: Oracle www.oracle.com Date: April, 19th 2012 – CVE 2012-0550 Affected Software: Oracle GlassFish Server 3.1.1 build 12 Researcher: Roberto Suggi Liverani PDF version: http://www.security-assessment.com/files/documents/advisory/OracleGlassFishServerRESTCSRF.pdf Description...
Opera 11.51 - Use-After-Free Crash (PoC)
Opera 11.51 - Use-After-Free Crash PoC Exploit Title: Opera Use After Free - Crash PoC Date: 20 October 2011 Author: Roberto Suggi Liverani Software Link: www.opera.com Version: 11.51 and previous versions Tested on: Windows XP and Windows 7 CVE : n/a Link:...
Oracle WebLogic - POST Session Fixation
Name Oracle WebLogic – Session Fixation Via HTTP POST Request Vendor Website http://www.oracle.com/ Date Released 11 March 2011 – CVE-2010-4437 Affected Software Oracle WebLogic Server 9.0, 9.1, 9.2.4, 10.0.2, 10.3.2, 10.3.3 Researcher Roberto Suggi Liverani Description Oracle WebLogic servlet...
Mozilla Foundation Security Advisory 2011-08
Mozilla Foundation Security Advisory 2011-08 Title: ParanoidFragmentSink allows javascript: URLs in chrome documents Impact: Moderate Announced: March 1, 2011 Reporter: Roberto Suggi Liverani Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 3.6.14 Firefox 3.5.17 Thunderbird 3.1.8...
XSS vulnerability in Auto CMS
Vulnerability ID: HTB22564 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityinautocms.html Product: Auto CMS Vendor: Roberto Aleman http://ventics.com/autocms/ Vulnerable Version: 1.6 and Probably Prior Versions Vendor Notification: 09 August 2010 Vulnerability Type: XSS Cross Site...
Auto CMS 1.6 Cross Site Scripting
Vulnerability ID: HTB22564 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityinautocms.html Product: Auto CMS Vendor: Roberto Aleman http://ventics.com/autocms/ Vulnerable Version: 1.6 and Probably Prior Versions Vendor Notification: 09 August 2010 Vulnerability Type: XSS Cross Site...
Auto CMS 1.6 - autocms.php Cross-Site Scripting
Auto CMS 1.6 - autocms.php Cross-Site Scripting source: https://www.securityfocus.com/bid/42764/info Auto CMS is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script co...
Auto CMS 1.6 - 'autocms.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/42764/info Auto CMS is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...
CVE-2006-0693
CALimba (Roberto Butti) 0.99.2 beta and earlier has SQL injection in rb_auth.php. The login and password parameters are not sanitized before being used in a SQL query, enabling remote attackers to bypass authentication and execute arbitrary SQL commands. Root cause: unsanitized user inputs in the...