134 matches found
NRSS Reader 0.3.9 - Local Stack Overflow
NRSS Reader 0.3.9 - Local Stack Overflow Exploit developed using Exploit Pack v5.4 Exploit Author: Juan Sacco - http://www.exploitpack.com - [email protected] Program affected: NRSS RSS Reader Version: 0.3.9-1 Tested and developed under: Kali Linux 2.0 x86 - https://www.kali.org Program...
Palabre Feedly RSS Reader News - Customized SSL, Dangerous filesystem permissions, Exported ContentProvider vulnerabilities
HackApp vulnerability scanner discovered that application Palabre Feedly RSS Reader News published at the 'play' market has multiple vulnerabilities...
RSS Reader - Dynamic Code Loading, Exported ContentProvider, Exported components vulnerabilities
HackApp vulnerability scanner discovered that application RSS Reader published at the 'play' market has multiple vulnerabilities...
Cybozu Garoon RSS Reader Component Code Injection Vulnerability
Cybozu Garoon is a portal OA office system from Cybozu Japan, and RSS Reader is one of the RSS reader components. A security vulnerability exists in the Cybozu Garoon RSS Reader component. The vulnerability can be exploited by remote attackers to execute arbitrary PHP code...
CVE-2015-5647
The RSS Reader component in Cybozu Garoon 3.x through 3.7.5 and 4.x through 4.0.3 allows remote authenticated users to execute arbitrary PHP code via unspecified vectors, aka CyVDB-866...
Code injection
The RSS Reader component in Cybozu Garoon 3.x through 3.7.5 and 4.x through 4.0.3 allows remote authenticated users to execute arbitrary PHP code via unspecified vectors, aka CyVDB-866...
CVE-2015-5647
The CVE-2015-5647 entry concerns Cybozu Garoon’s RSS Reader component, which (in Cybozu Garoon 3.x up to 3.7.5 and 4.x up to 4.0.3) is vulnerable to remote authenticated PHP code execution via unspecified vectors (CyVDB-866). The connected records confirm this is a code-injection vulnerability af...
CVE-2015-5647
The RSS Reader component in Cybozu Garoon 3.x through 3.7.5 and 4.x through 4.0.3 allows remote authenticated users to execute arbitrary PHP code via unspecified vectors, aka CyVDB-866...
Multiple PHP code execution vulnerabilitles in Cybozu Garoon
Overview Cybozu Garoon is a groupware. Cybozu Garoon contains multiple PHP code execution vulnerabilities. CyVDB-863 Cybozu Garoon allows remote authenticated users to execute arbitrary PHP code, CyVDB-867 Cybozu Garoon allows remote authenticated users to execute arbitrary PHP code CVE-2015-5646...
Feedly and Evernote Hit by DDoS Attacks, Extortion Demands
Yesterday, the most popular RSS reader Feedly was down as a result of a large scale distributed-denial-of service DDoS attack carried by the cybercriminals to extort money. On Wednesday, the Feedly was temporarily unavailable for its users. Feedly posted details of the attack at 5:00 AM ET on its...
PHP RSS Reader 2010 - SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: PHP RSS READER 2010 SQLI Google Dork: Copyright 2010 - Powered By - PHP RSS Reader Date: 28/10/2013 Exploit Author: rDNix Vendor Homepage: http://www.phprssreader.com/ Version: 2010 Exploit :-...
PHP RSS Reader 2010 - SQL Injection
PHP RSS Reader 2010 - SQL Injection Exploit Title: PHP RSS READER 2010 SQLI Google Dork: Copyright 2010 - Powered By - PHP RSS Reader Date: 28/10/2013 Exploit Author: rDNix Vendor Homepage: http://www.phprssreader.com/ Version: 2010 Exploit :-...
PHP RSS Reader 2010 - SQL Injection
Exploit Title: PHP RSS READER 2010 SQLI Google Dork: Copyright 2010 - Powered By - PHP RSS Reader Date: 28/10/2013 Exploit Author: rDNix Vendor Homepage: http://www.phprssreader.com/ Version: 2010 Exploit :-...
CVE-2012-6453
Cross-site scripting XSS vulnerability in the RSS Reader extension before 0.2.6 for MediaWiki allows remote attackers to inject arbitrary web script or HTML via a crafted feed...
Cross site scripting
Cross-site scripting XSS vulnerability in the RSS Reader extension before 0.2.6 for MediaWiki allows remote attackers to inject arbitrary web script or HTML via a crafted feed...
CVE-2012-6453
Cross-site scripting XSS vulnerability in the RSS Reader extension before 0.2.6 for MediaWiki allows remote attackers to inject arbitrary web script or HTML via a crafted feed...
CVE-2012-6453
CVE-2012-6453 affects the RSS Reader extension for MediaWiki prior to version 0.2.6. The vulnerability arises from improper escaping in feed content, allowing remote attackers to inject arbitrary JavaScript/HTML into MediaWiki pages via a crafted feed. Several connected sources (Debian/DSA-2596-1...
CVE-2012-6453
Cross-site scripting XSS vulnerability in the RSS Reader extension before 0.2.6 for MediaWiki allows remote attackers to inject arbitrary web script or HTML via a crafted feed...
JVN#65869891: glucose 2 vulnerable to arbitrary script execution
glucose 2 is an RSS reader. glucose 2 is vulnerable to arbitrary script execution which is inserted in RSS feed, due to the improper processing of RSS feed output. Impact An arbitrary script may be executed on the vulnerable system. Solution Update the software Update to the latest version...
Iwate Portal Bar vulnerable to arbitrary script execution
Overview Iwate Portal Bar is vulnerable to arbitrary script execution. Iwate Portal Bar is an add-on to Internet Explorer that adds a toolbar and provides multiple functions. The RSS/Atom feed reader function in Iwate Portal Bar is vulnerable to arbitrary script execution due to the improper...