EUVD-2010-3656

Malware in sbrugna...

The vulnerability of the tarHandler component in the Grub2 operating system’s downloader allows a hacker to bypass the secure download mechanism.

The vulnerability of the tarHandler component in the Grub2 operating system’s loader involves writing beyond the buffer boundaries. Exploiting this vulnerability could allow an attacker to bypass the secure loading mechanism...

The vulnerability of the U-Boot network media player Chromecast’s downloader allows a hacker to bypass the secure download mechanism.

The vulnerability of the U-Boot network media player Chromecast relates to the execution of operations beyond the buffer in memory. Exploiting this vulnerability could allow a malicious actor to bypass the secure download mechanism...

CVE-2024-38519

CVE-2024-38519 affects yt-dlp and youtube-dl: prior to fixes, the tools do not limit downloaded file extensions, enabling potential creation of arbitrary filenames and path traversal on Windows, with risk of arbitrary code execution due to config/files being read from the working directory. The i...

CVE-2010-3668

TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows Header Injection in the secure download feature jumpurl...

CVE-2010-3668

TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows Header Injection in the secure download feature jumpurl...

CVE-2010-3668

TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows Header Injection in the secure download feature jumpurl...

CVE-2010-3668

TYPO3 core vulnerability CVE-2010-3668: header injection in the secure download feature (jumpurl) affects TYPO3 releases 4.0?–4.1.x up to 4.1.14, 4.2.x up to 4.2.13, 4.3.x up to 4.3.4 and 4.4.x up to 4.4.1. Root cause: improper handling of user input in jumpurl leads to header injection. Impact: ...

Secure Download Links SQL Injection

Exploit Title: Secure Download Links - SQL Injection Google Dork: N/A Date: 19.03.2017 Vendor Homepage: http://sixthlife.net/ Software: http://sixthlife.net/product/secure-download-links/ Demo: http://www.satyamtechnologies.net/secdown/example.php Version: N/A Tested on: Win7 x64, Kali Linux x64...

Secure Download Links - dc Parameter SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Secure Download Links - SQL Injection Google Dork: N/A Date: 19.03.2017 Vendor Homepage: http://sixthlife.net/ Software: http://sixthlife.net/product/secure-download-links/ Demo:...

Secure Download Links - 'dc' SQL Injection

Exploit Title: Secure Download Links - SQL Injection Google Dork: N/A Date: 19.03.2017 Vendor Homepage: http://sixthlife.net/ Software: http://sixthlife.net/product/secure-download-links/ Demo: http://www.satyamtechnologies.net/secdown/example.php Version: N/A Tested on: Win7 x64, Kali Linux x64...

Unspecified Cross-Site Scripting Vulnerability in TYPO3 Secure Download Form Extension

TYPO3 is a free and open source content management system maintained by the Swiss TYPO3 Association. An unspecified cross-site scripting vulnerability exists in TYPO3 Secure Download Form Extension. An attacker can exploit this vulnerability to execute arbitrary script code in an unsuspecting...

Fedora 19 : python-virtualenv-1.9.1-1.fc19 (2013-8166)

Fixes two security issues with the bundled copy of pip : - Insecure tempdir usage CVE-2013-1888 - Uses http:// to download packages instead of https:// See changelog at: http://pypi.python.org/pypi/virtualenvid2 Multiple bugfixes. See http://pypi.python.org/pypi/virtualenv/1.7.1.2 for...

securedownload-xsscm.txt

--------------------------------------------------------- Portal Name: Secure Download Version : Alpha 0.2.1 Vendor : http://relative.nl/projects.php?subMnuItem=2 Author : PouyaServer , [email protected] Vulnerability : XSS,CM --------------------------------------------------------- XSS:...