8 matches found
CVE-2026-4217
A security vulnerability has been detected in XREAL Nebula App up to 3.2.1 on Android. This impacts an unknown function of the file in ai/nreal/nebula/flutterPlugin/CloudStoragePlugin.java of the component ai.nreal.nebula.universal. Such manipulation of the argument...
XREAL Nebula App 安全漏洞
The XREAL Nebula App is an application designed for XREAL’s augmented reality devices. Versions of the XREAL Nebula App 3.2.1 and earlier contained security vulnerabilities. These vulnerabilities stemmed from improper handling of parameters such as accessKey, secretAccessKey, and securityToken in...
Microsoft Exchange ‘ProxyToken’ Bug Allows Email Snooping
A serious security vulnerability in Microsoft Exchange Server that researchers have dubbed ProxyToken could allow an unauthenticated attacker to access and steal emails from a target’s mailbox. Microsoft Exchange uses two websites; one, the front end, is what users connect to in order to access...
vBulletin 5.1.x - Persistent Cross-Site Scripting
Title: vBulletin 5.1.X - Cross Site Scripting Date: 05.09.14 Version: = 5.1.2 Latest ATM Vendor: vbulletin.com Contact: smash at devilteam.pl 1 Agenda Latest vBulletin forum software suffers on persistent cross site scripting vulnerability, which most likely can be used against every user, such a...
vBulletin 5.1.x - Persistent Cross-Site Scripting
vBulletin 5.1.x - Persistent Cross-Site Scripting Title: vBulletin 5.1.X - Cross Site Scripting Date: 05.09.14 Version: = 5.1.2 Latest ATM Vendor: vbulletin.com Contact: smash at devilteam.pl 1 Agenda Latest vBulletin forum software suffers on persistent cross site scripting vulnerability, which...
vBulletin 4.0.x < 4.1.2 - 'search.php?cat' SQL Injection
vBulletin 4.0.x = 4.1.2 AUTOMATIC SQL Injection exploit Author: D35m0nd142, Google Dork: inurl:search.php?searchtype=1 Date: 02/09/2014 Vendor Homepage: http://www.vbulletin.com/ Tested on: vBulletin 4.1.2 Usage: perl exploit.pl Tutorial video: https://www.youtube.com/watch?v=jec3nkoYFc...
EggAvatar for vBulletin 3.8.x - SQL Injection
!/usr/bin/env perl use LWP::UserAgent; sub banner print "\n"; print " DSecurity \n"; print "\n"; print " Email:dsecurity.vnatgmail.com \n"; print "\n"; if@ARGVnew; $ua-agent"DSecurity"; $ua-cookiejar; sub login@ my $username=shift; my $password=shift; my $req = HTTP::Request-newPOST =...
vBulletin 3.7.3 Visitor Message XSS/XSRF + worm Exploit
No description provided by source. / ----------------------------- Author = Mx Title = vBulletin 3.7.3 Visitor Messages XSS/XSRF + worm Software = vBulletin Addon = Visitor Messages Version = 3.7.3 Attack = XSS/XSRF - Description = A critical vulnerability exists in the new vBulletin 3.7.3 softwa...