SOL17189 - Apache HTTP server vulnerability CVE-2008-0456

Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can...

mlb.mlb.com XSS vulnerability

Vulnerable URL: http://mlb.mlb.com/mlb/subscriptions/index.jsp?cid=qwe/a=0;alertString.fromCharCode88,83,83,80,79,83,69,68//=mlbMENU Details: Description| Value ---|--- Patched:| Yes, at 22.09.2015 Latest check for patch:| 22.09.2015 01:29 GMT Vulnerability type:| XSS Vulnerability status:|...

[SECURITY] Fedora 20 Update: subscription-manager-1.13.6-1.fc20

The Subscription Manager package provides programs and libraries to allow u sers to manage subscriptions and yum repositories from the Red Hat entitlement platform...

(RHSA-2014:0831) Low: Red Hat Developer Toolset Version 1 Retirement Notice

In accordance with the Red Hat Developer Toolset Life Cycle policy, the Red Hat Developer Toolset Version 1 offering was retired on June 30, 2014, and support is no longer provided. Accordingly, Red Hat will no longer provide updated packages, including Critical impact security patches or urgent...

PhpHostBot <= 1.06 (svr_rootscript) Remote File Inclusion Vulnerability

No description provided by source. \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV83$2007 ----------------------------------------------------------------------------------------- ECHOADV83$2007 PhpHostBot = 1.06 svrrootscript Remote File Inclusion...

vBulletin Advanced User Tagging Mod - Stored XSS Vulnerability

No description provided by source. Exploit Title: Advanced User Tagging vBulletin - Stored XSS Vulnerability Google Dork: intext:usertagpro Date: 10.07.2013 Exploit Author: 0iZy5 Vendor Homepage: www.backtrack-linux.ro Software Link:...

AST-2014-008: Denial of Service in PJSIP Channel Driver Subscriptions

Asterisk Project Security Advisory - AST-2014-008 Product Asterisk Summary Denial of Service in PJSIP Channel Driver Subscriptions Nature of Advisory Denial of Service Susceptibility Remote authenticated sessions Severity Moderate Exploits Known No Reported On 28 May, 2014 Reported By Mark...

CVE-2013-1648

The Subscriptions feature in Open-Xchange Server before 6.20.7 rev14, 6.22.0 before rev13, and 6.22.1 before rev14 does not properly validate the publication-source URL, which allows remote authenticated users to trigger arbitrary outbound TCP traffic via a crafted Source field, as demonstrated b...

Design/Logic Flaw

The Subscriptions feature in Open-Xchange Server before 6.20.7 rev14, 6.22.0 before rev13, and 6.22.1 before rev14 does not properly validate the publication-source URL, which allows remote authenticated users to trigger arbitrary outbound TCP traffic via a crafted Source field, as demonstrated b...

CVE-2013-1648

The Subscriptions feature in Open-Xchange Server before 6.20.7 rev14, 6.22.0 before rev13, and 6.22.1 before rev14 does not properly validate the publication-source URL, which allows remote authenticated users to trigger arbitrary outbound TCP traffic via a crafted Source field, as demonstrated b...

CVE-2013-1648

CVE-2013-1648 concerns Open-Xchange Server 6 where the Subscriptions feature accepts an arbitrary URL in the Source field, enabling server-side request forging (SSRF) and potentially triggering outbound requests to FTP, Gopher, HTTP to 127.0.0.1, etc. Concrete details across sources show affected...

vBulletin Advanced User Tagging Cross Site Scripting

Exploit Title: Advanced User Tagging vBulletin - Stored XSS Vulnerability Google Dork: intext:usertagpro Date: 10.07.2013 Exploit Author: 0iZy5 Vendor Homepage: www.backtrack-linux.ro Software Link: http://www.dragonbyte-tech.com/vbecommerce.php?productid=20&do=product Version: vBulletin 3.8.x,...

vBulletin Advanced User Tagging Mod - Persistent Cross-Site Scripting

Exploit Title: Advanced User Tagging vBulletin - Stored XSS Vulnerability Google Dork: intext:usertagpro Date: 10.07.2013 Exploit Author: 0iZy5 Vendor Homepage: www.backtrack-linux.ro Software Link: http://www.dragonbyte-tech.com/vbecommerce.php?productid=20&do=product Version: vBulletin 3.8.x,...

vBulletin Advanced User Tagging Mod - Stored XSS Vulnerability

Exploit for php platform in category web applications Exploit Title: Advanced User Tagging vBulletin - Stored XSS Vulnerability Google Dork: intext:usertagpro Date: 10.07.2013 Exploit Author: 0iZy5 Vendor Homepage: www.backtrack-linux.ro Software Link:...

OPC UA Delete Subscriptions Response Command

...

OPC UA Transfer Subscriptions Response Command

...

OPC UA Transfer Subscriptions Request Command

...

OPC UA Delete Subscriptions Request Command

...

Code injection

calendar/managesubscriptions.php in Moodle 2.4.x before 2.4.2 does not consider capability requirements before displaying calendar subscriptions, which allows remote authenticated users to obtain potentially sensitive information by leveraging the student role...

CVE-2013-1829

calendar/managesubscriptions.php in Moodle 2.4.x before 2.4.2 does not consider capability requirements before displaying calendar subscriptions, which allows remote authenticated users to obtain potentially sensitive information by leveraging the student role...