5 matches found
EUVD-2018-17777
Malware in sbrugna...
CVE-2018-6014
Subsonic v6.1.3 has an insecure allow-access-from domain="" Flash cross-domain policy that allows an attacker to retrieve sensitive user information via a read request. To exploit this issue, an attacker must convince the user to visit a web site loaded with a SWF file created specifically to ste...
Cross site scripting
Subsonic v6.1.3 has an insecure allow-access-from domain="" Flash cross-domain policy that allows an attacker to retrieve sensitive user information via a read request. To exploit this issue, an attacker must convince the user to visit a web site loaded with a SWF file created specifically to ste...
CVE-2018-6014
Subsonic v6.1.3 has an insecure allow-access-from domain="" Flash cross-domain policy that allows an attacker to retrieve sensitive user information via a read request. To exploit this issue, an attacker must convince the user to visit a web site loaded with a SWF file created specifically to ste...
Subsonic v6.1.3 - Flash Cross-Domain Policy Vulnerability
Document Title: =============== Subsonic v6.1.3 - Flash Cross-Domain Policy Vulnerability References: =========== https://www.vulnerability-lab.com/getcontent.php?id=2115 Video: https://www.youtube.com/watch?v=t3nYuhAHOMg http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-6014...