UBUNTU-CVE-2016-10134

SQL injection vulnerability in Zabbix before 2.2.14 and 3.0 before 3.0.4 allows remote attackers to execute arbitrary SQL commands via the toggleids array parameter in latest.php...

CVE-2016-5174

browser/ui/cocoa/browserwindowcontrollerprivate.mm in Google Chrome before 53.0.2785.113 does not process fullscreen toggle requests during a fullscreen transition, which allows remote attackers to cause a denial of service unsuppressed popup via a crafted web site...

Design/Logic Flaw

browser/ui/cocoa/browserwindowcontrollerprivate.mm in Google Chrome before 53.0.2785.113 does not process fullscreen toggle requests during a fullscreen transition, which allows remote attackers to cause a denial of service unsuppressed popup via a crafted web site...

Notification Toggle - Dangerous filesystem permissions, Runtime privilege escalation vulnerabilities

HackApp vulnerability scanner discovered that application Notification Toggle published at the 'play' market has multiple vulnerabilities...

Opera 12 and Opera Mail security update

Security Opera 12 and Opera Mail security update Share February 16th, 2016 We realize that those of you on old operating systems like Windows XP SP1 and older are left without much choice beyond using our Presto-based browser. With security standards on the web changing so much we didn’t want to...

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in the Todo Filter module before 6.x-1.1 and 7.x-1.x before 7.x-1.1 for Drupal allows remote attackers to hijack the authentication of arbitrary users for requests that toggle a task via unspecified vectors...

CVE-2015-3350

Cross-site request forgery CSRF vulnerability in the Todo Filter module before 6.x-1.1 and 7.x-1.x before 7.x-1.1 for Drupal allows remote attackers to hijack the authentication of arbitrary users for requests that toggle a task via unspecified vectors...

Kernel: fs: ext4 race condition

A race condition flaw was found in the Linux kernel's ext4 file system implementation that allowed a local, unprivileged user to crash the system by simultaneously writing to a file and toggling the ODIRECT flag using fcntlFSETFL on that file...

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in the Pods plugin before 2.5 for WordPress allow remote attackers to hijack the authentication of administrators for requests that 1 conduct cross-site scripting XSS attacks via the toggled parameter in a toggle action in the pods-componen...

DEBIAN-CVE-2012-4732

Cross-site request forgery CSRF vulnerability in Request Tracker RT 3.8.12 and other versions before 3.8.15, and 4.0.6 and other versions before 4.0.8, allows remote attackers to hijack the authentication of users for requests that toggle ticket bookmarks...

Pixie 1.0.4 Cross Site Request Forgery / Cross Site Scripting

Vulnerability ID: HTB22469 Reference: http://www.htbridge.ch/advisory/storedxssvulnerabilityinpixie.html Product: Pixie Vendor: Toggle Labs Ltd http://www.getpixie.co.uk/ Vulnerable Version: 1.0.4 and Probably Prior Versions Vendor Notification: 01 July 2010 Vulnerability Type: Stored XSS Cross...

XSRF (CSRF) in Pixie

Vulnerability ID: HTB22470 Reference: http://www.htbridge.ch/advisory/xsrfcsrfinpixie.html Product: Pixie Vendor: Toggle Labs Ltd http://www.getpixie.co.uk/ Vulnerable Version: 1.0.4 and Probably Prior Versions Vendor Notification: 01 July 2010 Vulnerability Type: CSRF Cross-Site Request Forgery...

Stored XSS vulnerability in Pixie

Vulnerability ID: HTB22469 Reference: http://www.htbridge.ch/advisory/storedxssvulnerabilityinpixie.html Product: Pixie Vendor: Toggle Labs Ltd http://www.getpixie.co.uk/ Vulnerable Version: 1.0.4 and Probably Prior Versions Vendor Notification: 01 July 2010 Vulnerability Type: Stored XSS Cross...

XSS vulnerability in Pixie

Vulnerability ID: HTB22468 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityinpixie.html Product: Pixie Vendor: Toggle Labs Ltd http://www.getpixie.co.uk/ Vulnerable Version: 1.0.4 and Probably Prior Versions Vendor Notification: 01 July 2010 Vulnerability Type: XSS Cross Site Scripting...

XSRF (CSRF) in Pixie

Vulnerability ID: HTB22471 Reference: http://www.htbridge.ch/advisory/xsrfcsrfinpixie1.html Product: Pixie Vendor: Toggle Labs Ltd http://www.getpixie.co.uk/ Vulnerable Version: 1.0.4 and Probably Prior Versions Vendor Notification: 01 July 2010 Vulnerability Type: CSRF Cross-Site Request Forgery...

CVE-2007-6724

Vidalia bundle before 0.1.2.18, when running on Windows, installs Privoxy with a configuration file config.txt or config that contains an insecure enable-remote-http-toggle setting, which allows remote attackers to bypass intended access restrictions and modify configuration...

CVE-2007-6723

TorK before 0.22, when running on Windows and Mac OS X, installs Privoxy with a configuration file config.txt or config that contains insecure 1 enable-remote-toggle and 2 enable-edit-actions settings, which allows remote attackers to bypass intended access restrictions and modify configuration...