CVE-2012-0956

ubiquity-slideshow-ubuntu before 58.2, during installation, allows remote man-in-the-middle attackers to execute arbitrary web script or HTML and read arbitrary files via a crafted attribute in the tag of a Twitter feed...

ubiquity-reports.com Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1177410 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website...

Number of Devices Sharing Private Crypto Keys Up Sharply

Researchers at SEC Consult say the number of internet gateways, routers, modems and other embedded devices sharing cryptographic keys and certificates is up 40 percent since the Austrian consulting firm first looked at the problem in November. The report, posted Tuesday called “House of Keys,”...

Ubiquity Nanostation5 (Air OS) 0day Remote Command Execution

No description provided by source. Exploit Title: Ubiquity Nanostation5 Air OS 0day Remote Command Execution Date: 01 07 2010 Author: Emanuele 'emgent' Gentili Software Link: N/A Version: AirOS all firmwares CVE : N/A + Vulnerability Descrition With not privileged account, like read-only, an...

airVisionNVR 1.1.13 readfile() Disclosure and SQL Injection

No description provided by source. Exploit Title: airVisionNVR readfile disclosure and sql injection Google Dork: Date: Oct 13, 2012 Exploit Author: pennyGrit Vendor Homepage: http://www.ubnt.com/ Software Link: http://www.ubnt.com/downloads/airvision/airVision-v1.1.3-installer.exe Version: 1.1.1...

airVisionNVR 1.1.13 readfile() Disclosure and SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: airVisionNVR readfile disclosure and sql injection Date: Oct 13, 2012 Exploit Author: pennyGrit Vendor Homepage: http://www.ubnt.com/ Software Link: http://www.ubnt.com/downloads/airvision/airVision-v1.1.3-installer.exe Version:...

airVisionNVR 1.1.13 - readfile() Disclosure SQL Injection

airVisionNVR 1.1.13 - readfile Disclosure SQL Injection Exploit Title: airVisionNVR readfile disclosure and sql injection Google Dork: Date: Oct 13, 2012 Exploit Author: pennyGrit Vendor Homepage: http://www.ubnt.com/ Software Link:...

airVisionNVR 1.1.13 - 'readfile()' Disclosure / SQL Injection

Exploit Title: airVisionNVR readfile disclosure and sql injection Google Dork: Date: Oct 13, 2012 Exploit Author: pennyGrit Vendor Homepage: http://www.ubnt.com/ Software Link: http://www.ubnt.com/downloads/airvision/airVision-v1.1.3-installer.exe Version: 1.1.13 Tested on: WinXP SP3 CVE: Possibl...

airVisionNVR 1.1.13 Disclosure / SQL Injection

Exploit Title: airVisionNVR readfile disclosure and sql injection Google Dork: Date: Oct 13, 2012 Exploit Author: pennyGrit Vendor Homepage: http://www.ubnt.com/ Software Link: http://www.ubnt.com/downloads/airvision/airVision-v1.1.3-installer.exe Version: 1.1.13 Tested on: WinXP SP3 CVE: Possibl...

CVE-2012-0956

ubiquity-slideshow-ubuntu before 58.2, during installation, allows remote man-in-the-middle attackers to execute arbitrary web script or HTML and read arbitrary files via a crafted attribute in the tag of a Twitter feed...

Code injection

ubiquity-slideshow-ubuntu before 58.2, during installation, allows remote man-in-the-middle attackers to execute arbitrary web script or HTML and read arbitrary files via a crafted attribute in the tag of a Twitter feed...

CVE-2012-0956

CVE-2012-0956 affects ubiquity-slideshow-ubuntu prior to 58.2; during installation, a crafted attribute in the Twitter feed could allow remote MITM attackers to inject arbitrary web script/HTML and read files. The issue is mitigated by disabling the Twitter feed (Ubuntu USN-1561-1) and upgrading ...

CVE-2012-0956

ubiquity-slideshow-ubuntu before 58.2, during installation, allows remote man-in-the-middle attackers to execute arbitrary web script or HTML and read arbitrary files via a crafted attribute in the tag of a Twitter feed...

Ubuntu Update for ubiquity-slideshow-ubuntu USN-1561-1

Ubuntu Update for Linux kernel vulnerabilities USN-1561-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN15611.nasl 7960 2017-12-01 06:58:16Z santu $ Ubuntu Update for ubiquity-slideshow-ubuntu USN-1561-1 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH,...

Ubuntu 12.04 LTS : ubiquity-slideshow-ubuntu vulnerability (USN-1561-1)

Paul Mutton discovered that ubiquity-slideshow-ubuntu incorrectly handled the Twitter feed displayed during system installation. A remote attacker could use this flaw to inject code into the Twitter feed and read arbitrary files off the filesystem during system installation. This flaw has been...

USN-1561-1: ubiquity-slideshow-ubuntu vulnerability

Paul Mutton discovered that ubiquity-slideshow-ubuntu incorrectly handled the Twitter feed displayed during system installation. A remote attacker could use this flaw to inject code into the Twitter feed and read arbitrary files off the filesystem during system installation. This flaw has been...

CVE-2012-0956

ubiquity-slideshow-ubuntu before 58.2, during installation, allows remote man-in-the-middle attackers to execute arbitrary web script or HTML and read arbitrary files via a crafted attribute in the tag of a Twitter feed...

Ubiquity Nanostation5 (Air OS) 0day Remote Command Execution

Exploit for hardware platform in category web applications ============================================================ Ubiquity Nanostation5 Air OS 0day Remote Command Execution ============================================================ Exploit Title: Ubiquity Nanostation5 Air OS 0day Remote...

Ubiquity Nanostation5 (Air OS) - Remote Command Execution

Ubiquity Nanostation5 Air OS - Remote Command Execution Exploit Title: Ubiquity Nanostation5 Air OS 0day Remote Command Execution Date: 01 07 2010 Author: Emanuele 'emgent' Gentili Software Link: N/A Version: AirOS all firmwares CVE : N/A + Vulnerability Descrition With not privileged account, li...

Tough Road Ahead for Adobe on Security

Microsoft and its endless portfolio of products have been the favorite targets of attackers for more than a decade now. But if the events of the past year or so are any indication, it looks like that dubious distiniction now belongs to Adobe. The last 12 months have been rough for Adobe, the make...