3199 matches found
CVE-2014-0808
Authorization bypass through user-controlled key issue exists in EC-CUBE 2.11.0 through 2.12.2 and EC-Orange systems deployed before June 29th, 2015. If this vulnerability is exploited, a user of the affected shopping website may obtain other users' information by sending a crafted HTTP request...
CVE-2014-0808
Authorization bypass through user-controlled key issue exists in EC-CUBE 2.11.0 through 2.12.2 and EC-Orange systems deployed before June 29th, 2015. If this vulnerability is exploited, a user of the affected shopping website may obtain other users' information by sending a crafted HTTP request...
CVE-2014-0808
Authorization bypass through user-controlled key issue exists in EC-CUBE 2.11.0 through 2.12.2 and EC-Orange systems deployed before June 29th, 2015. If this vulnerability is exploited, a user of the affected shopping website may obtain other users' information by sending a crafted HTTP request...
ABB MicroSCADA Wserver Multiple Buffer Overflows
Multiple Buffer Overflow vulnerabilities have been reported in the Wserver component of ABB MicroSCADA. The vulnerabilities are due to the copying of user controlled data to stack-based buffers without size verification. A remote attacker can exploit this issue by sending a specially crafted...
XSS Vulnerability in simple_format helper
There is a vulnerability in the simpleformat helper in Ruby on Rails. The simpleformat helper converts user supplied text into html text which is intended to be safe for display. A change made to the implementation of this helper means that any user provided HTML attributes will not be escaped...
Microsoft Tagged Image File Format (TIFF) Integer Overflow
This Metasploit module exploits a vulnerability found in Microsoft's Tagged Image File Format. It was originally discovered in the wild, targeting Windows XP and Windows Server 2003 users running Microsoft Office, specifically in the Middle East and South Asia region. The flaw is due to a DWORD...
Microsoft Tagged Image File Format (TIFF) Integer Overflow
This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'rex/zip' require 'nokogiri' module ::Nokogiri module XML class Builder Some XML documents don't declare the namespace before referencing, but...
[ MDVSA-2013:272 ] poppler
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2013:272 http://www.mandriva.com/en/support/security/ Package : poppler Date : November 21, 2013 Affected: Business Server 1.0 Problem Description: Updated poppler packages fix security vulnerabilities: Poppler i...
MS13-096 Microsoft Tagged Image File Format (TIFF) Integer Overflow
This module exploits a vulnerability found in Microsoft's Tagged Image File Format. It was originally discovered in the wild, targeting Windows XP and Windows Server 2003 users running Microsoft Office, specifically in the Middle East and South Asia region. The flaw is due to a DWORD value...
Apache OpenJPA code execution
User-controlled data it stored in local executable file...
Jumping Out of IE's Sandbox With One Click
Software vendors often give intentionally vague and boring names to the updates they use to fix security vulnerabilities. The lamer the name, the less attention it may attract from attackers looking to reverse-engineer the patch. There was one patch in Microsoft’s August Patch Tuesday release...
Windows NT/2K/XP/2K3/VISTA/2K8/7/8 EPATHOBJ Local ring0
ifndef WIN32NOSTATUS define WIN32NOSTATUS endif include include include include include ifdef WIN32NOSTATUS undef WIN32NOSTATUS endif include pragma commentlib, "gdi32" pragma commentlib, "kernel32" pragma commentlib, "user32" pragma commentlib, "shell32" pragma commentlinker, "/SECTION:.text,ERW...
Path traversal in HtmlExporter.java and FileXmlExporter.java
Both HtmlExporter.java and FileXmlExporter.java use the prepareExportFileName method inherited from AbstractExporterImpl.java|https://stash.atlassian.com/projects/CONF/repos/confluence/browse/confluence-core/confluence/src/java/com/atlassian/confluence/importexport/impl/AbstractExporterImpl.java9...
Path traversal in HtmlExporter.java and FileXmlExporter.java
Both HtmlExporter.java and FileXmlExporter.java use the prepareExportFileName method inherited from AbstractExporterImpl.java|https://stash.atlassian.com/projects/CONF/repos/confluence/browse/confluence-core/confluence/src/java/com/atlassian/confluence/importexport/impl/AbstractExporterImpl.java9...
Corel WordPerfect uninitialized pointer dereference
User-controlled pointer dereferences on WPD parsing...
DSA-2633-1 fusionforge - privilege escalation
Bulletin has no description...
ZoneMinder Video Server - packageControl Command Execution (Metasploit)
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'ZoneMinder Video...
SugarCRM unserialize() PHP Code Execution
This module exploits a php unserialize vulnerability in SugarCRM 'SugarCRM unserialize PHP Code Execution', 'Description' = %q This module exploits a php unserialize vulnerability in SugarCRM = 6.3.1 which could be abused to allow authenticated SugarCRM users to execute arbitrary code with the...
KeyHelp ActiveX LaunchTriPane Remote Code Execution
Exploit for windows platform in category remote exploits This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core'...
ZEN Load Balancer Filelog Command Execution
Exploit for linux platform in category remote exploits This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...