SUSE CVE-2011-3004

The JSSubScriptLoader in Mozilla Firefox 4.x through 6 and SeaMonkey before 2.4 does not properly handle XPCNativeWrappers during calls to the loadSubScript method in an add-on, which makes it easier for remote attackers to gain privileges via a crafted web site that leverages certain unwrapping...

WebKit memory corruption vulnerability in multiple Apple products (CNVD-2017-04673)

Apple iOS, Safari, and tvOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices; Safari is a web browser that is the default browser that comes with Mac OS X and iOS operating systems; and tvOS is an operating system for smart TVs. webKit is an open source web...

Social Book Facebook Clone Script Cross Site Scripting

Exploit Title: Social Book Facebook Clone Script Reflected XSS Vulnerability Date: 2011 Author: Eyup CELIK Version: All Version Tested on: All versions are Vulnerability Web Site: www.eyupcelik.com.tr ISSUE XSS can be done using the command input Vulnerable Page: signup.php lostpass.php login.php...

Microsoft Log Sink Class - ActiveX Control Arbitrary File Creation

source: https://www.securityfocus.com/bid/12646/info Microsoft Log Sink Class ActiveX control can allow remote attackers to create arbitrary files on an affected computer. A remote attacker can exploit this issue by crafting a malicious Web site that triggers this vulnerability and enticing a use...