Oxwall Forum 1.8.1 Cross Site Scripting
Posted by deepcore under exploit (No Respond)
Oxwall Forum version 1.8.1 suffers from a persistent cross site scripting vulnerability.
Archive for February, 2016
WebSVN 2.3.3 Cross Site Scripting
Posted by deepcore under exploit (No Respond)
WebSVN version 2.3.3 suffers from a cross site scripting vulnerability.
D-Link DVG-N5402SP Cross Site Scripting
Posted by deepcore under exploit (No Respond)
D-Link DVG-N5402SP suffers from multiple cross site scripting vulnerabilities.
Prezi Cross Site Scripting
Posted by deepcore under exploit (No Respond)
Prezi suffers from a cross site scripting vulnerability.
InstantCoder 1.0 Local File Inclusion / Directory Traversal
Posted by deepcore under exploit (No Respond)
InstantCoder version 1.0 suffers from local file inclusion and directory traversal vulnerabilities.
Ubiquiti Networks airCRM Cross Site Scripting
Posted by deepcore under exploit (No Respond)
Ubiquiti Networks airCRM suffers from a cross site scripting vulnerability.
OpenCms 9.5.2 Cross Site Scripting
Posted by deepcore under exploit (No Respond)
OpenCms version 9.5.2 suffers from a cross site scripting vulnerability.
libquicktime 1.2.4 Integer Overflow
Posted by deepcore under exploit (No Respond)
libquicktime version 1.2.4 suffers from an integer overflow vulnerability.
Adobe Flash SimpleButton Creation Type Creation
Posted by deepcore under exploit (No Respond)
There is a type confusion vulnerability in the SimpleButton constructor. Flash stores an empty button to use to create buttons for optimization reasons. If this object is created using a SWF tag before it is created in the Button class, and it not of type Button, type confusion can occur.
Wireshark Dissect_ber_set Out-Of-Bounds Read
Posted by deepcore under exploit (No Respond)
A crash was observed in an ASAN build of Wireshark (current git master), by feeding a malformed file to tshark.