exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 50 of 100 RSS Feed

Files

MyBB Visual Editor 1.8.18 Cross Site Scripting
Posted Sep 22, 2018
Authored by Numan OZDEMIR

MyBB Visual Editor versions 1.8.18 and below suffer from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-17128
SHA-256 | 9135e598bbd2a86b784c9a282b8fa7393bcf7cdd4921fee77ebf9059e9713571

Related Files

Red Hat Security Advisory 2012-0084-01
Posted Feb 2, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0084-01 - SeaMonkey is an open source web browser, e-mail and newsgroup client, IRC chat client, and HTML editor. A flaw was found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. The same-origin policy in SeaMonkey treated http://example.com and http://[example.com] as interchangeable. A malicious script could possibly use this flaw to gain access to sensitive information that may be included in HTTP proxy error replies, generated in response to invalid URLs using square brackets.

tags | advisory, web, arbitrary
systems | linux, redhat
advisories | CVE-2011-3670, CVE-2012-0442
SHA-256 | 39ff68cd83efc384bf01448850de7e3a08a5b5755f99a6396e8299ecd7c70391
SOOP Portal Raven 1.0 Shell Upload
Posted Jan 21, 2012
Authored by HELLBOY

SOOP Portal Raven version 1.0 suffers from a fckeditor shell upload vulnerability.

tags | exploit, shell
SHA-256 | 0f8273872316d694baa3f500986ae9071919c3115aa8db27659d4bf52a44aaad
SMF Portal 1.1.16 Shell Upload
Posted Jan 21, 2012
Authored by HELLBOY

SMF Portal version 1.1.16 fckeditor suffers from an arbitrary file upload vulnerability.

tags | exploit, arbitrary, file upload
SHA-256 | 04babd577f16ab3b3226783c0614188c3210538cd0494f5a7fa636ca41c2f6f2
Drupal CKEditor 3.6.2 Cross Site Scripting
Posted Jan 18, 2012
Authored by MaXe

Drupal CKEditor versions 3.0 through 3.6.2 suffer from a persistent cross site scripting vulnerability that can be triggered by the addition of an event handler.

tags | exploit, xss
SHA-256 | 93acfce42fd57f2a4a004f9adac2686bf97ded904556c3a836bf23f10d5f3868
Powered By iEditor SQL Injection
Posted Dec 10, 2011
Authored by tempe_mendoan

Powered By iEditor suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | ca9d47092aad640aebca8c352c444222a1a63e08871e8d283618db7e397f4d48
Meditate Web Content Editor 1.2 SQL Injection
Posted Dec 6, 2011
Authored by Stefan Schurtz

Meditate Web Content Editor version 1.2 suffers form a remote SQL injection vulnerability.

tags | exploit, remote, web, sql injection
SHA-256 | 0136f211c726e49b7cf23fcd31dbf5f6dd1bd0fa254d16fe516ad7c267dc552e
Secunia Security Advisory 46772
Posted Nov 11, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in the CKEditor module for Drupal, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
SHA-256 | 6cad4a8f5f260ac0be5ed62dae21a76767b94a4c2ea8f65e3f98b82fc4f8ffab
Red Hat Security Advisory 2011-1440-01
Posted Nov 9, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1440-01 - SeaMonkey is an open source web browser, email and newsgroup client, IRC chat client, and HTML editor. A cross-site scripting flaw was found in the way SeaMonkey handled certain multibyte character sets. A web page containing malicious content could cause SeaMonkey to run JavaScript code with the permissions of a different website. All SeaMonkey users should upgrade to these updated packages, which correct this issue. After installing the update, SeaMonkey must be restarted for the changes to take effect.

tags | advisory, web, javascript, xss
systems | linux, redhat
advisories | CVE-2011-3648
SHA-256 | be943c91e86570f5afdd3ff9f206a5e3daeeed4880fe0df663aa87a0cc2bf88c
Red Hat Security Advisory 2011-1344-01
Posted Sep 29, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1344-01 - SeaMonkey is an open source web browser, email and newsgroup client, IRC chat client, and HTML editor. A flaw was found in the way SeaMonkey handled frame objects with certain names. An attacker could use this flaw to cause a plug-in to grant its content access to another site or the local file system, violating the same-origin policy. An integer underflow flaw was found in the way SeaMonkey handled large JavaScript regular expressions. A web page containing malicious JavaScript could cause SeaMonkey to access already freed memory, causing SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. All SeaMonkey users should upgrade to these updated packages, which correct these issues. After installing the update, SeaMonkey must be restarted for the changes to take effect.

tags | advisory, web, arbitrary, local, javascript
systems | linux, redhat
advisories | CVE-2011-2998, CVE-2011-2999
SHA-256 | 9da687a381ca20d046b5c50589b968fee6f0f6760fa5b50b72ae19d0c9de5863
Red Hat Security Advisory 2011-1266-01.xt
Posted Sep 7, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1266-01.xt - SeaMonkey is an open source web browser, email and newsgroup client, IRC chat client, and HTML editor. The RHSA-2011:1244 SeaMonkey update rendered HTTPS certificates signed by a certain Certificate Authority as untrusted, but made an exception for a select few. This update removes that exception, rendering every HTTPS certificate signed by that CA as untrusted. All SeaMonkey users should upgrade to these updated packages, which correct this issue. After installing the update, SeaMonkey must be restarted for the changes to take effect.

tags | advisory, web
systems | linux, redhat
SHA-256 | 65b993d94bc041a184d5a50dd74cec68450ace5a9cfd84a960c475ca090bd969
Red Hat Security Advisory 2011-1244-01
Posted Sep 1, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1244-01 - SeaMonkey is an open source web browser, email and newsgroup client, IRC chat client, and HTML editor. It was found that a Certificate Authority issued a fraudulent HTTPS certificate. This update renders any HTTPS certificates signed by that CA as untrusted, except for a select few. The now untrusted certificates that were issued before July 1, 2011 can be manually re-enabled and used again at your own risk in SeaMonkey; however, affected certificates issued after this date cannot be re-enabled or used. All SeaMonkey users should upgrade to these updated packages, which correct this issue. After installing the update, SeaMonkey must be restarted for the changes to take effect.

tags | advisory, web
systems | linux, redhat
SHA-256 | 7df61e89a4c25927a5226cf3ad45c80b05824cabd528719ed04b620fdc009f76
Red Hat Security Advisory 2011-1167-01
Posted Aug 17, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1167-01 - SeaMonkey is an open source web browser, email and newsgroup client, IRC chat client, and HTML editor. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. A flaw was found in the way SeaMonkey handled malformed JavaScript. A web page containing malicious JavaScript could cause SeaMonkey to access already freed memory, causing SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey.

tags | advisory, web, arbitrary, javascript
systems | linux, redhat
advisories | CVE-2011-2982, CVE-2011-2983
SHA-256 | 2870e5c70954b126aed022e80d7fb0433ac5d1859390db856c4a5ae980865df9
FCKeditor Shell Upload
Posted Aug 9, 2011
Authored by Pentesters.ir

FCKeditor suffers from a shell upload vulnerability when a specially crafted htaccess file is used.

tags | exploit, shell
SHA-256 | 60b559598a142ac90f8fe9b4580b8539da0a3a6e96dae822375dde6f14746ad2
SGL.cms 0.6.0 FCKeditor Shell Upload
Posted Jul 6, 2011
Authored by KedAns-Dz

SGL.cms version 0.6.0 suffers from a FCKeditor shell upload vulnerability.

tags | exploit, shell
SHA-256 | b4dd4c275a11fbacbea272a72db6884e2c2ee133983734475d3710c50c8aa79c
Mahyanet CMS Shell Upload
Posted Jul 4, 2011
Authored by Ashiyane Digital Security Team

Mahyanet CMS suffers from a FCKeditor shell upload vulnerability.

tags | exploit, shell
SHA-256 | 02924554582fdb34ccdc193f3f6c20852b0d23193afa74d9b30b069776b9ee2a
CmsFromScratch 1.9.2 Shell Upload
Posted Jun 27, 2011
Authored by KedAns-Dz

CmsFromScratch version 1.9.2 (FCKeditor) shell upload exploit.

tags | exploit, shell
SHA-256 | 6cf179ca4719819da260428c7989f2d9c436082592bca1b749b5997ae650b6a3
Red Hat Security Advisory 2011-0888-01
Posted Jun 22, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-0888-01 - SeaMonkey is an open source web browser, email and newsgroup client, IRC chat client, and HTML editor. A flaw was found in the way SeaMonkey handled malformed JPEG images. A website containing a malicious JPEG image could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. Multiple dangling pointer flaws were found in SeaMonkey. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. Various other issues were also addressed.

tags | advisory, web, arbitrary
systems | linux, redhat
advisories | CVE-2011-0083, CVE-2011-0085, CVE-2011-2362, CVE-2011-2363, CVE-2011-2364, CVE-2011-2365, CVE-2011-2371, CVE-2011-2373, CVE-2011-2374, CVE-2011-2375, CVE-2011-2376, CVE-2011-2377
SHA-256 | cf245aeab870061e8a04bb658d1aeb2eb9c68ca491892c4694343a4d3a10f713
Secunia Security Advisory 44912
Posted Jun 14, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Microsoft XML Editor, which can be exploited by malicious people to disclose potentially sensitive information.

tags | advisory
SHA-256 | 06c6b385010a8992521088a0d65318b74e4defa90bac3a6cb98d8ad6369567a8
Secunia Security Advisory 44912
Posted Jun 14, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Microsoft XML Editor, which can be exploited by malicious people to disclose potentially sensitive information.

tags | advisory
SHA-256 | 06c6b385010a8992521088a0d65318b74e4defa90bac3a6cb98d8ad6369567a8
Secunia Security Advisory 44902
Posted Jun 10, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Solutionary Engineering Research Team has discovered a vulnerability in PDFill PDF Editor, which can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | c56a188000030130c8a839a28e0dafb3f1e3ed107bfe77cd246967ef8c83b4b8
PDFill PDF Editor 8.0 Insecure Library Loading
Posted Jun 9, 2011
Authored by Rob Kraus | Site solutionary.com

PDFill PDF Editor version 8.0 suffers from an insecure library loading vulnerability.

tags | advisory
SHA-256 | 86766208a90ef69191d151095e97ebd1cdcdf37a7ef654d94d09c148515f3dec
Secunia Security Advisory 43563
Posted Jun 7, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Parvez Anwar has discovered a vulnerability in ACDSee Photo Editor 2008, which can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | f8871c2c5bcf1fc9c115aa6090a169da061439385a2dc00e270e47fd86cb81ef
Debian Security Advisory 2253-1
Posted Jun 4, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2253-1 - Ulrik Persson reported a stack-based buffer overflow flaw in FontForge, a font editor. When processed a crafted Bitmap Distribution Format (BDF) FontForge could crash or execute arbitrary code with the privileges of the user running FontForge.

tags | advisory, overflow, arbitrary
systems | linux, debian
advisories | CVE-2010-4259
SHA-256 | a78a7887ca3ae781ff5d52f652ab27f07aefeae94529ddb7e87bcaf7fe2420d1
WysGui <= 2.3 (FCKeditor) File Upload Code Execution
Posted May 30, 2011
Authored by KedAns-Dz | Site metasploit.com

This Metasploit module exploits a vulnerability in the FCK/CKeditor plugin. By renaming the uploaded file this vulnerability can be used to upload/execute code on the affected system.

tags | exploit
SHA-256 | b79669815ce9dff5b0766e6ccba3931a6b21c34e7949eaf09004b7f32698c32f
Bitweaver 2.x (FCKeditor) File Upload Code Execution
Posted May 30, 2011
Authored by KedAns-Dz | Site metasploit.com

This Metasploit module exploits a vulnerability in the FCK/CKeditor plugin. By renaming the uploaded file this vulnerability can be used to upload/execute code on the affected system.

tags | exploit
SHA-256 | 95ab789932419023a2b9612004b6abf2c74e2907a3d992a52eb027409b4fa0c2
Page 2 of 4
Back1234Next

File Archive:

February 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    16 Files
  • 2
    Feb 2nd
    19 Files
  • 3
    Feb 3rd
    0 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    24 Files
  • 6
    Feb 6th
    2 Files
  • 7
    Feb 7th
    10 Files
  • 8
    Feb 8th
    25 Files
  • 9
    Feb 9th
    37 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    17 Files
  • 13
    Feb 13th
    20 Files
  • 14
    Feb 14th
    25 Files
  • 15
    Feb 15th
    15 Files
  • 16
    Feb 16th
    6 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    35 Files
  • 20
    Feb 20th
    25 Files
  • 21
    Feb 21st
    18 Files
  • 22
    Feb 22nd
    15 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    10 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    37 Files
  • 27
    Feb 27th
    34 Files
  • 28
    Feb 28th
    0 Files
  • 29
    Feb 29th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close