Social Share Buttons version 2.2.3 suffers from a remote SQL injection vulnerability.
edba387a26274cddcb2a94613095db446c2d09af44f88ad54797136ae0a59e31Whitepaper called Are You Really Muted?: A Privacy Analysis of Mute Buttons in Video Conferencing Apps.
050dc6588d019c0fec02dfa4d049708c93c8ad0e15fb67374316108e1ab679a3WordPress Simple Social Buttons plugin version 3.1.1 suffers from a cross site scripting vulnerability.
dbd505bc758f478f0ad842a3ba12c5f7a8e477e361ba4948ebfd292dc8a8a222WordPress Share-Buttons plugin version 4.9.9 suffers from a remote shell upload vulnerability.
88cd1ba17d6c9a073ee0056576d4edae120e0d3fcc75e42e8840f9bfa0566ecdWordPress Ad Buttons plugin version 3.1 suffers from a database disclosure vulnerability.
282ce7504ba88402c484dd1d31a67c998d5ddef35093cfe9aa69203817a41198Easy Social Share Buttons for WordPress version 3.2.5 suffers from multiple cross site scripting vulnerabilities.
effdeb4ba420bf5d84d9ffd442e8582eb66e5fb009165f4955fae709de944263There is a type confusion vulnerability in the SimpleButton constructor. Flash stores an empty button to use to create buttons for optimization reasons. If this object is created using a SWF tag before it is created in the Button class, and it not of type Button, type confusion can occur.
7599e6513ebba54c924cb1897955fa83dea113a866068a2d1b4b039d4ac55dc5WordPress Social Essentials Social Stats and Sharing Buttons plugin version 1.3.1 suffers from a cross site scripting vulnerability.
460084134fd285e4afc77e4e3da832e98376bc786e52c0d4c361c08136dc5da4There is a use-after-free issue if the scale9Grid setting is called on an object with a member that then frees display item. This issue occurs for both MovieClips and Buttons, it needs to be fixed in both classes.
80b4a9baafb714f2dd9d49514a0fc66cae5b4722cb091640d14ef74e3e9fafccWordPress Ad Buttons plugin version 2.3.1 suffers from cross site request forgery and cross site scripting vulnerabilities.
38b043d0ddd6274052aa3b2235c087b0a5f86ffbd8a74ae736c9855251b13cd0WordPress MaxButtons plugin version 1.26.0 suffers from a cross site scripting vulnerability.
6c85df93e5f41cf643cf32021c2ed932c062bed98447ffc4fda3cdc81e2905afWordPress Simple Share Buttons Adder plugin version 4.4 suffers from cross site request forgery and cross site scripting vulnerabilities.
9b7e8bd26dee08baac6ace569d5e3efc78505ee6d9b668bbb0577bd8be00f138This Metasploit module abuses some Safari functionality to force the download of a zipped .app OSX application containing our payload. The app is then invoked using a custom URL scheme. At this point, the user is presented with Gatekeeper's prompt: "APP_NAME" is an application downloaded from the internet. Are you sure you want to open it? If the user clicks "Open", the app and its payload are executed. If the user has the "Only allow applications downloaded from Mac App Store and identified developers (on by default on OS 10.8+), the user will see an error dialog containing "can't be opened because it is from an unidentified developer." To work around this issue, you will need to manually build and sign an OSX app containing your payload with a custom URL handler called "openurl". You can put newlines and unicode in your APP_NAME, although you must be careful not to create a prompt that is too tall, or the user will not be able to click the buttons, and will have to either logout or kill the CoreServicesUIAgent process.
b7ff7cca509aa03399b9e3275e886062895930a5f35857244852f59bfb27aeafThe Struts 2 DefaultActionMapper supports a method for short-circuit navigation state changes by prefixing parameters with "action:" or "redirect:", followed by a desired navigational target expression. This mechanism was intended to help with attaching navigational information to buttons within forms. In Struts 2 before 2.3.15.1 the information following "action:", "redirect:" or "redirectAction:" is not properly sanitized. Since said information will be evaluated as OGNL expression against the value stack, this introduces the possibility to inject server side code. This Metasploit module has been tested successfully on Struts 2.3.15 over Tomcat 7, with Windows 2003 SP2 and Ubuntu 10.04 operating systems.
c240d5878f508b714bf5ceed219b636cd035393594292bf01d990b95dae4b372WordPress 2 Click Social Media Buttons plugin version 0.32.2 suffers from a cross site scripting vulnerability.
6c7ccc1383af1cf29f09a39587e09fe7a5a977588d37b1c70f135d5e4d828a54Secunia Security Advisory - Two vulnerabilities have been discovered in the 2 Click Social Media Buttons plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.
cc2786aadf2d725f2324bdbe3589bcc6022b20ae70f879f862a13031a1cc1c57The WordPress 2-Click-Socialmedia-Buttons plugin suffers from a cross site scripting vulnerability.
0bb0732ad689e55347e573e1989e0f03f7afb1b9d317d6027800702fc33c87b4Secunia Security Advisory - A vulnerability has been reported in the Share Buttons (AddToAny) module for Drupal, which can be exploited by malicious users to conduct script insertion attacks.
64af213c5cefe9bbc179049e505ec56a64b4a610329ac0f873976f8f1374bacbThe Drupal Share Buttons module version 6.x suffers from a cross site scripting vulnerability.
5929a532a032594c5e8d08c25f27d18537dd86ccf4232cb0eec503cca25d9477Super Simple Blog Script version 2.5.4 suffers from a remote SQL injection vulnerability.
2eaf78f0259db4226e81b5847645bc8773165a6abee749b4d5675396c8055510Super Simple Blog Script version 2.5.4 suffers from a local file inclusion vulnerability.
366768ae70b606de0d7bb00223af59b1fc919d438c466bf9f3b0ee254fcbc30dPaypal suffers from a price manipulation flaw via buttons.
211444247900f329944ae021c4d844567452d60e0caf32e802160f31bad4fd83Shatter attack exploit against CommCtrl 6.0 Buttons. This write up and exploit demonstrates that any privileged application, which makes use of the Microsoft XP visual styles and creates a window on the interactive desktop, can be used by an attacker to gain elevated privileges.
2ada871c4f61bc2e3dbd23e602fbfcd731e15e34995ee4d6d33837e5bdfc0eebDefcon 10 Presentation: buttons in GIF format
2448bd2e3b0e432df00b1d0d6cff5b3674e232d7a1e5157663deb195fe8fc9c4Hackn' for Newbies is an all in one package for someone who has never used trojans, but would like to start. It contains the deepthroat 2.0 and netbus 1.7 trojan interface along with various scanners,an exe patcher,pasword crackers,user configurable buttons and more.
4d319829f6057b4db38c5efd2053e7bb72e3ae15be3cee9813ab03c20789de8bNetBusPro v2.0 (final release) - Screenshot. The infamous trojan for Windows 95/98/NT includes the following features now: Host list integration with network neighbourhood, Server setup and administration (close server, restrict IP access, TCP-port, password, visibilty, access mode, autostart), General system information and cached passwords, Message manager, Window manager (full control over all windows), Registry manager (list keys, fields and values, create keys and delete keys, change values among others), Sound system (raise and lower volumes), Plugin manager (run plugins that extend the capabilities of NetBus), Port redirect (simple proxy support), Application redirect (e.g. allows you to interact with MS-DOS prompts remotely, which gives you powerful access to the computer), File actions (execute executable files, show image files, play audio files, open document files and print document files), Spy functions (includes listen keyboard, get screen capture, record audio from microphone and get webcamera image, File manager (explorer, upload and download files, delete files and folders, create folders and share folders, Exit Windows (reboot system, shutdown system or power down system), Cool functions (Client chat, open and close CD-ROM, disable keys, key click, swap mouse buttons, Goto URL, Send text), NetBus scanner, fast port scanner, Host scheduler, predefine time to run scripts at hosts, Command broadcaster, broadcasts commands to multiple hosts, Multi-language support, extendable to more languages than just english, Skin support (transparent backgrounds), InstallWizard and Online help manual. Archive password is set to p4ssw0rd. Use at your own risk.
4d44cdaf021fed2766f87d7af9fa9cda6b302c8a2b918d05b3bd8e4f61cd7f0a
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed
