Aggregator

A vulnerability was found in Microsoft Windows up to Vista and classified as problematic. Affected by this issue is some unknown functionality of the component Kernel Mode Driver. The manipulation leads to use after free. This vulnerability is handled as CVE-2015-1726. Attacking locally is a requirement. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.

2025H&NCTF-Misc&取证&OSINT全解

A vulnerability classified as critical has been found in Jorani 0.6.5. This affects an unknown part of the component Error Handler. The manipulation of the argument enddate leads to sql injection. This vulnerability is uniquely identified as CVE-2018-15918. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability has been found in Quadcomm Q-Shop 2.0/2.1/2.5/2.5 Beta and classified as problematic. Affected by this vulnerability is an unknown functionality of the file imagezoom.asp. The manipulation leads to basic cross site scripting. This vulnerability is known as CVE-2004-2109. The attack can be launched remotely. There is no exploit available.

A vulnerability, which was classified as problematic, was found in Quadcomm Q-Shop. This affects an unknown part of the file recommend.asp. The manipulation leads to basic cross site scripting. This vulnerability is uniquely identified as CVE-2004-2109. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability has been found in Microsoft Outlook Express up to 6 SP1 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component BCC Multi-Part Message Handler. The manipulation leads to information disclosure. This vulnerability is known as CVE-2004-2137. The attack can be launched remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability classified as problematic was found in Oracle HTTP Server 1.3.22. Affected by this vulnerability is an unknown functionality. The manipulation leads to basic cross site scripting. This vulnerability is known as CVE-2004-2115. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as problematic, has been found in Symantec Norton Antivirus 2003. Affected by this issue is some unknown functionality. The manipulation leads to denial of service. This vulnerability is handled as CVE-2004-2147. The attack may be launched remotely. There is no exploit available.

A vulnerability has been found in MySQL 4.1.3/4.1.4 and classified as critical. This vulnerability affects unknown code. The manipulation leads to memory corruption. This vulnerability was named CVE-2004-2149. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Easy Software Products CUPS. This affects an unknown part of the file cupsd.conf. The manipulation leads to improper handling of case sensitivity. This vulnerability is uniquely identified as CVE-2004-2154. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

本网站使用cookies以记住您的偏好和优化您的访问体验。您可选择接受所有cookies或通过设置进行个性化管理。

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. North Korea-linked threat actors spread macOS NimDoor malware via fake Zoom updates Critical Sudo bugs expose […]

A vulnerability classified as very critical was found in Microsoft Windows 7/Server 2003/Server 2008/Vista/XP. This vulnerability affects unknown code of the component Remote Desktop Service. The manipulation leads to code injection. This vulnerability was named CVE-2012-0002. The attack can be initiated remotely. Furthermore, there is an exploit available. This vulnerability has a historic impact due to its background and reception. It is recommended to apply a patch to fix this issue.

一个看似无害的JSON响应，竟让轻松劫持会话弹窗等等！

A vulnerability classified as critical has been found in Oracle Healthcare Translational Research 3.1.0/3.2.1/3.3.1. This affects an unknown part of the component jQuery. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2019-11358. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Hedgehog-CMS 1.21. It has been rated as problematic. Affected by this issue is some unknown functionality of the file includes/header.php. The manipulation of the argument c_temp_path leads to path traversal. This vulnerability is handled as CVE-2008-2898. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability classified as problematic was found in Claroline. Affected by this vulnerability is an unknown functionality of the file admin/advancedUserSearch.php. The manipulation of the argument action leads to cross site scripting. This vulnerability is known as CVE-2007-4717. The attack can be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

Теперь мир станет чуточку безопаснее?

A vulnerability was found in Claroline 1.8.5 and classified as problematic. This issue affects some unknown processing of the file admin/adminusers.php. The manipulation of the argument view leads to cross site scripting. The identification of this vulnerability is CVE-2007-4717. The attack may be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

本文将详细介绍当前已被主流废弃但仍可在攻击场景中利用的URL Credentials技术，将其扩展用于各种常见漏洞的绕过