Email address | private |
---|---|
Website | websecurity.com.ua |
First Active | 2007-07-07 |
Last Active | 2019-07-08 |
DAVOSET is a tool for committing distributed denial of service attacks using execution on other sites.
e30d379c9559e2b2ec39a485dbeea2d5d1c36017af9db0846f9bfa3021a52725
WordPress versions 3.5.1 and below suffer from multiple cross site scripting vulnerabilities.
399aaad0a5a0c95b905a8449580b6486f0eff6989d9a49975f44518cc7308ae9
TinyMCE versions 3.4b2 through 4.0b3 and WordPress versions up to 3.5.1 suffer from content spoofing issues with Moxieplayer. .
598b87e6a2a44fe517b2304a10e934f9b7d17b3ffadc7e40f05eb037bfca680d
The Slash theme for WordPress suffers from cross site scripting, content spoofing, and path disclosure vulnerabilities.
a99cba04e795f7b79896872c6d6ff57f05ad21de70d7e533d95a3ebf48628267
aCMS version 1.0 suffers from authentication bypass and remote shell upload vulnerabilities.
875ffc473c15baa5846810a8e8bb150911ceee8efcf610bea5bbed80667ad678
AntiVirus for WordPress version 1.0 suffers from security bypass and path disclosure vulnerabilities.
0271b9f61209e7bc28bc04692baa01327ddec0b5dac9ef1d98f84af5b58aa72f
aCMS versions 1.0 and below suffer from cross site scripting, content spoofing, and information leakage vulnerabilities.
ae8043acb7b2da9c98837d31f51c47bde25e8182d74dffb82eb080368936bda9
Moxiecode Image Manager (MCImageManager) versions 3.1.5 and below suffer from a remote shell upload vulnerability. Moxiecode is a commercial plugin for TinyMCE.
fd409e0d8cd4de78eff2f6ed557b4a1f24ec4438e3f2e3e0eb5a1b05640107ce
Moxiecode File Manager (MCFileManager) versions 3.1.5 and below suffer from a remote shell upload vulnerability. Moxiecode is a commercial plugin for TinyMCE.
d69aae839dcc779cfba73a5bfb9cc79a717869c8399e3bd4c4f76e7dab581afe
Various WordPress plugins that embed video-js.swf suffer from cross site scripting vulnerabilities. These include Video Embed and Thumbnail Generator, External "Video for Everybody", 1player, S3 Video and EasySqueezePage.
5353566b47099624d07091f78ba99de22b3590171921393a6150f67e5e76fda4
WordPress Search and Share plugin versions 0.9.3 and below suffer from cross site scripting and path disclosure vulnerabilities.
d3f719826cc457e3ab50d980ad4af6a0ee7713b621aca27072a59e42c82c49ab
JW Player and JW Player Pro versions prior to 5.10.2393 suffer from a cross site scripting vulnerability.
3245ddea3643dcef93da43abf81563693bdd734be6dea6a9c28c227473275b39
VideoJS suffers from a cross site scripting vulnerability.
139174ef78c5cd7005b493eea97a84315c36e8d0deb9be083d494629a3bc8d5d
jPlayer versions prior to 2.2.23 suffers from cross site scripting and content spoofing vulnerabilities.
f94ef8fdaa3dc74661bbc1b8766b3b3b4a20d05453c794dd0c73d914c5ee1c5e
WordPress Colormix theme suffers from cross site scripting, path disclosure, and content spoofing vulnerabilities.
1a6d8b2caf5b79f12115a437ecd623f9858b32df35626257b4cff71c1392af40
AI-Bolit suffers from brute force and information leakage vulnerabilities.
cd659b08454a502774ca7e794c443e308ef7ac01e2ca247b422c8b380af6fd68
CMS Dotclear version 2.4.4 suffers from cross site scripting and content spoofing vulnerabilities.
625cc001772f2b42ce6045d05996c1d2b54a79d66309e300357424fc1b5ada2f
ZeroClipboard.swf as included with multiple themes in WordPress suffers from cross site scripting and path disclosure vulnerabilities.
ccfe1281dfc6e4e26e5a0d6d1b3b97070667132a8dc4e5c06f901a7d32b12f8c
Lotus Domino versions 8.5.4 and below suffer from multiple cross site scripting vulnerabilities.
341d00e048b74b02c865cf233315d109c732984dccad4ca99ee5119609246fa4
SWFUpload suffers from cross site scripting and content spoofing vulnerabilities.
867eb7440d9bd9d939fee46d88b71c63491809a696ba27253555d88f0a1d94e1
This file contains multiple cross site request forgery proof of concepts for old issues associated with the D-Link DAP 1150.
1ce4b9cbe4f534fbae4789b1f32592413776835b37addb31f2b0d689d734ecd4
This is a demonstration cross site request forgery exploit for Question2Answer that also takes advantage of an insufficient anti-automation issue.
e8a626660486f464fd58c9ab8052bbb89a6150a1f60768dade0cfcad6e8669e4
Question2Answer version 1.5.2 suffers from cross site request forgery, anti-automation, and brute force vulnerabilities.
0d285a8516708b72c2d0587d8018386c2f041ad61b1c7ef403600b7cc65fc295
YAML, MultiProject extension for Trac, UserCollections extension for Piwigo, TAO and TableTools plugin for DataTables plugin for jQuery are all affected by the cross site scripting issues discovered in ZeroClipboard as they include the swf.
d81a83c614cfc84ec66ca68b939dab7074dc98d401693f0c5c6943182dcd0229
ZeroClipboard version 1.0.7 suffers from a cross site scripting vulnerability.
af0fb722151319ca3401d5bdc35794d73db7ab87076d7f0e2c5f17677005d202