- Description
The Communigate Pro webmail framework is prone to a stored Cross Site
Scripting vulnerability through crafted plain text email messages.
- Affected version:
5.2.14 and prior as reported from Communigate:
http://www.communigate.com/cgatepro/History52.html
- Details
This vulnerability
On Monday 02 April 2007 20:12, Gadi Evron wrote:
> Not a 0day. Just publicly released exploit code.
You're right, sorry for mistakes. I meant "first public exploit".
> This is:
> 1. Patched.
Yes: CPUJan2007
> 2. Not publicly exploitable.
Permission grant to public between 9.0.1.x and 10.1.0.x
Alle 21:54, sabato 10 febbraio 2007, Andrea Purificato - bunker ha scritto:
> Version affected: qdig-1.2.9.3, qdig-devel-20060624
Bug fixed by 1.2.9.4 and devel-20070210
Thanks to haganafox for his work,
--
Andrea "bunker&quo
Qdig - Quick Digital Image Gallery - http://qdig.sourceforge.net/)
Version affected: qdig-1.2.9.3, qdig-devel-20060624
Risk: XSS
Description:
Qdig is an easy-to-use PHP script that dynamically presents your digital image
files as an online gallery or set of galleries.
Vulnerability:
It's vuln
Alle 21:05, martedì 6 febbraio 2007, hai scritto:
> I would guess the behavior you just discovered has been
> known for a long time.
It doesn't mean that things will always be that way :-)
See here: http://sunsolve.sun.com/search/document.do?assetkey=1-26-102215-1
> PS: Why should ps to work cor
Alle 10:33, martedì 14 marzo 2006, Marco Ivaldi ha scritto:
> I've recently stumbled upon an interesting behaviour of some Linux kernels
> that may be exploited by a remote attacker to abuse the ID field of IP
> packets, effectively bypassing the zero IP ID in DF packets countermeasure
> implemen