The frontend rendering component in TYPO3 4.5.x before 4.5.39, 4.6.x through 6.2.x before 6.2.9, and 7.x before 7.0.2, when config.prefixLocalAnchors is set to all or cached, allows remote attackers to have an unspecified impact (possibly resource consumption) via a “Cache Poisoning” attack using a URL with arbitrary arguments, which triggers a reload of the page.
Monthly Archives: January 2015
SkinCrafter 3.8.1.0 Buffer Overflow
Included in this archive are three buffer overflow exploits for SkinCrafter version 3.8.1.0.
Vuln: OpenSSL CVE-2014-3509 Remote Denial of Service Vulnerability
OpenSSL CVE-2014-3509 Remote Denial of Service Vulnerability
Vuln: Serendipity HTML Injection Vulnerability
Serendipity HTML Injection Vulnerability
CVE-2014-9464
SQL injection vulnerability in Category.php in Microweber CMS 0.95 before 20141209 allows remote attackers to execute arbitrary SQL commands via the category parameter when displaying a category, related to the $parent_id variable.
Crea8Social 2.0 Cross Site Scripting
Crea8Social version 2.0 suffers from a cross site scripting vulnerability.