social software vulnerabilities
vulnerabilities.aspcode.net
Searching social software vulnerabilities
Internet Explorer 6 and earlier allows remote a
windowcreatePopup
|
unauthorized
|
engineering
|
chromeless
|
activities
|
Javascript
|
sensitive
|
attackers
|
victim's
|
Explorer
|
Internet
|
simulate
|
display
|
windows
|
conduct
|
earlier
|
allows
|
remote
|
create
|
social
|
method
|
steal
|
using
|
which
|
allow
|
could
|
data
|
via
|
Internet Explorer 6 and earlier allows remote attackers to create chromeless windows using the Javascript window.createPopup method, which could allow attackers to simulate a victim's display and conduct unauthorized activities or steal sensitive data via social engineering.
Skype 0.92.0.12 and 1.0.0.1 for Linux, and poss
Skype
|
Skype 0.92.0.12 and 1.0.0.1 for Linux, and possibly other versions, creates the /usr/share/skype/lang directory with world-writable permissions, which allows local users to modify language files and possibly conduct social engineering or other attacks.
SQL injection vulnerability in Akarru Social Bo
vulnerability
|
BookMarking
|
injection
|
Engine
|
before
|
Akarru
|
Social
|
SQL
|
SQL injection vulnerability in Akarru Social BookMarking Engine before 0.4.3.4 allows remote attackers to execute arbitrary SQL commands via unknown attack vectors, possibly involving the username parameter to akarru.lib/users.php.
PHP remote file inclusion vulnerability in akar
akarrugui/main_contentphp
|
vulnerability
|
BookMarking
|
inclusion
|
Akarru
|
Social
|
remote
|
Engine
|
file
|
PHP
|
PHP remote file inclusion vulnerability in akarru.gui/main_content.php in Akarru Social BookMarking Engine 0.4.3.34 and earlier, and possibly 0.4.4.120, allows remote attackers to execute arbitrary PHP code via a URL in the bm_content parameter.
The Social Bookmarks (del.icio.us) plug-in 8F i
Bookmarks
|
Social
|
The Social Bookmarks (del.icio.us) plug-in 8F in Quicksilver writes usernames and passwords in plaintext to the /Library/Logs/Console/UID/Console.log file, which allows local users to obtain sensitive information by reading this file.
SQL injection vulnerability in profile/myprofil
profile/myprofilephp
|
vulnerability
|
psi-labscom
|
networking
|
injection
|
script
|
social
|
SQL
|
SQL injection vulnerability in profile/myprofile.php in psi-labs.com social networking script (psisns), probably 1.0, allows remote attackers to execute arbitrary SQL commands via the u parameter.
Software vulnerabilities results 1 to 7 of 7
Page:
1