Jupiter CMS <= 1.1.5 - Multiple XSS Attack Vectors

No description provided by source. Jupiter CMS = 1.1.5 multiple XSS attack vectors. Discovered by: Nomenumbra/0x4F4C Date: 3/11/2006 impact:high privilege escalation,site defacement Jupiter CMS http://www.highstrike.net/ is a dynamic CMS system like mambo or limbo, allowing users to subscribe and...

WebsiteBaker CMS lack of sanitizing

WebsiteBaker CMS lack of sanitizing Discovered by: Nomenumbra Date: 6/4/2006 impact:moderate privilege escalation,possible defacement A user's display name isn't filtered at all, allowing them to insert any HTML of javascript code at will. Nomenumbra/0x4F4C...

SF-UsersXSS.txt

SF-Users V1.0 XSS injection Discovered by: Nomenumbra Date: 5/2/2006 impact:moderate privilege escalation,possible defacement The username with which you sign up isn't properly sanitized so it's possible to insert some javascript there. The single quote is filtered so we'll have to use ' or %27. ...

russcomMultiple.txt

Russcom.net Loginphp multiple vulnerabilties Discovered by: Nomenumbra Date: 5/2/2006 impact:moderate privilege escalation,possible defacement Russcom.net's loginphp script is a small usermanagement script: Users can sign up for a username which they can use to login to the password protected mai...