9747 matches found
CVE-2007-1982
Multiple PHP remote file inclusion vulnerabilities in Really Simple PHP and Ajax RSPA 2007-03-23 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the 1 IncludeFilePHPClass, 2 ClassPath, and 3 class parameters to a rspa/framework/Controllerv5.php, and b...
CVE-2007-1982
Multiple PHP remote file inclusion vulnerabilities in Really Simple PHP and Ajax RSPA 2007-03-23 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the 1 IncludeFilePHPClass, 2 ClassPath, and 3 class parameters to a rspa/framework/Controllerv5.php, and b...
CVE-2007-1982
CVE-2007-1982 concerns multiple PHP remote file inclusion vulnerabilities in Really Simple PHP and Ajax (RSPA) versions up to 2007-03-23 and earlier. The flaw allows remote attackers to execute arbitrary PHP code by supplying a URL in the (1) __IncludeFilePHPClass, (2) __ClassPath, and (3) __clas...
PT-2007-1156
Name of the Vulnerable Software and Affected Versions: jquery versions prior to 3.0.0 Description: The issue is related to the lack of protection for the structure of web pages, allowing a remote attacker to perform cross-site scripting using cross-domain ajax requests. When a cross-domain Ajax...
RSPA Remote File Inclusion
RSPA Remote File Inclusion Really Simple PHP and Ajax RSPA RSPA is a component based event driven ajax enabled framework for PHP4 and PHP 5. It is a combination of plane PHP class and HTML/Javascript.RSPA allows calling server side PHP functions from client javascript events. Visit...
Really Simple PHP and Ajax (RSPA) 2007-03-23 RFI Vulnerability
No description provided by source. RSPA Remote File Inclusion Really Simple PHP and Ajax RSPA RSPA is a component based event driven ajax enabled framework for PHP4 and PHP 5. It is a combination of plane PHP class and HTML/Javascript.RSPA allows calling server side PHP functions from client...
Really Simple PHP and Ajax (RSPA) 2007-03-23 - Remote File Inclusion
Really Simple PHP and Ajax RSPA 2007-03-23 - Remote File Inclusion RSPA Remote File Inclusion Really Simple PHP and Ajax RSPA RSPA is a component based event driven ajax enabled framework for PHP4 and PHP 5. It is a combination of plane PHP class and HTML/Javascript.RSPA allows calling server sid...
Really Simple PHP and Ajax (RSPA) 2007-03-23 RFI Vulnerability
Exploit for unknown platform in category web applications ============================================================== Really Simple PHP and Ajax RSPA 2007-03-23 RFI Vulnerability ============================================================== RSPA Remote File Inclusion Really Simple PHP and Aja...
Really Simple PHP and Ajax (RSPA) 2007-03-23 - Remote File Inclusion
RSPA Remote File Inclusion Really Simple PHP and Ajax RSPA RSPA is a component based event driven ajax enabled framework for PHP4 and PHP 5. It is a combination of plane PHP class and HTML/Javascript.RSPA allows calling server side PHP functions from client javascript events. Visit...
Remote file inclusion
Multiple PHP remote file inclusion vulnerabilities in Softnews Media Group DataLife Engine allow remote attackers to execute arbitrary PHP code via a URL in the rootdir parameter to 1 init.php and 2 Ajax/editnews.php. NOTE: some of these details are obtained from third party information...
WORK system e-commerce <= 3.0.5 Remote File Inclusion Vulnerability
No description provided by source. Rodrigo Duarte WuefezAT2die4.com ;D WORK system e-commerce: WORK PHP,Mysql content management system CMS e-commerce or not : ajax, workflow, content,package,language,currency,country,price,stock,group user,CSS,banner,logo,...
WORK system e-commerce <= 3.0.5 Remote File Inclusion Vulnerability
No description provided by source. Rodrigo Duarte WuefezAT2die4.com ;D WORK system e-commerce: WORK PHP,Mysql content management system CMS e-commerce or not : ajax, workflow, content,package,language,currency,country,price,stock,group user,CSS,banner,logo,...
mediawiki-xss.txt
MediaWiki Cross-site Scripting Vulnerabilities. Date: 18/02/2007 Vendor: MediaWiki Vulnerable versions: MediaWiki 1.9.2 latest and below. Description: MediaWiki v1.8.2 and below are vulnerable to plain Cross-site scripting attack by expliting the experimental AJAX features, if enabled default. Th...
CVE-2007-1054
Cross-site scripting XSS vulnerability in the AJAX features in index.php in MediaWiki 1.6.x through 1.9.2, when $wgUseAjax is enabled, allows remote attackers to inject arbitrary web script or HTML via a UTF-7 encoded value of the rs parameter, which is processed by Internet Explorer...
CVE-2007-1055
Cross-site scripting XSS vulnerability in the AJAX features in index.php in MediaWiki 1.9.x before 1.9.0rc2, and 1.8.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the rs parameter. NOTE: this issue might be a duplicate of CVE-2007-0177...
DEBIAN-CVE-2007-1054
Cross-site scripting XSS vulnerability in the AJAX features in index.php in MediaWiki 1.6.x through 1.9.2, when $wgUseAjax is enabled, allows remote attackers to inject arbitrary web script or HTML via a UTF-7 encoded value of the rs parameter, which is processed by Internet Explorer...
CVE-2007-1055
Cross-site scripting XSS vulnerability in the AJAX features in index.php in MediaWiki 1.9.x before 1.9.0rc2, and 1.8.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the rs parameter. NOTE: this issue might be a duplicate of CVE-2007-0177...
Cross site scripting
Cross-site scripting XSS vulnerability in the AJAX features in index.php in MediaWiki 1.9.x before 1.9.0rc2, and 1.8.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the rs parameter. NOTE: this issue might be a duplicate of CVE-2007-0177...
DEBIAN-CVE-2007-1055
Cross-site scripting XSS vulnerability in the AJAX features in index.php in MediaWiki 1.9.x before 1.9.0rc2, and 1.8.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the rs parameter. NOTE: this issue might be a duplicate of CVE-2007-0177...
CVE-2007-1054
Cross-site scripting XSS vulnerability in the AJAX features in index.php in MediaWiki 1.6.x through 1.9.2, when $wgUseAjax is enabled, allows remote attackers to inject arbitrary web script or HTML via a UTF-7 encoded value of the rs parameter, which is processed by Internet Explorer...