CVE-2006-0927

Multiple cross-site scripting XSS vulnerabilities in the JGS-XA JGS-Gallery Addon 4.0.0 and earlier for Woltlab Burning Board wBB 2.x allow remote attackers to inject arbitrary web script or HTML via the 1 userid parameter in a jgsgalerieslideshow.php and b jgsgaleriescroll.php, and the 2 katid...

CVE-2006-0927

CVE-2006-0927 describes multiple XSS vulnerabilities in the JGS-XA/JGS-Gallery Addon 4.0.0 and earlier for Woltlab Burning Board (wBB) 2.x. The issue arises in the parameters (1) userid of jgs_galerie_slideshow.php and jgs_galerie_scroll.php, and (2) katid of jgs_galerie_slideshow.php, allowing r...

CVE-2005-4094

connector.php in the fckeditor2rc2 addon in DoceboLMS 2.0.4 allows remote attackers to execute arbitrary PHP by using the FileUpload command to upload a file that appears to be an image but contains PHP script...

USN-149-1: Firefox vulnerabilities

Secunia.com reported that one of the recent security patches in Firefox reintroduced the frame injection patch that was originally known as CAN-2004-0718. This allowed a malicious web site to spoof the contents of other web sites. CAN-2005-1937 In several places the browser user interface did not...

Firefox Remote Compromise Technical Details

Firefox Remote Compromise Technical Details Before I start, I need to say that this thing has been patched on Mozilla's server. If you take a look at any of the extension install pages on their site, you will see that the install function has a bunch of random letters and numbers after it. Even...

CVE-2005-0829

Cross-site scripting XSS vulnerability in setuser.php of the Digitanium addon to PHP-Fusion 5.01 allows remote attackers to inject arbitrary web script or HTML via the 1 username or 2 userpass parameters...

CVE-2005-0829

Cross-site scripting XSS vulnerability in setuser.php of the Digitanium addon to PHP-Fusion 5.01 allows remote attackers to inject arbitrary web script or HTML via the 1 username or 2 userpass parameters...

[SA12709] yappa-ng Unspecified "Show Random Image" Vulnerability

TITLE: yappa-ng Unspecified "Show Random Image" Vulnerability SECUNIA ADVISORY ID: SA12709 VERIFY ADVISORY: http://secunia.com/advisories/12709/ CRITICAL: Moderately critical IMPACT: Unknown WHERE: From remote SOFTWARE: yappa-ng 2.x http://secunia.com/product/3989/ DESCRIPTION: Georg Ragaz has...

IPINSIGHT Detection

The remote host is using the IPINSIGHT program. You should ensure that the user intended to install IPINSIGHT as it is sometimes silently installed. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid12015; scriptversion"1.16";...

PHP-Nuke 6.5 Addon - 'Viewpage.php' File Disclosure

source: https://www.securityfocus.com/bid/7191/info PHP-Nuke has been reported prone to a file disclosure vulnerability when using the viewpage.php addon. It has been reported that PHP-Nuke may disclose arbitrary web server readable files under certain circumstances. It should be noted that this...

PHP-Nuke AddOn PHPToNuke.php 1.0 - Cross-Site Scripting

PHP-Nuke AddOn PHPToNuke.php 1.0 - Cross-Site Scripting source: https://www.securityfocus.com/bid/3807/info phptonuke.php is a PHPNuke AddOn script to insert a PHP script into the middle of a PHPNuke site. It is written and maintained by Lebios. It is possible for a malicious user to create a lin...

PHP-Nuke AddOn PHPToNuke.php 1.0 - Cross-Site Scripting

source: https://www.securityfocus.com/bid/3807/info phptonuke.php is a PHPNuke AddOn script to insert a PHP script into the middle of a PHPNuke site. It is written and maintained by Lebios. It is possible for a malicious user to create a link to the phptonuke.php script which contains script code...

PHP-Nuke Network Tool 0.2 Addon - MetaCharacter Filtering Command Execution

PHP-Nuke Network Tool 0.2 Addon - MetaCharacter Filtering Command Execution source: https://www.securityfocus.com/bid/3552/info Network Tool is a PHPNuke addon, written and maintained by Rick Fournier. It is designed to offer network features such as nmap, traceroute, and ping from a web interfac...

PHP-Nuke Network Tool 0.2 Addon - MetaCharacter Filtering Command Execution

source: https://www.securityfocus.com/bid/3552/info Network Tool is a PHPNuke addon, written and maintained by Rick Fournier. It is designed to offer network features such as nmap, traceroute, and ping from a web interface. A problem with the package has been discovered that could allow remote...

ntmail3relay.txt

NTMail version 3 relay problem NTmail3 appears to have a small hole that allows anyone to use an NTmail3 server as a relay mail server. Basically here is how it works. NTmail3 is set to not allow relay either the TO or FROM address must be local JUCE a $500 antispamming add-on from the makers of...