205 matches found
CVE-2013-5646
Cross-site scripting XSS vulnerability in Roundcube webmail 1.0-git allows remote authenticated users to inject arbitrary web script or HTML via the Name field of an addressbook group...
Cross site scripting
Cross-site scripting XSS vulnerability in Roundcube webmail 1.0-git allows remote authenticated users to inject arbitrary web script or HTML via the Name field of an addressbook group...
CVE-2013-5646
Roundcube webmail 1.0-git is affected by a cross-site scripting (XSS) vulnerability that allows remote authenticated users to inject arbitrary web script or HTML through the Name field of an addressbook group. The linked sources consistently describe XSS in this component/version, but do not prov...
CVE-2013-5646
Cross-site scripting XSS vulnerability in Roundcube webmail 1.0-git allows remote authenticated users to inject arbitrary web script or HTML via the Name field of an addressbook group...
Fedora Update for kdelibs3 FEDORA-2013-8689
Check for the Version of kdelibs3 OpenVAS Vulnerability Test Fedora Update for kdelibs3 FEDORA-2013-8689 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
Addressbook v8.1.24.1 Group Name XSS
Instructions. After authentication, click on the Group tab at the top. Click on the New Group Button on the group page. For the group name the first field enter the following XSS test string: SCRIPTalertString.fromCharCode88,83,83/SCRIPT Then call the XSS string from the URL -- technically one...
mieric AddressBook 1.0 - SQL Injection
mieric AddressBook 1.0 - SQL Injection ----------------------------------------------------- mieric addressBook 1.0 Vendor information: "MieRic address book is wrote in PERL and holds data via a MYSQL database. Users can add multiple EMAIL, ADDRESS, PHONE, CONTACTS, IMAGE AVATAR and PGP keys as...
mieric AddressBook 1.0 - SQL Injection
----------------------------------------------------- mieric addressBook 1.0 Vendor information: "MieRic address book is wrote in PERL and holds data via a MYSQL database. Users can add multiple EMAIL, ADDRESS, PHONE, CONTACTS, IMAGE AVATAR and PGP keys as they want. The addressBook is password...
CVE-2012-2307
Cross-site request forgery CSRF vulnerability in the Addressbook module for Drupal 6.x-4.2 and earlier allows remote attackers to hijack the authentication of unspecified victims via unknown vectors...
CVE-2012-2306
SQL injection vulnerability in the Addressbook module for Drupal 6.x-4.2 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in the Addressbook module for Drupal 6.x-4.2 and earlier allows remote attackers to hijack the authentication of unspecified victims via unknown vectors...
Sql injection
SQL injection vulnerability in the Addressbook module for Drupal 6.x-4.2 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2012-2306
The CVE-2012-2306 entry concerns the Drupal Addressbook contributed module, affected in 6.x-4.2 and earlier. The root cause is a SQL injection vulnerability that allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Impact is described as potential partial confidentia...
CVE-2012-2307
Cross-site request forgery CSRF vulnerability in the Addressbook module for Drupal 6.x-4.2 and earlier allows remote attackers to hijack the authentication of unspecified victims via unknown vectors...
CVE-2012-2307
CVE-2012-2307 describes a Cross-site request forgery (CSRF) in the Drupal contributed Addressbook module (versions 6.x-4.2 and earlier) that could allow remote attackers to hijack user authentication via unspecified vectors. Root cause details are not provided in the documents. The Drupal SA advi...
SA-CONTRIB-2012-069 - Addressbook - Multiple vulnerabilities - Unsupported
This module contains a simple addressbook. The module has multiple issues including SQL Injection and Cross Site Request Forgery. For the SQL Injection issue - CVE: CVE-2012-2306 For the CSRF issue - CVE: CVE-2012-2307 Versions affected 6.x-4.2 and before Drupal core is not affected. If you do no...
CVE-2010-4990
SQL injection vulnerability in the Front-edit Address Book comaddressbook component for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter in a contact action to index.php...
iPhone/iPad Phone Drive 1.1.1 Directory Traversal
No description provided by source. !/usr/bin/python ---------------------------------------------------------------- Software : iPhone/iPad Phone Drive 1.1.1 Type of vulnerability : Directory Traversal Tested On : iPhone 4 IOS 4.3.3/Jailbroken...
iphone/ipad phone drive 1.1.1 - Directory Traversal
!/usr/bin/python ---------------------------------------------------------------- Software : iPhone/iPad Phone Drive 1.1.1 Type of vulnerability : Directory Traversal Tested On : iPhone 4 IOS 4.3.3/Jailbroken ---------------------------------------------------------------- Program Developer :...
PHP-AddressBook v6.2.12 (view.php) SQL Injection Vulnerability
Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...