ArticleSetup Multiple Persistence XSS / SQL Injection Vulnerabilities

Exploit for php platform in category web applications Title : ArticleSetup Multiple Persistence Cross-Site Scripting and SQL Injection Vulnerabilities Overview: --------- ArticleSetup Multiple Persistence Cross-Site Scripting and SQL Injection Vulnerabilities. Technical Description:...

phpList 2.10.17 - SQL Injection / Cross-Site Scripting

phpList 2.10.17 Remote SQL Injection and XSS Vulnerability Vendor: phpList Ltd Product web page: http://www.phplist.com Affected version: 2.10.17 Summary: phplist is the world's most popular open source email campaign manager. phplist is free to download, install and use, and is easy to integrate...

XWiki <= 3.4 Multiple Stored XSS Vulnerabilities - Active Check

XWiki is prone to multiple stored cross-site scripting XSS vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Joomla! Currency Converter Module 'from' Parameter Cross-Site Scripting Vulnerability

This host is running Joomla with Currency Converter module and is prone to cross-site scripting vulnerability. OpenVAS Vulnerability Test $Id: gbjoomlamodcurrencyconverterxssvuln.nasl 5931 2017-04-11 09:02:04Z teissa $ Joomla! Currency Converter Module 'from' Parameter Cross-Site Scripting...

Apache Struts < 2.3.3 Showcase Multiple Persistent XSS Vulnerabilities

Apache Struts Showcase is prone to multiple persistent cross-site scripting XSS vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-onl...

Brainkeeper Enterprise Wiki 'search.php' XSS Vulnerability

Brainkeeper Enterprise Wiki is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

ManageEngine ADManager Plus Multiple XSS Vulnerabilities

ManageEngine ADManager Plus is prone to multiple cross-site scripting XSS vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE ...

phpLDAPadmin < 1.2.3 XSS Vulnerability - Active Check

phpLDAPadmin is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

SiT! Support Incident Tracker 3.64 XSS / CSRF / SQL Injection

Advisory Details: High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in SiT! Support Incident Tracker, which can be exploited to perform SQL injection, cross-site scripting, cross-site request forgery attacks. 1 Input passed via the "start" GET parameter to...

SQLiteManager 'dbsel' And 'nsextt' Parameters Multiple XSS Vulnerabilities

The host is running SQLiteManager and is prone to multiple cross site scripting vulnerabilities. OpenVAS Vulnerability Test $Id: gbsqlitemanagermultxssvuln.nasl 5950 2017-04-13 09:02:06Z teissa $ SQLiteManager 'dbsel' And 'nsextt' Parameters Multiple XSS Vulnerabilities Authors: Rachana Shetty...

Limny 3.0.1 Cross Site Scripting

Limny 3.0.1 login.php Remote URI Based Cross-Site Scripting Vulnerability Vendor: Hamidreza Samak Product web page: http://www.limny.org Affected version: 3.0.1 Summary: Limny is a free and open-source content management framework with a focus on ease to use and develop. It can be used as a stabl...

XSS in OneOrZero AIMS

High-Tech Bridge SA Security Research Lab has discovered vulnerability in OneOrZero AIMS, which can be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in OneOrZero AIMS: CVE-2012-0989 Input appended to the URL after index.php is not properly sanitised...

Tiki Wiki CMS Groupware 'show_errors' Parameter Stored XSS Vulnerability

Tiki Wiki CMS Groupware is prone to a stored cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CA SiteMinder 'target' Parameter Cross-Site Scripting Vulnerability

CA SiteMinder is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

APC PowerChute Business Edition Unspecified Cross Site Scripting Vulnerability

This host is running APC PowerChute Business Edition and is prone to cross site scripting vulnerability. OpenVAS Vulnerability Test $Id: secpodapcpowerchutebusinessedtnxssvuln.nasl 7044 2017-09-01 11:50:59Z teissa $ APC PowerChute Business Edition Unspecified Cross Site Scripting Vulnerability...

SuSE 11.1 Security Update : empathy (SAT Patch Number 5363)

The following bug has been fixed : - Insufficient quoting of nick names allowed attackers to inject arbitrary html CVE-2011-3635 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update information. The text...

HomeSeer HS2 2.5.0.20 - Web Interface Log Viewer Page URI Cross-Site Scripting

HomeSeer HS2 2.5.0.20 - Web Interface Log Viewer Page URI Cross-Site Scripting source: https://www.securityfocus.com/bid/50978/info HS2 web interface is prone to multiple security vulnerabilities: 1. An HTML-injection vulnerability. 2. A cross-site request-forgery vulnerability. 3. A...

Expinion.Net Member Management System 'REF_URL' Parameter Cross-Site Scripting Vulnerability

The host is running Member Management System and is prone to cross site scripting vulnerability. OpenVAS Vulnerability Test $Id: gbmembermanagementsystemxssvuln.nasl 5750 2017-03-28 14:10:17Z cfi $ Expinion.Net Member Management System 'REFURL' Parameter Cross-Site Scripting Vulnerability Authors...

Hastymail2 'rs' Parameter Cross Site Scripting Vulnerability

The host is running Hastymail2 and is prone to cross-site scripting vulnerability. OpenVAS Vulnerability Test $Id: secpodhastymail2rsparamxssvuln.nasl 7044 2017-09-01 11:50:59Z teissa $ Hastymail2 'rs' Parameter Cross Site Scripting Vulnerability Authors: Sooraj KS Copyright: Copyright c 2011...

Multiple vulnerabilities in PHPShop CMS Free

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in PHPShop CMS Free, which can be exploited to perform cross-site scripting and SQL injection attacks. 1 Cross-Site Scripting in PHPShop CMS Free 1.1 Input appended to the URL after multiple files is not properly...