LinPHA 1.3.2/1.3.3 login.php XSS

LinPHA 1.3.2/1.3.3 login.php XSS. CVE-2008-6571. Webapps exploit for php platform source: http://www.securityfocus.com/bid/34500/info LinPHA is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input data. Attackers can leverage these...

Achievo 1.3.2 - 'atknodetype' Cross-Site Scripting

source: https://www.securityfocus.com/bid/31326/info Achievo is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of...

Sama Educational Management System - 'error.asp' Cross-Site Scripting

source: https://www.securityfocus.com/bid/31242/info Sama Educational Management System is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

Yogurt Social Network 3.2 rc1 Module for XOOPS - scrapbook.php?uid Cross-Site Scripting

Yogurt Social Network 3.2 rc1 Module for XOOPS - scrapbook.php?uid Cross-Site Scripting source: https://www.securityfocus.com/bid/30618/info Yogurt Social Network is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may...

Softbiz Image Gallery - 'changepassword.php?msg' Cross-Site Scripting

source: https://www.securityfocus.com/bid/30546/info Softbiz Photo Gallery is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecti...

Softbiz Image Gallery - config.php?msg Cross-Site Scripting

Softbiz Image Gallery - config.php?msg Cross-Site Scripting source: https://www.securityfocus.com/bid/30546/info Softbiz Photo Gallery is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to...

GlassFish Application Server - resourceNodecustomResourceNew.jsf Multiple Cross-Site Scripting Vulnerabilities

GlassFish Application Server - resourceNodecustomResourceNew.jsf Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/29751/info Sun Glassfish is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data...

Prozilla Hosting Index - 'cat_id' SQL Injection

\ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV88$2008 ----------------------------------------------------------------------------------------- ECHOADV88$2008 Prozilla Hosting Index directory.php catid Blind Sql Injection Vulnerability...

Invision Power Board 2.x - Signature iFrame Security

Invision Power Board 2.x - Signature iFrame Security source: https://www.securityfocus.com/bid/28466/info Invision Power Board IP.Board is prone to a security vulnerability that can aid attackers in social-engineering attacks. Attacker-supplied script code could exploit vulnerabilities in the...

MyNews 1.6.x - 'hash' Cross-Site Scripting

source: https://www.securityfocus.com/bid/27652/info MyNews is prone to a cross-site scripting vulnerability. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal...

MyPHP Forum 'faq.php' and 'member.php' Multiple SQL Injection Vulnerabilities

MyPHP Forum is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in t...

LiveCart 1.0.1 - return Cross-Site Scripting (1)

LiveCart 1.0.1 - return Cross-Site Scripting 1 source: https://www.securityfocus.com/bid/27087/info LiveCart is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code ...

CMS Made Simple <= 1.2.2 (TinyMCE module) SQL Injection Vuln

No description provided by source. ------------------------------------------------------------------------- CMS Made Simple = 1.2.2 TinyMCE module - Remote SQL Injection Advisory ------------------------------------------------------------------------- author...: EgiX...

esyndicatles-sql.txt

-------------------------------------------------------------- eSyndiCat Link Exchange Script - Remote SQL Injection Advisory -------------------------------------------------------------- author...: EgiX mail.....: n0b0d13satgmaildotcom link.....: http://www.esyndicat.com/ dork.....: "© 2005-200...

Alstrasoft e-Friends 4.98 - seid Multiple SQL Injections

Alstrasoft e-Friends 4.98 - seid Multiple SQL Injections \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV85$2007 ----------------------------------------------------------------------------------------- ECHOADV85$2007 alstrasoft E-Friends = 4.98 seid...

Liferay Portal 4.1 Login Script - Cross-Site Scripting

source: https://www.securityfocus.com/bid/26470/info Liferay Portal is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user ...

Comersus Cart 7.0.7 - 'comersus_customerAuthenticateForm.asp' redirectUrl Cross-Site Scripting

source: https://www.securityfocus.com/bid/24562/info Comersus Cart is affected by multiple input validation vulnerabilities. A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database. The attacker may...

Comersus Cart 7.0.7 - comersus_customerAuthenticateForm.asp redirectUrl Cross-Site Scripting

Comersus Cart 7.0.7 - comersuscustomerAuthenticateForm.asp redirectUrl Cross-Site Scripting source: https://www.securityfocus.com/bid/24562/info Comersus Cart is affected by multiple input validation vulnerabilities. A successful exploit could allow an attacker to compromise the application, acce...

Microsoft Speech API ActiveX control Remote BoF Exploit (xp sp2)

No description provided by source. !-- 6.30 10/06/2007 Microsoft Windows DirectSpeechSynthesis Module XVoice.dll 4.0.4.2512 / DirectSpeechRecognition Module Xlisten.dll 4.0.4.2512 remote buffer overflow exploit/ xp sp2 version both dlls are vulnerable, this is the poc for the first one...

Microsoft IE dxtmsft.dll Multiple ActiveX COM Object DoS

Microsoft Internet Explorer contains a flaw that may allow a remote denial of service. The issue is triggered when a user accesses a malicious web site that contains scripting code calling a number of ActiveX COM objects in the dxtmsft.dll library, and will result in loss of availability for the...