Lucene search
+L

417 matches found

Packet Storm
Packet Storm
added 2009/12/08 12:0 a.m.23 views

Viscacha 0.8 Gold Cross Site Scripting

Viscacha 0.8 Gold persistant XSS vulnerability Found By: mrme Download: http://www.viscacha.org/ Tested On: Windows Vista Note: For educational purposes only POC Info: A regular user of the board can embed javascript code that could be executed within the context of the admin's browser. If the us...

Exploits0
exploitpack
exploitpack
added 2009/11/01 12:0 a.m.19 views

PacketVideo Twonky Server 4.4.175.0.65 - Cross-Site Scripting HTML Injection

PacketVideo Twonky Server 4.4.175.0.65 - Cross-Site Scripting HTML Injection source: https://www.securityfocus.com/bid/41929/info Twonky Server is prone to a cross-site scripting vulnerability and multiple HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input...

0.1AI score
Exploits0
Exploit DB
Exploit DB
added 2009/08/26 12:0 a.m.20 views

IBM Tivoli Identity Manager 5.0.5 - User Profile HTML Injection

source: https://www.securityfocus.com/bid/36293/info IBM Tivoli Identity Manager is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code would run in...

7AI score
Exploits0
exploitpack
exploitpack
added 2009/08/06 12:0 a.m.24 views

Multi Website 1.5 - search HTML Injection

Multi Website 1.5 - search HTML Injection source: https://www.securityfocus.com/bid/43245/info Multi Website is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. Successful exploits will allow...

7.6AI score
Exploits0
Exploit DB
Exploit DB
added 2009/06/22 12:0 a.m.19 views

Curverider Elgg 1.0 - Templates HTML Injection

source: https://www.securityfocus.com/bid/43871/info Elgg is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. Exploits require the attacker be an authenticated user; this permission may be trivial ...

7AI score
Exploits0
OpenVAS
OpenVAS
added 2009/05/07 12:0 a.m.31 views

Google Chrome XSS Vulnerability

The host is installed with Google Chrome and is prone to XSS vulnerability. OpenVAS Vulnerability Test $Id: gbgooglechromexssvuln.nasl 4869 2016-12-29 11:01:45Z teissa $ Google Chrome XSS Vulnerability Authors: Nikita MR Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.ne...

4.3CVSS0.4AI score0.00448EPSS
Exploits1References1
Exploit DB
Exploit DB
added 2009/03/22 12:0 a.m.27 views

ExpressionEngine 1.6 - Avtaar Name HTML Injection

source: https://www.securityfocus.com/bid/34193/info ExpressionEngine is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code would run in the contex...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2008/12/29 12:0 a.m.13 views

MagpieRSS 0.72 - CDATA HTML Injection

MagpieRSS 0.72 - CDATA HTML Injection source: https://www.securityfocus.com/bid/33044/info MagpieRSS is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and scri...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2008/07/08 12:0 a.m.16 views

vBulletin 3.7.1 - admincpfaq.php?Injection adminlog.php Cross-Site Scripting

vBulletin 3.7.1 - admincpfaq.php?Injection adminlog.php Cross-Site Scripting source: https://www.securityfocus.com/bid/30134/info vBulletin is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated...

Exploits0
Exploit DB
Exploit DB
added 2008/05/11 12:0 a.m.21 views

ScrewTurn Software ScrewTurn Wiki 2.0.x - 'System Log' Page HTML Injection

source: https://www.securityfocus.com/bid/30429/info ScrewTurn Wiki is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code would run in the context ...

7AI score
Exploits0
RedHat Linux
RedHat Linux
added 2007/07/19 2:46 a.m.3 views

security flaw

Cross-site scripting XSS vulnerability in Mozilla Firefox before 2.0.0.5 allows remote attackers to inject arbitrary web script "into another site's context" via a "timing issue" involving the 1 addEventListener or 2 setTimeout function, probably by setting events that activate after the context...

4.3CVSS7.5AI score0.01349EPSS
Exploits1References4
Exploit DB
Exploit DB
added 2007/03/26 12:0 a.m.23 views

Fizzle 0.5 - RSS Feed HTML Injection

source: https://www.securityfocus.com/bid/23144/info Fizzle is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code would run in the context of the...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2006/12/09 12:0 a.m.36 views

KDPics 1.111.16 - index.php3?categories Cross-Site Scripting

KDPics 1.111.16 - index.php3?categories Cross-Site Scripting source: https://www.securityfocus.com/bid/21515/info KDPics is prone to multiple input-validation vulnerabilities, including cross-site scripting and remote file-include issues, because the application fails to sanitize user-supplied...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2006/12/09 12:0 a.m.38 views

KDPics 1.111.16 - galeries.inc.php3?categories Cross-Site Scripting

KDPics 1.111.16 - galeries.inc.php3?categories Cross-Site Scripting source: https://www.securityfocus.com/bid/21515/info KDPics is prone to multiple input-validation vulnerabilities, including cross-site scripting and remote file-include issues, because the application fails to sanitize...

0.2AI score
Exploits0
Exploit DB
Exploit DB
added 2006/12/09 12:0 a.m.111 views

KDPics 1.11/1.16 - 'index.php3?categories' Cross-Site Scripting

source: https://www.securityfocus.com/bid/21515/info KDPics is prone to multiple input-validation vulnerabilities, including cross-site scripting and remote file-include issues, because the application fails to sanitize user-supplied input. A successful exploit may allow unauthorized users to vie...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2006/06/09 12:0 a.m.13 views

Baby Katie Media VSReal and VScal 1.0 - myslideshow.php?title Cross-Site Scripting

Baby Katie Media VSReal and VScal 1.0 - myslideshow.php?title Cross-Site Scripting source: https://www.securityfocus.com/bid/18350/info vsREAL and vSCAL are prone to multiple cross-site scripting vulnerabilities. These issues are due to the applications' failure to properly sanitize user-supplied...

0.2AI score
Exploits0
Gentoo Linux
Gentoo Linux
added 2006/03/12 12:0 a.m.38 views

SquirrelMail: Cross-site scripting and IMAP command injection

Background SquirrelMail is a webmail package written in PHP. It supports IMAP and SMTP protocols. Description SquirrelMail does not validate the rightframe parameter in webmail.php, possibly allowing frame replacement or cross-site scripting CVE-2006-0188. Martijn Brinkers and Scott Hughes...

5CVSS7.1AI score0.02296EPSS
Exploits1
Rows per page
Query Builder