Lucene search
+L

737 matches found

Packet Storm
Packet Storm
added 2010/04/03 12:0 a.m.21 views

Profi Einzelgebots Auktions System Cross Site Scripting

x Author: Andrea Bocchetti x Homepage : www.geekit.it // Software Info Name : Profi Einzelgebots Auktions System Demo : http://hiweb-wiesbaden.de/hammerdealv3/ Price : 399.99 Exploit : http://www.site.com/hammerdealv3/suche.php This script is possibly vulnerable to Cross Site Scripting XSS attack...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2010/01/18 12:0 a.m.12 views

SurgeFTP 2.x - surgeftpmgr.cgi Multiple Cross-Site Scripting Vulnerabilities

SurgeFTP 2.x - surgeftpmgr.cgi Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/37844/info SurgeFTP is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied data. Attacker-supplied HTML or...

Exploits0
OpenVAS
OpenVAS
added 2009/12/21 12:0 a.m.21 views

VMware Server Multiple XSS Vulnerabilities - Windows

VMWare Server is prone to multiple cross-site scripting XSS vulnerabilities. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS5.9AI score0.02777EPSS
Exploits1References5
OpenVAS
OpenVAS
added 2009/12/09 12:0 a.m.17 views

moziloCMS Multiple Cross Site Scripting Vulnerabilities

The host is running moziloCMS and is prone to Multiple Cross Site Scripting Vulnerabilities OpenVAS Vulnerability Test $Id: gbmoziloCMSmultxssvuln.nasl 4869 2016-12-29 11:01:45Z teissa $ moziloCMS Multiple Cross Site Scripting Vulnerabilities Authors: Antu Sanadi Copyright: Copyright c 2009...

4.3CVSS0.1AI score0.01189EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2009/11/16 12:0 a.m.28 views

FreeBSD : wordpress -- multiple vulnerabilities (0640198a-d117-11de-b667-0030843d3802)

secunia reports : The security issue is caused due to the wpcheckfiletype function in /wp-includes/functions.php improperly validating uploaded files. This can be exploited to execute arbitrary PHP code by uploading a malicious PHP script with multiple extensions. Successful exploitation of this...

6CVSS5.9AI score0.08427EPSS
Exploits0References4
ThreatPost
ThreatPost
added 2009/11/05 9:23 p.m.10 views

Zero-Day Flaw Found in Web Encryption

A zero-day flaw in the TLS and SSL protocols, which are commonly used to encrypt web pages, has been made public. The flaw allows an outsider to hijack a legitimate user’s browser session and successfully impersonate the user, the researchers said in a technical paper. Read the full story...

2.2AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2009/10/08 12:0 a.m.16 views

Symantec SecurityExpressions Audit and Compliance Server Multiple XSS

Binary data 5206.prm...

4.3CVSS7.3AI score0.01328EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2009/09/15 12:0 a.m.9 views

FreeBSD : horde-base -- multiple vulnerabilities (ee23aa09-a175-11de-96c0-0011098ad87f)

The Horde team reports : An error within the form library when handling image form fields can be exploited to overwrite arbitrary local files. An error exists within the MIME Viewer library when rendering unknown text parts. This can be exploited to execute arbitrary HTML and script code in a...

5.7AI score
Exploits0References4
FreeBSD
FreeBSD
added 2009/06/03 12:0 a.m.34 views

joomla -- multiple vulnerabilities

Secunia reports: Some vulnerabilities have been reported in Joomla!, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site scripting attacks. Certain unspecified input is not properly sanitised before being used. This can be...

4.3CVSS6.6AI score0.04268EPSS
Exploits1References2
FreeBSD
FreeBSD
added 2009/05/28 12:0 a.m.18 views

horde-base -- multiple vulnerabilities

The Horde team reports: An error within the form library when handling image form fields can be exploited to overwrite arbitrary local files. An error exists within the MIME Viewer library when rendering unknown text parts. This can be exploited to execute arbitrary HTML and script code in a user...

7.4AI score
Exploits0References4
FreeBSD
FreeBSD
added 2009/04/21 12:0 a.m.31 views

moinmoin -- cross-site scripting vulnerabilities

Secunia reports: Input passed via multiple parameters to action/AttachFile.py is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in the context of an affected site...

4.3CVSS7AI score0.02482EPSS
Exploits1References2
FreeBSD
FreeBSD
added 2009/02/28 12:0 a.m.23 views

mod_perl -- cross-site scripting

Secunia reports: Certain input passed to the "Apache::Status" and "Apache2::Status" modules is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected website...

2.6CVSS9.5AI score0.29638EPSS
Exploits3References1
Tenable Nessus
Tenable Nessus
added 2009/02/12 12:0 a.m.35 views

FreeBSD : typo3 -- XSS and information disclosure (cc47fafe-f823-11dd-94d9-0030843d3802)

Secunia reports : Some vulnerabilities have been reported in Typo3, which can be exploited by malicious people to conduct cross-site scripting attacks and disclose sensitive information. Input passed via unspecified fields to the backend user interface is not properly sanitised before being...

5CVSS5.5AI score0.42227EPSS
Exploits3References4
Tenable Nessus
Tenable Nessus
added 2009/02/01 12:0 a.m.25 views

FreeBSD : moinmoin -- multiple XSS vulnerabilities (6a523dba-eeab-11dd-ab4f-0030843d3802)

Secunia reports : Input passed to multiple parameters in action/AttachFile.py is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in the context of an affected site. Certain input passed to...

4.3CVSS5.9AI score0.05435EPSS
Exploits1References6
FreeBSD
FreeBSD
added 2009/01/21 12:0 a.m.42 views

moinmoin -- multiple cross site scripting vulnerabilities

Secunia reports: Some vulnerabilities have been reported in MoinMoin, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed to multiple parameters in action/AttachFile.py is not properly sanitised before being returned to the user. This can be exploited ...

4.3CVSS0.3AI score0.05435EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2009/01/20 12:0 a.m.39 views

CVE-2008-5913

The Math.random function in the JavaScript implementation in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, uses a random number generator that is seeded only once per browser session, which makes it easier for remote attackers to track a user, or trick a...

4.9CVSS7.2AI score0.01141EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2008/12/21 12:0 a.m.39 views

FreeBSD : mediawiki -- multiple vulnerabilities (61b07d71-ce0e-11dd-a721-0030843d3802)

The MediaWiki development team reports : Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. Certain unspecified input related to uploads ...

5.8CVSS5.9AI score0.01962EPSS
Exploits0References5
FreeBSD
FreeBSD
added 2008/12/15 12:0 a.m.24 views

mediawiki -- multiple vulnerabilities

The MediaWiki development team reports: Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. Certain unspecified input related to uploads i...

6.8AI score
Exploits0References2
FreeBSD
FreeBSD
added 2008/11/26 12:0 a.m.28 views

wordpress -- header rss feed script insertion vulnerability

Secunia reports: Input passed via the HTTP "Host" header is not properly sanitised before being used. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site if malicious data is viewed...

4.3CVSS7AI score0.03233EPSS
Exploits1References2
securityvulns
securityvulns
added 2008/10/26 12:0 a.m.97 views

Secunia Research: HP SiteScope SNMP Trap Script Insertion Vulnerability

====================================================================== Secunia Research 20/10/2008 - HP SiteScope SNMP Trap Script Insertion - ====================================================================== Table of Contents Affected...

4.3CVSS0.4AI score0.01637EPSS
Exploits1
Rows per page
Query Builder