Lucene search
+L

737 matches found

securityvulns
securityvulns
added 2006/03/15 12:0 a.m.40 views

[SA19215] Jupiter Content Manager "image" BBcode Script Insertion

TITLE: Jupiter Content Manager "image" BBcode Script Insertion SECUNIA ADVISORY ID: SA19215 VERIFY ADVISORY: http://secunia.com/advisories/19215/ CRITICAL: Moderately critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: Jupiter Content Manager 1.x http://secunia.com/product/8685/...

0.7AI score
Exploits0
securityvulns
securityvulns
added 2006/02/18 12:0 a.m.34 views

[SA18924] PerlBLOG Multiple Vulnerabilities

TITLE: PerlBLOG Multiple Vulnerabilities SECUNIA ADVISORY ID: SA18924 VERIFY ADVISORY: http://secunia.com/advisories/18924/ CRITICAL: Moderately critical IMPACT: Security Bypass, Cross Site Scripting WHERE: From remote SOFTWARE: PerlBLOG 1.x http://secunia.com/product/8128/ DESCRIPTION: Aliaksand...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2006/02/18 12:0 a.m.37 views

[SA18892] Siteframe Page Comment Script Insertion Vulnerability

TITLE: Siteframe Page Comment Script Insertion Vulnerability SECUNIA ADVISORY ID: SA18892 VERIFY ADVISORY: http://secunia.com/advisories/18892/ CRITICAL: Moderately critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: Siteframe 5.x http://secunia.com/product/8006/ DESCRIPTION: Kiki...

1AI score
Exploits0
securityvulns
securityvulns
added 2005/12/20 12:0 a.m.28 views

[SA18132] ASPBite "strSearch" Cross-Site Scripting Vulnerability

TITLE: ASPBite "strSearch" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA18132 VERIFY ADVISORY: http://secunia.com/advisories/18132/ CRITICAL: Less critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: ASPBite 8.x http://secunia.com/product/6577/ DESCRIPTION: Preddy has...

0.9AI score
Exploits0
FreeBSD
FreeBSD
added 2005/12/07 12:0 a.m.15 views

phpmyadmin -- register_globals emulation "import_blacklist" manipulation

Secunia reports: Stefan Esser has reported a vulnerability in phpMyAdmin, which can be exploited by malicious people to conduct cross-site scripting attacks, disclose sensitive information, and compromise a vulnerable system. The vulnerability is caused due to an error in the registerglobals...

0.2AI score
Exploits0References3
securityvulns
securityvulns
added 2005/12/05 12:0 a.m.32 views

1- Search XSS vuln.

1- Search XSS vuln. Vuln. dicovered by : r0t Date: 5 dec. 2005 Orginal advisory:http://pridels.blogspot.com/2005/12/1-search-xss-vuln.html vendor:http://www.1-script.com/1search/ affected version:1.80 and prior Product Description: An advanced site search script written with search engines...

Exploits0
securityvulns
securityvulns
added 2005/12/04 12:0 a.m.76 views

Sitebeater News System XSS vuln.

Sitebeater News System XSS vuln. Vuln. dicovered by : r0t Date: 3 dec. 2005 Orginal advisory:http://pridels.blogspot.com/2005/12/sitebeater-news-system-xss-vuln.html affected version: 4.00 and prior Product Description: News Features: mailing lists, polls, themes, attachments, search, categories,...

6.7AI score
Exploits0
FreeBSD
FreeBSD
added 2005/11/10 12:0 a.m.16 views

phpSysInfo -- "register_globals" emulation layer overwrite vulnerability

A Secunia Advisory reports: Christopher Kunz has reported a vulnerability in phpSysInfo, which can be exploited by malicious people to manipulate certain information. The vulnerability is caused due to an error in the "registerglobals" emulation layer where certain arrays used by the system can b...

0.5AI score
Exploits0References2
securityvulns
securityvulns
added 2005/11/08 12:0 a.m.41 views

Invision Power Board 2.1 : Multiple XSS Vulnerabilities

Fast translation of benji's advisory Author : benjilenoob WebSite : http://benji.redkod.org/ and http://www.redkod.org/ Audit in pdf : http://benji.redkod.org/audits/ipb.2.1.pdf Product : Invision power board Version : 2.1 Tisk : Low. XSS I- XSS non critical: -------------------- 1. Input passed ...

0.5AI score
Exploits0
Gentoo Linux
Gentoo Linux
added 2005/07/20 12:0 a.m.34 views

MediaWiki: Cross-site scripting vulnerability

Background MediaWiki is a collaborative editing software, used by big projects like Wikipedia. Description MediaWiki fails to escape a parameter in the page move template correctly. Impact By enticing a user to visit a specially crafted URL, a remote attacker could exploit this vulnerability to...

4.3CVSS6.4AI score0.02043EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2005/07/20 12:0 a.m.26 views

GLSA-200507-18 : MediaWiki: XSS vulnerability

The remote host is affected by the vulnerability described in GLSA-200507-18 MediaWiki: XSS vulnerability MediaWiki fails to escape a parameter in the page move template correctly. Impact : By enticing a user to visit a specially crafted URL, a remote attacker could exploit this vulnerability to...

4.3CVSS5.4AI score0.02043EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2005/07/13 12:0 a.m.15 views

FreeBSD : horde -- Horde Page Title XSS Vulnerability (396ee517-a607-11d9-ac72-000bdb1444a4)

Secunia Advisory: SA14730 A vulnerability has been reported in Horde, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed when setting the parent frame's page title via JavaScript is not properly sanitised before being returned to the user. This can be...

4.3CVSS5.5AI score0.01235EPSS
Exploits0References4
Gentoo Linux
Gentoo Linux
added 2005/07/04 12:0 a.m.42 views

WordPress: Multiple vulnerabilities

Background WordPress is a PHP and MySQL based content management and publishing system. Description James Bercegay of the GulfTech Security Research Team discovered that WordPress insufficiently checks data passed to the XML-RPC server. He also discovered that WordPress has several cross-site...

7.5CVSS7AI score0.79071EPSS
Exploits5
securityvulns
securityvulns
added 2005/06/17 12:0 a.m.45 views

[SA15705] ATutor Cross-Site Scripting Vulnerabilities

---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...

Exploits0
Gentoo Linux
Gentoo Linux
added 2005/06/13 12:0 a.m.24 views

MediaWiki: Cross-site scripting vulnerability

Background MediaWiki is a collaborative editing software, used by big projects like Wikipedia. Description MediaWiki incorrectly handles page template inclusions, rendering it vulnerable to cross-site scripting attacks. Impact A remote attacker could exploit this vulnerability to inject malicious...

2.6AI score
Exploits0
FreeBSD
FreeBSD
added 2005/05/19 12:0 a.m.33 views

fswiki -- XSS problem in file upload form

A Secunia security advisory reports: A vulnerability has been reported in FreeStyle Wiki and FSWikiLite, which can be exploited by malicious people to conduct script insertion attacks. Input passed in uploaded attachments is not properly sanitised before being used. This can be exploited to injec...

4.3CVSS6.4AI score0.00938EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2005/04/18 12:0 a.m.21 views

Coppermine Gallery < 1.3.3 init.inc.php HTML Injection

Binary data 2839.prm...

4.3CVSS7.3AI score0.01177EPSS
Exploits0References1
Rows per page
Query Builder