3838 matches found
wb news (webmobo) 2.3.3 - Persistent Cross-Site Scripting
wb news webmobo 2.3.3 - Persistent Cross-Site Scripting Title: WB News Webmobo 2.3.3 Stored XSS Vendor: http://www.webmobo.org/ AUTHOR: ITSecTeam Email: [email protected] Website: http://www.itsecteam.com Forum : http://forum.ITSecTeam.com Original Advisory:...
Joomla ZiMB Comment 0.8.1 Local File Inclusion
================================================================================================================= o Joomla Component ZiMB Comment Local File Inclusion Vulnerability Software : comzimbcomment version 0.8.1 Vendor : http://www.zimbllc.com/ Author : AntiSecurity NoGe Vrs-hCk OoNBoY...
Joomla! Component ZiMB Comment 0.8.1 - Local File Inclusion
Joomla! Component ZiMB Comment 0.8.1 - Local File Inclusion ================================================================================================================= o Joomla Component ZiMB Comment Local File Inclusion Vulnerability Software : comzimbcomment version 0.8.1 Vendor :...
Joomla! Component ZiMB Comment 0.8.1 - Local File Inclusion
================================================================================================================= o Joomla Component ZiMB Comment Local File Inclusion Vulnerability Software : comzimbcomment version 0.8.1 Vendor : http://www.zimbllc.com/ Author : AntiSecurity NoGe Vrs-hCk OoNBoY...
Joomla JA Comment Local File Inclusion
========================================================================================================= o Joomla Component JA Comment Local File Inclusion Vulnerability Software : comjacomment Vendor : http://www.joomlart.com/ Author : AntiSecurity NoGe Vrs-hCk OoNBoY Paman zxvf s4va Contact :...
Joomla! Component JA Comment - Local File Inclusion
Joomla! Component JA Comment - Local File Inclusion ========================================================================================================= o Joomla Component JA Comment Local File Inclusion Vulnerability Software : comjacomment Vendor : http://www.joomlart.com/ Author :...
Joomla! Component JA Comment - Local File Inclusion
========================================================================================================= o Joomla Component JA Comment Local File Inclusion Vulnerability Software : comjacomment Vendor : http://www.joomlart.com/ Author : AntiSecurity NoGe Vrs-hCk OoNBoY Paman zxvf s4va Contact :...
Cross site scripting
Cross-site scripting XSS vulnerability in blog/index.php in Uiga Business Portal allows remote attackers to inject arbitrary web script or HTML via the textcomment parameter aka the Comment Box in a noentryid action. NOTE: some of these details are obtained from third party information...
CVE-2010-1048
Cross-site scripting XSS vulnerability in blog/index.php in Uiga Business Portal allows remote attackers to inject arbitrary web script or HTML via the textcomment parameter aka the Comment Box in a noentryid action. NOTE: some of these details are obtained from third party information...
CSICE XSS and CSRF Vulnerability
Exploit for unknown platform in category web applications ================================ CSICE XSS and CSRF Vulnerability ================================ http://www.csice.org/ Suffers from XSS and CSRF cross site scripting and cross site request forgery attacks. The vulnerability lies in the...
CSICE Cross Site Request Forgery / Cross Site Scripting
http://www.csice.org/ Suffers from XSS and CSRF cross site scripting and cross site request forgery attacks. The vulnerability lies in the Post comment filelds in the following page move to this page 'only for authenticated user' http://www.csice.org/student/subjects.html and choose a subject and...
Cross site scripting
Cross-site scripting XSS vulnerability in assess.php in evalSMSI 2.1.03 allows remote attackers to inject arbitrary web script or HTML via the reports comment box in a continueassess action. NOTE: some of these details are obtained from third party information...
Sql injection
SQL injection vulnerability in the comment submission interface includes/comment.php in Enano CMS before 1.0.6pl1 allows remote attackers to execute arbitrary SQL commands via unspecified parameters...
Silverstripe <= v2.3.4: two XSS vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Silverstripe CMS, http://silverstripe.org/, version 2.3.4 and lower and its unreleased 2.4 branch, is vulnerable to two Cross Site Scripting issues. 1. The comment posting mechanism of Silverstripe 'PostCommentForm' fails to properly sanitize the...
CVE-2009-4623
Multiple PHP remote file inclusion vulnerabilities in Advanced Comment System 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the ACSpath parameter to 1 index.php and 2 admin.php in advancedcommentsystem/. NOTE: this might only be a vulnerability when the administrator has n...
CVE-2009-4623
CVE-2020-35598 (Advanced Comment System 1.0) is affected by Local File Inclusion via advanced_component_system/index.php?ACS_path=..%2f. Exploitation can lead to unauthorized file access and, per the Nuclei entry, may enable remote code execution and full system compromise. CVE-2009-4623 is relat...
CVE-2009-4623
Multiple PHP remote file inclusion vulnerabilities in Advanced Comment System 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the ACSpath parameter to 1 index.php and 2 admin.php in advancedcommentsystem/. NOTE: this might only be a vulnerability when the administrator has n...
CentOS 5 : gstreamer-plugins-base (CESA-2009:0352)
Updated gstreamer-plugins-base packages that fix a security issue are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. GStreamer is a streaming media framework based on graphs of filters which operat...
WordPress <2.0.6 评论表格SQL注入漏洞
No description provided by source...
Path traversal
The CCK Comment Reference module 5.x before 5.x-1.2 and 6.x before 6.x-1.3, a module for Drupal, allows remote attackers to bypass intended access restrictions and read comments by using the autocomplete path...