Lucene search
K

3566 matches found

securityvulns
securityvulns
added 2005/09/26 12:0 a.m.22 views

Courier mail server crossite scripting

Internet Explorer Conditional Comments crossite scripting with sqwebmail...

2.3AI score
Exploits0References1Affected Software1
NVD
NVD
added 2005/09/07 7:7 p.m.19 views

CVE-2005-2820

Cross-site scripting XSS vulnerability in SqWebMail 5.0.4 allows remote attackers to inject arbitrary web script or HTML via an e-mail message containing Internet Explorer "Conditional Comments" such as "if" and "endif"...

4.3CVSS5.5AI score0.02172EPSS
Exploits0References8
UbuntuCve
UbuntuCve
added 2005/09/07 7:7 p.m.17 views

CVE-2005-2820

Cross-site scripting XSS vulnerability in SqWebMail 5.0.4 allows remote attackers to inject arbitrary web script or HTML via an e-mail message containing Internet Explorer "Conditional Comments" such as "if" and "endif"...

4.3CVSS6AI score0.02172EPSS
Exploits0References2
OSV
OSV
added 2005/09/07 7:7 p.m.2 views

DEBIAN-CVE-2005-2820

Cross-site scripting XSS vulnerability in SqWebMail 5.0.4 allows remote attackers to inject arbitrary web script or HTML via an e-mail message containing Internet Explorer "Conditional Comments" such as "if" and "endif"...

4.3CVSS5.7AI score0.02172EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2005/09/07 4:0 a.m.38 views

CVE-2005-2820

Cross-site scripting XSS vulnerability in SqWebMail 5.0.4 allows remote attackers to inject arbitrary web script or HTML via an e-mail message containing Internet Explorer "Conditional Comments" such as "if" and "endif"...

4.3CVSS5.6AI score0.02172EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2005/09/07 12:0 a.m.10 views

PT-2005-3706 · Maxdev · Maxdev Md-Pro

Name of the Vulnerable Software and Affected Versions: MAXdev MD-Pro versions 1.0.72 and earlier Description: The issue affects one or more modules in MAXdev MD-Pro, including the Download, Search, Web links, Blocks, Messages, News, Comments, Settings, Stats, or subjects modules. The impact and...

10CVSS6.5AI score0.01422EPSS
Exploits0References3
securityvulns
securityvulns
added 2005/09/06 12:0 a.m.25 views

[Full-disclosure] Secunia Research: SqWebMail Conditional Comments Script Insertion Vulnerability

====================================================================== Secunia Research 06/09/2005 - SqWebMail Conditional Comments Script Insertion Vulnerability - ====================================================================== Table of Contents Affected...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2005/09/02 12:0 a.m.27 views

XSS in GreyMatter blog

Graymatter - perl based web blog. offsite: http://www.greymatterforums.com/ GM analyze posting comments and if post contain some dangerous code like script/script, administrator get message about it in log files. Log files contain not only message, but dangerous code. When admin try to look log...

7.4AI score
Exploits0
NVD
NVD
added 2005/08/24 4:0 a.m.18 views

CVE-2005-2689

Multiple cross-site scripting XSS vulnerabilities in PostNuke 0.760-RC4b allows remote attackers to inject arbitrary web script or HTML via 1 the moderate parameter to the Comments module or 2 htmltext parameter to html/user.php...

2.6CVSS5.8AI score0.01434EPSS
Exploits1References2
Cvelist
Cvelist
added 2005/08/24 4:0 a.m.22 views

CVE-2005-2689

Multiple cross-site scripting XSS vulnerabilities in PostNuke 0.760-RC4b allows remote attackers to inject arbitrary web script or HTML via 1 the moderate parameter to the Comments module or 2 htmltext parameter to html/user.php...

5.8AI score0.01434EPSS
Exploits1References2
NVD
NVD
added 2005/08/17 4:0 a.m.13 views

CVE-2005-2608

SafeHTML before 1.3.5 does not properly filter script in UTF-7 and CSS comments, which allows remote attackers to conduct cross-site scripting XSS attacks in vulnerable applications that use SafeHTML...

4.3CVSS5.8AI score0.00938EPSS
Exploits0References2
Cvelist
Cvelist
added 2005/08/17 4:0 a.m.17 views

CVE-2005-2608

SafeHTML before 1.3.5 does not properly filter script in UTF-7 and CSS comments, which allows remote attackers to conduct cross-site scripting XSS attacks in vulnerable applications that use SafeHTML...

5.8AI score0.00938EPSS
Exploits0References2
0day.today
0day.today
added 2005/08/03 12:0 a.m.143 views

vBulletin <= 3.0.6 (Template) Command Execution Exploit (metasploit)

Exploit for unknown platform in category web applications ==================================================================== vBulletin 'vBulletin '$Revision: 1.0 $', 'Authors' = 'str0ke' , 'Arch' = , 'OS' = , 'Priv' = 0, 'UserOpts' = 'RHOST' = 1, 'ADDR', 'The target address', 'RPORT' = 1, 'PORT...

7.1AI score
Exploits0
Cvelist
Cvelist
added 2005/07/06 4:0 a.m.19 views

CVE-2005-2152

SQL injection vulnerability in Geeklog before 1.3.11 allows remote attackers to execute arbitrary SQL commands via user comments for an article...

8.4AI score0.01211EPSS
Exploits0References4
securityvulns
securityvulns
added 2005/07/06 12:0 a.m.41 views

[Full-disclosure] Quickblogger

------------------------------------------------------------ - EXPL-A-2005-011 exploitlabs.com Advisory 040 - ------------------------------------------------------------ - QuickBlogger - AFFECTED PRODUCTS ================= QuickBlogger 1.4 and earlier http://www.jlwebworks.net/ OVERVIEW ========...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2005/07/05 12:0 a.m.26 views

Drupal 4.5.3 4.6.1 - Comments PHP Injection

Drupal 4.5.3 4.6.1 - Comments PHP Injection !/usr/bin/perl Mon Jul 4 18:19:35 CEST 2005 [email protected] DRUPAL-SA-2005-002 php injection in comments yes, its lame Hax0r code here, read before execute Run without arguments to show the help. BLINK! BLINK! BLINK! BLINK! Feel free to port to anoth...

0.5AI score
Exploits0
Exploit DB
Exploit DB
added 2005/07/05 12:0 a.m.57 views

Drupal 4.5.3 &lt; 4.6.1 - Comments PHP Injection

!/usr/bin/perl Mon Jul 4 18:19:35 CEST 2005 [email protected] DRUPAL-SA-2005-002 php injection in comments yes, its lame Hax0r code here, read before execute Run without arguments to show the help. BLINK! BLINK! BLINK! BLINK! Feel free to port to another stupid script language mIRC, python, TCL ...

7.4AI score
Exploits0
CVE
CVE
added 2005/06/30 4:0 a.m.58 views

CVE-2004-2138

AllWebScripts MySQLGuest is affected by a cross-site scripting (XSS) vulnerability in AWSguest.php. The issue allows remote attackers to inject arbitrary HTML/PHP via the fields Name, Email, Homepage, or Comments. The exact vulnerable component is AWSguest.php within AllWebScripts MySQLGuest; und...

6.8CVSS6.2AI score0.01473EPSS
Exploits1References4Affected Software1
securityvulns
securityvulns
added 2005/06/30 12:0 a.m.30 views

[Full-disclosure] [DRUPAL-SA-2005-002] Drupal 4.6.2 / 4.5.4 fixes input validation issue

---------------------------------------------------------------------------- Drupal security advisory DRUPAL-SA-2005-002 ---------------------------------------------------------------------------- Advisory ID: DRUPAL-SA-2005-002 Date: 2005-jun-29 Security risk: highly critical Impact: system...

0.1AI score
Exploits0
FreeBSD
FreeBSD
added 2005/06/29 12:0 a.m.47 views

drupal -- PHP code execution vulnerabilities

Kuba Zygmunt discovered a flaw in the input validation routines of Drupal's filter mechanism. An attacker could execute arbitrary PHP code on a target site when public comments or postings are allowed...

7.5CVSS6.7AI score0.79071EPSS
Exploits5References1
Rows per page
Query Builder