Open Source Solutions ViMbAdmin Cross-Site Scripting Vulnerability

Open Source Solutions ViMbAdmin is an open source Web-based virtual mailbox management system from Open Source Solutions, Ireland. The system supports administrators to manage domains , mail and aliases and so on. A cross-site scripting vulnerability exists in Open Source Solutions ViMbAdmin...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in ViMbAdmin 3.0.15 allow remote attackers to inject arbitrary web script or HTML via the 1 domain or 2 transport parameter to domain/add; the 3 name parameter to mailbox/add/did/; the 4 goto parameter to alias/add/did/; or the 5 captchatext...

Rumble Mail Server 0.51.3135 Cross Site Scripting

Exploit title: Rumble Mail Server v/0.51.3135 = Stored Cross Site Scripting Download Software: https://sourceforge.net/projects/rumble/?source=directory Author: Nassim Asrir Author Company: Henceforth Contact: [email protected] Tested On: Win7 What is Rumble: --------------------------------...

CVE-2015-4854

Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 12.0.6, 12.1.3, 12.2.3, and 12.2.4 allows remote attackers to affect integrity via unknown vectors related to Single Signon. NOTE: the previous information is from the October 2015 CPU. Oracle...

Wing FTP Server Admin /admin_loglist.html Cross-Site Scripting Vulnerability

WingFTPServer is a professional cross-platform FTP server , it has good speed , reliability and a friendly configuration interface . Wing FTP Server Admin /adminloglist.html domain parameter handling has a cross-site scripting vulnerability that allows remote attackers to exploit the vulnerabilit...

Social Engineering Email Sender – SEES

SEES – Social Engineering Email Sender Most of the companies nowadays have their firewalls, threat monitoring and prevention security appliances setup. With these mechanisms in place, security precautions are taken and incidents are monitored. Inbound traffic being restricted, SEES on the other...

CVE-2014-8351

SQL injection vulnerability in info.php in French National Commission on Informatics and Liberty aka CNIL CookieViz before 1.0.1 allows remote web servers to execute arbitrary SQL commands via the domain parameter...

Sql injection

SQL injection vulnerability in info.php in French National Commission on Informatics and Liberty aka CNIL CookieViz before 1.0.1 allows remote web servers to execute arbitrary SQL commands via the domain parameter...

CVE-2014-8351

SQL injection vulnerability in info.php in French National Commission on Informatics and Liberty aka CNIL CookieViz before 1.0.1 allows remote web servers to execute arbitrary SQL commands via the domain parameter...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in SpamTitan 5.07 and possibly earlier allow remote attackers or authenticated users to inject arbitrary web script or HTML via the 1 ipaddress or 2 domain parameter to setup-network.php, different vectors than CVE-2011-5149. NOTE: the provenance ...

CVE-2012-1787

Multiple cross-site scripting XSS vulnerabilities in wgarcmin.cgi in Webglimpse 2.20.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 URL, 2 FILE, or 3 DOMAIN parameters...

MediaInSpot CMS - SQL Injection

Exploit Title: Media In Spot SQL Injection Google Dork: intext:""Powered By Media In Spot" Date: 16/05/2011 Author: Iolo Morganwg Category: Web App Version: PHP Tested on: Windows XP Vendor: http://www.mediainspot.com/ Note: domain parameter is vulnerable to sql injection Vulnerability...

Sql injection

SQL injection vulnerability in showplugs.php in smartplugs 1.3 allows remote attackers to execute arbitrary SQL commands via the domain parameter...

CVE-2010-1271

SQL injection vulnerability in showplugs.php in smartplugs 1.3 allows remote attackers to execute arbitrary SQL commands via the domain parameter...

Directory traversal

Directory traversal vulnerability in frontend/x3/stats/lastvisit.html in cPanel allows remote attackers to read arbitrary files via a .. dot dot in the domain parameter...

CVE-2008-6297

Cross-site scripting XSS vulnerability in order.php in DHCart allows remote attackers to inject arbitrary web script or HTML via the 1 domain and 2 d1 parameters...

DEBIAN-CVE-2008-3746

neon 0.28.0 through 0.28.2 allows remote servers to cause a denial of service NULL pointer dereference and crash via vectors related to Digest authentication, Digest domain parameter support, and the parsedomain function...

Null pointer dereference

neon 0.28.0 through 0.28.2 allows remote servers to cause a denial of service NULL pointer dereference and crash via vectors related to Digest authentication, Digest domain parameter support, and the parsedomain function...

CVE-2008-3746

CVE-2008-3746 - neon vulnerability details (supported by connected docs) Affected software: neon 0.28.0 through 0.28.2. The issue is described across multiple advisories as a denial of service caused by a NULL pointer dereference in the digest authentication code, related to Digest authentication...

CVE-2008-3746

neon 0.28.0 through 0.28.2 allows remote servers to cause a denial of service NULL pointer dereference and crash via vectors related to Digest authentication, Digest domain parameter support, and the parsedomain function...