188 matches found
Russcom.net Loginphp multiple vulnerabilties
Russcom.net Loginphp multiple vulnerabilties Discovered by: Nomenumbra Date: 5/2/2006 impact:moderate privilege escalation,possible defacement Russcom.net's loginphp script is a small usermanagement script: Users can sign up for a username which they can use to login to the password protected mai...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Lotus Domino iNotes Client 6.5.4 and 7.0 allow remote attackers to inject arbitrary web script or HTML via 1 an email subject; 2 an encoded javascript URI, as demonstrated using "javascript:"; or 3 when the Domino Web Access ActiveX control is...
CVE-2005-2820
Cross-site scripting XSS vulnerability in SqWebMail 5.0.4 allows remote attackers to inject arbitrary web script or HTML via an e-mail message containing Internet Explorer "Conditional Comments" such as "if" and "endif"...
DEBIAN-CVE-2005-2820
Cross-site scripting XSS vulnerability in SqWebMail 5.0.4 allows remote attackers to inject arbitrary web script or HTML via an e-mail message containing Internet Explorer "Conditional Comments" such as "if" and "endif"...
CVE-2002-1771
Matt Wright FormMail 1.9 and earlier allows remote attackers to send spam or anonymous e-mail by injecting a newline character followed by CC:, BCC:, or additional TO: fields in the email and realname CGI variables...
CVE-2002-1771
FormMail 1.9 and earlier contains a newline-injection flaw in the email/realname CGI variables that allows remote attackers to inject CC/BCC/TO fields, enabling spam or anonymous email. Affected component is the FormMail mailing script; impact is remote abuse without authentication. The provided ...
CVE-2004-1418
Cross-site scripting XSS vulnerability in WPKontakt 3.0.1 and earlier allows remote attackers to inject arbitrary web script or HTML via an e-mail address, which is not quoted when a parsing error is generated...
XSS vulnerability in Mojo Mail Sign-Up Form
Heya, this is my first post here so go easy on me plz. I posted about this on the Mojo Bug Tracker ages ago and it's just been ignored, and besides, Im losing faith in reporting to the vendor, PHP Arena took the credit for an XSS bug I found in their paFileDB. But anyway, Mojo Mail doesn't filter...