6679 matches found
Unfixed XSS vulnerability at irish-charts.com
Security researcher Viper.aT, has submitted on 12/04/2008 a cross-site-scripting XSS vulnerability affecting irish-charts.com, which at the time of submission ranked 10365959 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 13/04/2008. It is...
CVE-2008-5193
Cross-site scripting XSS vulnerability in search.asp in W1L3D4 Philboard 1.14 and 1.2 allows remote attackers to inject arbitrary web script or HTML via the searchterms parameter. NOTE: this might overlap CVE-2007-4024...
CVE-2008-5185
The highlighting functionality in geshi.php in GeSHi before 1.0.8 allows remote attackers to cause a denial of service infinite loop via an XML sequence containing an opening delimiter without a closing delimiter, as demonstrated using ""...
Unfixed XSS vulnerability at foro.sfpcoahuila.gob.mx
Security researcher xylitol, has submitted on 11/08/2008 a cross-site-scripting XSS vulnerability affecting foro.sfpcoahuila.gob.mx, which at the time of submission ranked 1120000 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 17/06/2009. It i...
[SECURITY] Fedora 9 Update: ipsec-tools-0.7.1-5.fc9
This is the IPsec-Tools package. You need this package in order to really use the IPsec functionality in the linux-2.5+ kernels. This package builds: - setkey, a program to directly manipulate policies and SAs - racoon, an IKEv1 keying daemon...
Opera Web Browser Command Execution and XSS Vulnerabilities (Linux)
The host is installed with Opera Web Browser and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gboperacmdexecnxssvulnlin.nasl 6539 2017-07-05 12:02:14Z cfischer $ Opera Web Browser Command Execution and XSS Vulnerabilities Linux Authors: Chandan S Copyright: Copyright c 20...
Opera Web Browser Command Execution and XSS Vulnerabilities (Windows)
The host is installed with Opera Web Browser and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gboperacmdexecnxssvulnwin.nasl 6519 2017-07-04 14:08:14Z cfischer $ Opera Web Browser Command Execution and XSS Vulnerabilities Windows Authors: Chandan S Copyright: Copyright c...
Opera Web Browser Multiple XSS Vulnerability (Windows)
The host is installed with Opera web browser and is prone to multiple Cross Site Scripting XSS Vulnerability. OpenVAS Vulnerability Test $Id: gboperamultvulnoct08win.nasl 6519 2017-07-04 14:08:14Z cfischer $ Opera Web Browser Multiple XSS Vulnerability Windows Authors: Chandan S Copyright:...
Unfixed XSS vulnerability at www.web-agri.fr
Security researcher Mystick, has submitted on 30/10/2008 a cross-site-scripting XSS vulnerability affecting www.web-agri.fr, which at the time of submission ranked 366665 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 13/09/2009. It is current...
CVE-2008-4789
CVE-2008-4789 — Drupal core upgrade/validation issue. The vulnerability affects Drupal 6.x before 6.5, where the validation logic in the core upload module allows remote authenticated users to bypass access controls and attach files to content. The root cause is described as a logic error in vali...
[Backports-security-announce] Security Update for pidgin
Gerfried Fuchs uploaded new packages for pidgin which fixed the following security problem: CVE-2008-2957, Debian Bug 488632 The UPnP functionality in Pidgin 2.0.0, and possibly other versions, allows remote attackers to trigger the download of arbitrary files and cause a denial of service memory...
Opera Stored Cross Site Scripting Vulnerability
====================================================== ================= = Opera Stored Cross Site Scripting Vulnerability = = Vendor Website: = http://www.opera.com = = Affected Version: = -- All desktop versions = = Public disclosure on 22nd October 2008 =...
websvn-xssfhce.txt
WebSVN alertdocument.cookie; A url like the one above would display a JavaScript alert window containing the cookie data of any set cookies for the domain. File Handling Issues: There are some file handling issues in the RSS functionality used by WebSVN. The issue is caused by the following bit o...
CVE-2008-4177
SQL injection vulnerability in search.php in Pre Real Estate Listings allows remote attackers to execute arbitrary SQL commands via the c parameter...
Important: Red Hat Security Advisory: kernel security and bug fix update
Updated kernel packages that fix several security issues and several bugs are now available for Red Hat Enterprise MRG 1.0. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any Linux...
RhinoSoft Serv-U SFTP Remote Denial of Service Vulnerability
RhinoSoft Serv-U SFTP is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Abuse of Functionality vulnerability in WP-ContactForm for WordPress
Здравствуйте 3APA3A! Сообщаю вам о найденной мною Abuse of Functionality уязвимости в плагине WP-ContactForm для WordPress. Abuse of Functionality: На странице контактов есть функция “Copy yourself on the form submission”. Она включается в настройках Copy Option и приводит к тому, что через сайт...
Microsoft Messenger unauthorized ActiveX access
Messenger.UIAutomation.1 ActiveX allows access to applciation functionality...
Cross site scripting
Cross-zone scripting vulnerability in the NowPlaying functionality in NullSoft Winamp before 5.541 allows remote attackers to conduct cross-site scripting XSS attacks via an MP3 file with JavaScript in id3 tags...
CVE-2008-3567
Cross-zone scripting vulnerability in the NowPlaying functionality in NullSoft Winamp before 5.541 allows remote attackers to conduct cross-site scripting XSS attacks via an MP3 file with JavaScript in id3 tags...