4727 matches found
Code injection
Mozilla Firefox before 3.6.20, SeaMonkey 2.x, Thunderbird 3.x before 3.1.12, and possibly other products does not properly handle the dropping of a tab element, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges by establishing a content area and registering...
CVE-2011-2984
Mozilla Firefox before 3.6.20, SeaMonkey 2.x, Thunderbird 3.x before 3.1.12, and possibly other products does not properly handle the dropping of a tab element, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges by establishing a content area and registering...
Nuclear-Blog v4. 0 message Board XSS vulnerability-vulnerability warning-the black bar safety net
In fact, this vulnerability, at the time the release of the Nuclear-Blog v4. 0 Source Code the day it was discovered, found that people are t00ls a core, and then I directly up, but the network disk download is still not up, so the current market for all Nuclear-Blog v4. 0 are the presence of thi...
Apache Archiva 1.3.4 Cross Site Scripting
Hi, This is regarding multiple XSS Cross Site Scripting Vulnerabilities in Apache Archiva 1.3.4 and previous versions. The following is the disclosure document Project: Apache Archiva Severity: High Versions: 1.3.0 - 1.3.4. The unsupported versions Archiva 1.0 - 1.2.2 are also affected. Exploit...
HTB22979: Multiple XSS (Cross Site Scripting) vulnerabilities in Argyle Social
Vulnerability ID: HTB22979 Reference: http://www.htbridge.ch/advisory/multiplexsscrosssitescriptingvulnerabilitiesinargylesocial.html Product: Argyle Social Vendor: Argyle Social http://argylesocial.com/ Vulnerable Version: Current at 26/04/2011 Vendor Notification: 28 April 2011 Vulnerability...
Classmates XSS cross-site vulnerabilities-vulnerability warning-the black bar safety net
Vulnerability description: Classmates 1.1.1 design flaws, leading toXSScross-site vulnerability; user can be in a vulnerable application to execute arbitrary JavaScript code. Since the vulnerability exists in“/themes/default/header.inc.php“script is not properly sanitized of user-supplied input t...
PHP Directory Listing Script 3.1 Cross Site Scripting
Vulnerability ID: HTB22968 Reference: http://www.htbridge.ch/advisory/xssinphpdirectorylistingscript.html Product: PHP Directory Listing Script Vendor: http://www.evoluted.net http://www.evoluted.net Vulnerable Version: 3.1 Vendor Notification: 21 April 2011 Vulnerability Type: XSS Cross Site...
SelectaPix Image Gallery 1.4.1 Cross Site Scripting
Vulnerability ID: HTB22964 Reference: http://www.htbridge.ch/advisory/xssinselectapiximagegallery.html Product: SelectaPix Image Gallery Vendor: http://www.outofthetrees.co.uk/ http://www.outofthetrees.co.uk/ Vulnerable Version: 1.4.1 Vendor Notification: 19 April 2011 Vulnerability Type: XSS Cro...
HTB22964: XSS in SelectaPix Image Gallery
Vulnerability ID: HTB22964 Reference: http://www.htbridge.ch/advisory/xssinselectapiximagegallery.html Product: SelectaPix Image Gallery Vendor: http://www.outofthetrees.co.uk/ http://www.outofthetrees.co.uk/ Vulnerable Version: 1.4.1 Vendor Notification: 19 April 2011 Vulnerability Type: XSS Cro...
HTB22965: Multiple XSS vulnerabilities in BackupPC
Vulnerability ID: HTB22965 Reference: http://www.htbridge.ch/advisory/multiplexssvulnerabilitiesinbackuppc.html Product: BackupPC Vendor: Craig Barratt http://backuppc.sourceforge.net/ Vulnerable Version: 3.1.0, perhaps 3.2.0 also vulnerable Vendor Notification: 14 April 2011 Vulnerability Type:...
phpGraphy 0.9.13b Cross Site Request Forgery / Cross Site Scripting
===================================== Vulnerability ID: HTB22959 Reference: http://www.htbridge.ch/advisory/csrfcrosssiterequestforgeryinphpgraphy.html Product: phpGraphy Vendor: http://phpgraphy.sourceforge.net/ http://phpgraphy.sourceforge.net/ Vulnerable Version: 0.9.13b Vendor Notification: 1...
Snom IP Phone Web Interface Multiple Vulnerabilities
Exploit for hardware platform in category web applications / / / / / // | / // \ | / / / / / /// / / / / / / / // / / / |/ / // / , / / // / / / / / //// //|///||/,/ / /// Live by the byte |// Members: Pr0T3cT10n -=M.o.B.=- TheLeader Sro Debug Contact: email protected...
Noah's Classifieds 5.0.4 Cross Site Scripting
Vulnerability ID: HTB22952 Reference: http://www.htbridge.ch/advisory/xssvulnerabilitiesinnoahsclassifieds.html Product: Noah's Classifieds Vendor: Noah's Classifieds http://www.noahsclassifieds.org/ Vulnerable Version: 5.0.4 and probably prior versions Vendor Notification: 12 April 2011...
Noahs Classifieds 5.0.4 - index.php Multiple HTML Injection Vulnerabilities
Noahs Classifieds 5.0.4 - index.php Multiple HTML Injection Vulnerabilities source: https://www.securityfocus.com/bid/47578/info Noah's Classifieds is prone to multiple HTML-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data. Attacker-supplied HTML or JavaScrip...
Noah's Classifieds 5.0.4 - 'index.php' Multiple HTML Injection Vulnerabilities
source: https://www.securityfocus.com/bid/47578/info Noah's Classifieds is prone to multiple HTML-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data. Attacker-supplied HTML or JavaScript code could run in the context of the affected site, potentially allowing t...
HTB22956: XSS vulnerabilities in phpList
Vulnerability ID: HTB22956 Reference: http://www.htbridge.ch/advisory/xssvulnerabilitiesinphplist.html Product: phpList Vendor: Tincan Ltd http://www.phplist.com/ Vulnerable Version: 2.10.13 and probably prior versions Vendor Notification: 12 April 2011 Vulnerability Type: XSS Risk level: Medium...
Snom IP Phone Web Interface XSS / Disclosure
/ / / / / // | / // \ | / / / / / /// / / / / / / / // / / / |/ / // / , / / // / / / / / //// //|///||/,/ / /// Live by the byte |// Members: Pr0T3cT10n -=M.o.B.=- TheLeader Sro Debug Contact: [email protected] ----------------------------------- Snom IP Phone is vulnerable for a xss...
Google Chrome 'WebKit' CSS Implementation DoS Vulnerability - Windows
Google Chrome is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SocialGrid WordPress Plugin 2.3 Cross Site Scripting
Vulnerability ID: HTB22940 Reference: http://www.htbridge.ch/advisory/xssinsocialgridwordpressplugin.html Product: SocialGrid wordpress plugin Vendor: Michael Whalen http://whalesalad.com Vulnerable Version: 2.3 Vendor Notification: 05 April 2011 Vulnerability Type: XSS Cross Site Scripting Risk...
CVE-2011-1691
Removed by vendor...