64 matches found
CVE-2005-3777
MyBulletinBoard MyBB 1.0 PR2 Rev 686 allows remote attackers to delete or move private messages PM via modified fields in the inbox form...
Newsscript - Access Validation
source: https://www.securityfocus.com/bid/12761/info NewsScript is reported prone to an access validation vulnerability. This issue may allow an unauthorized attacker to add, modify and delete messages. It is reported that an attacker can exploit this issue by issuing a specially crafted HTTP GET...
[Full-Disclosure] Gaim festival plugin exploit
It has come to my attention that people have actually used this example code for a gaim plugin: AIM::register"Festival TTS", "0.0.1", "goodbye", ""; AIM::print"Perl Says", "Loaded Festival TTS"; AIM::command"idle", "60000" if $pro ne "Offline"; AIM::addeventhandler"eventimrecv", "synthesize"; sub...
ProductCart XSS Vulnerability
ProductCart XSS Vulnerability found by atomix i came across the fact that in an area of ProductCart you are able to manipulate the error message, therefore allowing tags such as script and iframe to be used: http://www.website.com/ProductCart/pc/msg.asp?message=scriptalert document.cookie;/script...