MyBB 1.0.11.0.2 Notepad - usercp.php HTML Injection

MyBB 1.0.11.0.2 Notepad - usercp.php HTML Injection source: https://www.securityfocus.com/bid/16361/info MyBB is prone to an HTML-injection vulnerability. This issue is due to a lack of proper sanitization of user-supplied input before using it in dynamically generated content. Attacker-supplied...

mnemo -- Cross site scripting vulnerabilities in several of the notepad name and note data fields

Announce of Mnemo H3 2.0.3 final: This 2.0.3 is a security release that fixes cross site scripting vulnerabilities in several of the notepad name and note data fields. None of the vulnerabilities can be exploited by unauthenticated users; however, we strongly recommend that all users of Mnemo 2.0...

FUD Forum < 2.7.1 PHP code injection vurnelability

Avatar upload in FUD Forum 2.7.1 may be tricked to upload a PHP file. To do so merge a graphic avatar file with a PHP file. cat foo.png foo.php uploadme.php under linux/unix. On win try notepat :...

CVE-2005-2430

Multiple cross-site scripting XSS vulnerabilities in GForge 4.5 allow remote attackers to inject arbitrary web script or HTML via the 1 forumid or 2 groupid parameter to forum.php, 3 projecttaskid parameter to task.php, 4 id parameter to detail.php, 5 the text field on the search page, 6 groupid...

Kaspersky AntiVirus "klif.sys" Privilege Escalation Vulnerability

Exploit for unknown platform in category local exploits ================================================================= Kaspersky AntiVirus "klif.sys" Privilege Escalation Vulnerability ================================================================= / Added NOSTRICT to 1 on line 2 /str0ke !...

MS Windows (HTA) Script Execution Exploit (MS05-016)

Exploit for unknown platform in category local exploits ==================================================== MS Windows HTA Script Execution Exploit MS05-016 ==================================================== / Changed date in db to place it on the main page instead of it being bumped off /str0...

CVE-2004-1624

Carbon Copy 6.0.5257 does not drop system privileges when opening external programs through the help topic interface, which allows local users to gain privileges via 1 the help topic interface in CCW32.exe, which launches Notepad, or 2 the help button in the Carbon Copy Scheduler CCSched.exe...

Microsoft Windows Task Scheduler (XP2000) - .job (MS04-022)

Microsoft Windows Task Scheduler XP2000 - .job MS04-022 // // Microsoft Windows 2K/XP Task Scheduler Vulnerability MS04-022 // Proof-of-Concept Exploit for English WinXP SP1 // 15 Jul 2004 // // Running this will create a file "j.job". When explorer.exe or any // file-open dialog box accesses the...

Microsoft Windows Task Scheduler (XP/2000) - '.job' (MS04-022)

// // Microsoft Windows 2K/XP Task Scheduler Vulnerability MS04-022 // Proof-of-Concept Exploit for English WinXP SP1 // 15 Jul 2004 // // Running this will create a file "j.job". When explorer.exe or any // file-open dialog box accesses the directory containing this file, // notepad.exe will be...