CVE-2011-4335

Multiple cross-site scripting XSS vulnerabilities in Contao before 2.10.2 allow remote attackers to inject arbitrary web script or HTML via the PATHINFO to index.php in a 1 teachers.html or 2 teachers/ action...

CVE-2011-4335

Multiple cross-site scripting XSS vulnerabilities in Contao before 2.10.2 allow remote attackers to inject arbitrary web script or HTML via the PATHINFO to index.php in a 1 teachers.html or 2 teachers/ action...

Sql injection

SQL injection vulnerability in bbs/tb.php in Gnuboard 4.33.02 and earlier allows remote attackers to execute arbitrary SQL commands via the PATHINFO...

CVE-2011-4066

Gnuboard 4.33.02 and earlier contains a PATH_INFO-based SQL injection in bbs/tb.php that allows remote attackers to execute arbitrary SQL commands. Multiple sources (NVD entry CVE-2011-4066, Seebug/Exploit-DB listings) document this vulnerability and provide exploit examples, indicating that expl...

GNUBoard 4.33.02 - tp.php?PATH_INFO SQL Injection

GNUBoard 4.33.02 - tp.php?PATHINFO SQL Injection Exploit Title: Gnuboard = 4.33.02 PATHINFO SQL INJECTION Vulnerability Google Dork: inurl:gnuboard4/bbs/board.php Date: 2011-2-14 Author: flyh4t Software Link: http://sir.co.kr/main/gnuboard4/ Version: Gnuboard = 4.33.02 Tested on: linux+apache CVE...

Gnuboard <= 4.33.02 tp.php PATH_INFO SQL Injection

Exploit for php platform in category web applications Exploit Title: Gnuboard = 4.33.02 PATHINFO SQL INJECTION Vulnerability Google Dork: inurl:gnuboard4/bbs/board.php Date: 2011-2-14 Author: flyh4t Software Link: http://sir.co.kr/main/gnuboard4/ Version: Gnuboard = 4.33.02 Tested on: linux+apach...

CVE-2011-3861

Cross-site scripting XSS vulnerability in the Web Minimalist 200901 theme before 1.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to index.php...

CVE-2011-3862

Cross-site scripting XSS vulnerability in the Morning Coffee theme before 3.6 for WordPress allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to index.php...

CVE-2011-3865

Cross-site scripting XSS vulnerability in the Black-LetterHead theme before 1.6 for WordPress allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to index.php...

Cross site scripting

Cross-site scripting XSS vulnerability in the Morning Coffee theme before 3.6 for WordPress allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to index.php...

Cross site scripting

Cross-site scripting XSS vulnerability in the Black-LetterHead theme before 1.6 for WordPress allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to index.php...

CVE-2011-3865

Cross-site scripting XSS vulnerability in the Black-LetterHead theme before 1.6 for WordPress allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to index.php...

CVE-2011-3356

Multiple cross-site scripting XSS vulnerabilities in configdefaultsinc.php in MantisBT before 1.2.8 allow remote attackers to inject arbitrary web script or HTML via the PATHINFO, as demonstrated by the PATHINFO to 1 manageconfigemailpage.php, 2 manageconfigworkflowpage.php, or 3 bugs/plugin.php...

CVE-2011-3356

Multiple cross-site scripting XSS vulnerabilities in configdefaultsinc.php in MantisBT before 1.2.8 allow remote attackers to inject arbitrary web script or HTML via the PATHINFO, as demonstrated by the PATHINFO to 1 manageconfigemailpage.php, 2 manageconfigworkflowpage.php, or 3 bugs/plugin.php...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in configdefaultsinc.php in MantisBT before 1.2.8 allow remote attackers to inject arbitrary web script or HTML via the PATHINFO, as demonstrated by the PATHINFO to 1 manageconfigemailpage.php, 2 manageconfigworkflowpage.php, or 3 bugs/plugin.php...

CVE-2011-3356

Multiple cross-site scripting XSS vulnerabilities in configdefaultsinc.php in MantisBT before 1.2.8 allow remote attackers to inject arbitrary web script or HTML via the PATHINFO, as demonstrated by the PATHINFO to 1 manageconfigemailpage.php, 2 manageconfigworkflowpage.php, or 3 bugs/plugin.php...

Juniper Networks Junos OS CVE-2009-3485

Cross-site scripting XSS vulnerability in the J-Web interface in Juniper JUNOS 8.5R1.14 and 9.0R1.1 allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to the default URI. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a...

Cross site scripting

Cross-site scripting XSS vulnerability in app/views/layouts/base.rhtml in Redmine 1.0.1 through 1.1.1 allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to projects/hg-helloworld/news/. NOTE: some of these details are obtained from third party information...

CVE-2011-1723

Cross-site scripting XSS vulnerability in app/views/layouts/base.rhtml in Redmine 1.0.1 through 1.1.1 allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to projects/hg-helloworld/news/. NOTE: some of these details are obtained from third party information...

CVE-2011-1671

Cross-site scripting XSS vulnerability in app/controllers/todoscontroller.rb in Tracks 1.7.2, 2.0RC2, and 2.0devel allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to todos/tag/. NOTE: some of these details are obtained from third party information...