1084 matches found
Unfixed XSS vulnerability at www.entreparticuliers.com
Security researcher xerces, has submitted on 19/06/2008 a cross-site-scripting XSS vulnerability affecting www.entreparticuliers.com, which at the time of submission ranked 21877 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 09/07/2008. It is...
Cross site scripting
Cross-site scripting XSS vulnerability in WGate in SAP Internet Transaction Server ITS 6.20 allows remote attackers to inject arbitrary web script or HTML via 1 a "" sequence in the service parameter to wgate.dll, or 2 Javascript splicing in the query string, a different vector than CVE-2006-5114...
Cross site scripting
Cross-site scripting XSS vulnerability in installControl.php3 in F5 FirePass 4100 SSL VPN 5.4.2-5.5.2 and 6.0-6.2 allows remote attackers to inject arbitrary web script or HTML via the query string. NOTE: the provenance of this information is unknown; the details are obtained solely from third...
CVE-2008-2030
Cross-site scripting XSS vulnerability in installControl.php3 in F5 FirePass 4100 SSL VPN 5.4.2-5.5.2 and 6.0-6.2 allows remote attackers to inject arbitrary web script or HTML via the query string. NOTE: the provenance of this information is unknown; the details are obtained solely from third...
CVE-2008-2030
Cross-site scripting XSS vulnerability in installControl.php3 in F5 FirePass 4100 SSL VPN 5.4.2-5.5.2 and 6.0-6.2 allows remote attackers to inject arbitrary web script or HTML via the query string. NOTE: the provenance of this information is unknown; the details are obtained solely from third...
Cross site scripting
Cross-site scripting XSS vulnerability in frontend/x/manpage.html in cPanel 11.18.3 and 11.21.0-BETA allows remote attackers to inject arbitrary web script or HTML via the query string...
Design/Logic Flaw
The File Check Utility fcheck.exe in ASG-Sentry Network Manager 7.0.0 and earlier allows remote attackers to cause a denial of service CPU consumption or overwrite arbitrary files via a query string that specifies the -b option, probably due to an argument injection vulnerability...
CVE-2008-1322
The File Check Utility fcheck.exe in ASG-Sentry Network Manager 7.0.0 and earlier allows remote attackers to cause a denial of service CPU consumption or overwrite arbitrary files via a query string that specifies the -b option, probably due to an argument injection vulnerability...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in F5 FirePass 4100 SSL VPN 5.4.1 through 5.5.2 and 6.0 through 6.0.1, when pre-logon sequences are enabled, allow remote attackers to inject arbitrary web script or HTML via the query string to 1 my.activation.php3 and 2 my.logon.php3...
CVE-2007-6704
Multiple cross-site scripting XSS vulnerabilities in F5 FirePass 4100 SSL VPN 5.4.1 through 5.5.2 and 6.0 through 6.0.1, when pre-logon sequences are enabled, allow remote attackers to inject arbitrary web script or HTML via the query string to 1 my.activation.php3 and 2 my.logon.php3...
CVE-2007-6704
Multiple cross-site scripting XSS vulnerabilities in F5 FirePass 4100 SSL VPN 5.4.1 through 5.5.2 and 6.0 through 6.0.1, when pre-logon sequences are enabled, allow remote attackers to inject arbitrary web script or HTML via the query string to 1 my.activation.php3 and 2 my.logon.php3...
flyspray -- multiple vulnerabilities
The Flyspray Project reports: Flyspray is affected by a Cross Site scripting Vulnerability due to an error escaping PHP's $SERVER'QUERYSTRING' superglobal, that can be maliciously used to inject arbitrary code into the savesearch javascript function. There is an XSS problem in the history tab, th...
CVE-2003-1543
Cross-site scripting XSS vulnerability in Bajie Http Web Server 0.95zxe, 0.95zxc, and possibly others, allows remote attackers to inject arbitrary web script or HTML via the query string, which is reflected in an error message...
CVE-2007-6696
Multiple cross-site scripting XSS vulnerabilities in WebCalendar 1.1.6 allow remote attackers to inject arbitrary web script or HTML via 1 an event description, 2 the query string to pref.php, and 3 the adv parameter to search.php. NOTE: vector 1 requires user authentication...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in trixbox 2.4.2.0 allow remote attackers to inject arbitrary web script or HTML via the query string to index.php in 1 user/ or 2 maint/...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in WebCalendar 1.1.6 allow remote attackers to inject arbitrary web script or HTML via 1 an event description, 2 the query string to pref.php, and 3 the adv parameter to search.php. NOTE: vector 1 requires user authentication...
CVE-2008-0540
Multiple cross-site scripting XSS vulnerabilities in trixbox 2.4.2.0 allow remote attackers to inject arbitrary web script or HTML via the query string to index.php in 1 user/ or 2 maint/...
Debian Security Advisory DSA 452-1 (libapache-mod-python)
The remote host is missing an update to libapache-mod-python announced via advisory DSA 452-1. OpenVAS Vulnerability Test $Id: deb4521.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 452-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...
Code injection
support/dispatch.cgi in SiteScape Forum allows remote attackers to execute arbitrary TCL code via code separator characters in the query string...
CVE-2007-6515
support/dispatch.cgi in SiteScape Forum allows remote attackers to execute arbitrary TCL code via code separator characters in the query string...