Lucene search
K

3392 matches found

CVE
CVE
added 2006/05/16 10:0 a.m.46 views

CVE-2006-2420

CVE-2006-2420 affects Bugzilla 2.20rc1 through 2.20 and 2.21.1 when using RSS 1.0, enabling remote XSS via a title element containing HTML-encoded sequences (e.g., ">") that are decoded by some RSS readers. The issue is described as stemming from RSS design/documentation inconsistencies or RSS...

4.3CVSS5.6AI score0.01537EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2006/05/16 10:0 a.m.32 views

CVE-2006-2420

Bugzilla 2.20rc1 through 2.20 and 2.21.1, when using RSS 1.0, allows remote attackers to conduct cross-site scripting XSS attacks via a title element with HTML encoded sequences such as "", which are automatically decoded by some RSS readers. NOTE: this issue is not in Bugzilla itself, but rather...

5.6AI score0.01537EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2006/04/21 12:0 a.m.6 views

PT-2006-2940 · Joomla +1 · Joomla! +1

Name of the Vulnerable Software and Affected Versions: Mambo affected versions not specified Joomla! affected versions not specified Description: The issue allows remote attackers to obtain sensitive information via an invalid feed parameter, which reveals the path in an error message. This is...

5CVSS6.1AI score0.01496EPSS
Exploits1References5
securityvulns
securityvulns
added 2006/04/19 12:0 a.m.59 views

[KAPDA::#41] - Mambo/Joomla rss component vulnerability

KAPDA New advisory Mambo website : http://www.mamboserver.com Bug: Path Disclosure & Remote Denial Of Service Exploitation: Remote with browser Exploit: available Description: -------------------- Mambo is a feature-rich dynamic portal engine/content management tool capable of building sites from...

Exploits0
seebug.org
seebug.org
added 2006/04/11 12:0 a.m.125 views

Simplog <= 0.9.2 (s) Remote Commands Execution Exploit

No description provided by source. !/usr/bin/php -q -d shortopentag=on ? echo "Simplog = 0.9.2 "s" remote cmmnds xctn\r\n"; echo "by rgod [email protected]\r\n"; echo "site: http://retrogod.altervista.org\r\n\r\n"; echo "dork: intext:"Powered by simplog"\r\n\r\n"; if $argc5 echo "Usage: php...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2006/03/08 12:0 a.m.20 views

RedBLoG 0.5 - cat_id SQL Injection

RedBLoG 0.5 - catid SQL Injection x128.net oo website : www.x128.net"; function xssexploit $xsstarget = $SERVER'argv'1 . "/modules/blog/rss.php"; $xsshttpget = "?catid=x128"; $xssconnection = curlinit;...

0.1AI score
Exploits0
Exploit DB
Exploit DB
added 2006/03/08 12:0 a.m.39 views

RedBLoG 0.5 - 'cat_id' SQL Injection

x128.net oo website : www.x128.net"; function xssexploit $xsstarget = $SERVER'argv'1 . "/modules/blog/rss.php"; $xsshttpget = "?catid=x128"; $xssconnection = curlinit;...

7.4AI score
Exploits0
Cvelist
Cvelist
added 2006/03/07 11:0 a.m.22 views

CVE-2006-1041

Multiple cross-site scripting XSS vulnerabilities in Gregarius 0.5.2 allow remote attackers to inject arbitrary web script or HTML via the 1 rssquery parameter to search.php or 2 tag parameter to tags.php...

5.8AI score0.01342EPSS
Exploits0References7
NVD
NVD
added 2006/03/03 10:2 p.m.19 views

CVE-2006-0389

Cross-site scripting XSS vulnerability in Syndication Safari RSS in Mac OS X 10.4 through 10.4.5 allows remote attackers to execute arbitrary JavaScript via unspecified vectors involving RSS feeds...

2.6CVSS6.1AI score0.02552EPSS
Exploits0References8
Prion
Prion
added 2006/03/03 10:2 p.m.22 views

Cross site scripting

Cross-site scripting XSS vulnerability in Syndication Safari RSS in Mac OS X 10.4 through 10.4.5 allows remote attackers to execute arbitrary JavaScript via unspecified vectors involving RSS feeds...

2.6CVSS6.5AI score0.02552EPSS
Exploits0References8Affected Software2
Cvelist
Cvelist
added 2006/03/03 10:0 p.m.24 views

CVE-2006-0389

Cross-site scripting XSS vulnerability in Syndication Safari RSS in Mac OS X 10.4 through 10.4.5 allows remote attackers to execute arbitrary JavaScript via unspecified vectors involving RSS feeds...

6.1AI score0.02552EPSS
Exploits0References8
CVE
CVE
added 2006/03/03 10:0 p.m.61 views

CVE-2006-0389

CVE-2006-0389 describes a cross-site scripting (XSS) vulnerability in Syndication (Safari RSS) on Mac OS X 10.4 through 10.4.5. The flaw allows remote attackers to execute arbitrary JavaScript via unspecified vectors involving RSS feeds, in the context of the affected user’s browser. Affected pro...

2.6CVSS6.1AI score0.02552EPSS
Exploits0References8Affected Software2
securityvulns
securityvulns
added 2006/03/03 12:0 a.m.36 views

Gregarius 0.5.2 XSS and SQL Injection Vulnerabilities

http://gregarius.net/ Gregarius is a web-based RSS/RDF/ATOM feed aggregator, designed to run on your web server, allowing you to access your news sources from wherever you want. XSS in search.php: search.php?rssquery=scriptalert1/script&rssquerymatch=exact XSS in tags.php:...

Exploits0
Packet Storm
Packet Storm
added 2006/01/21 12:0 a.m.22 views

simpleBlogXSS.txt

Hackers Center Security Group http://www.hackerscenter.com/ Zinho's Security Advisory Risk: High - Note from the author Simple Blog is a free weblog application intended for personal use. The latest version, 2.1, features xhtml/css template structure, rss feed, blog calendar and an easy to use...

7.4AI score
Exploits0
OSV
OSV
added 2006/01/17 12:0 a.m.27 views

DSA-944-1 mantis - several

Bulletin has no description...

7.5CVSS5.9AI score0.03742EPSS
Exploits9
UbuntuCve
UbuntuCve
added 2005/12/28 1:3 a.m.25 views

CVE-2005-4523

Mantis 1.0.0rc3 and earlier discloses private bugs via public RSS feeds, which allows remote attackers to obtain sensitive information...

5CVSS5.9AI score0.01819EPSS
Exploits1References1
Cvelist
Cvelist
added 2005/12/28 1:0 a.m.25 views

CVE-2005-4523

Mantis 1.0.0rc3 and earlier discloses private bugs via public RSS feeds, which allows remote attackers to obtain sensitive information...

6.4AI score0.01819EPSS
Exploits1References7
CVE
CVE
added 2005/12/28 1:0 a.m.55 views

CVE-2005-4523

CVE-2005-4523 affects Mantis (MantisBT) 1.0.0rc3 and earlier. Root cause: private bugs are disclosed via public RSS feeds, enabling remote attackers to obtain sensitive information. Impact: information disclosure of private bugs. Mitigation: upgrade to fixed Mantis versions as referenced in Debia...

5CVSS6.5AI score0.01819EPSS
Exploits1References7Affected Software1
securityvulns
securityvulns
added 2005/12/06 12:0 a.m.33 views

phpBB Blog 2.2.2 SQL inj. vuln.

phpBB Blog 2.2.2 SQL inj. vuln. Vuln. dicovered by : r0t Date: 5 dec. 2005 orginal advisory:http://pridels.blogspot.com/2005/12/phpbb-blog-222-sql-inj-vuln.html vendor:http://www.outshine.com/phpbbblog/ affected version:2.2.2 and prior Product Description: This is a blog system for phpBB. It...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2005/12/06 12:0 a.m.21 views

saralblog v1 SQL inj. vuln.

saralblog v1 SQL inj. vuln. Vuln. dicovered by : r0t Date: 6 dec. 2005 orginal advisory:http://pridels.blogspot.com/2005/12/saralblog-v1-sql-inj-vuln.html vendor:http://www.saralblog.org/ affected version:v.1 and prior Product Description: saralblog is a very simple to use blog, which has some ve...

0.9AI score
Exploits0
Rows per page
Query Builder