PHPLib Team PHPLIB 7.2 - Remote Script Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3079/info The PHP Base Library'PHPLIB' is a code library which provides support for session management in web applications. It is targeted to developers and is widely used in many web applications, so a strong possibility...

ImgSvr 0.6.21 Error Message Remote Script Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/27033/info ImgSvr is prone to a remote script-execution vulnerability because it fails to adequately sanitize user-supplied input. Exploiting this issue may allow an attacker to compromise the application and the underlyi...

UBUNTU-CVE-2014-0532

Cross-site scripting XSS vulnerability in Adobe Flash Player before 13.0.0.223 and 14.x before 14.0.0.125 on Windows and OS X and before 11.2.202.378 on Linux, Adobe AIR before 14.0.0.110, Adobe AIR SDK before 14.0.0.110, and Adobe AIR SDK & Compiler before 14.0.0.110 allows remote attackers to...

Privilege escalation

Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary web script with increased privileges via unspecified vectors, aka "Internet Explorer Elevation of Privilege Vulnerability," a different vulnerability than CVE-2014-2777...

Debian DSA-2578-1 : rssh - insufficient filtering of rsync command line

James Clawson discovered that rssh, a restricted shell for OpenSSH to be used with scp, sftp, rdist and cvs, was not correctly filtering command line options. This could be used to force the execution of a remote script and thus allow arbitrary command execution. Two CVE were assigned : -...

MODX Evolution 1.0.5 (and prior) Remote Script Execution Vulnerability

Product: MODX Evolution Risk: Very High Severity: Critical Versions: 1.0.5 and all previous releases Vunerability type: Remote Script Execution Report Date: 2012-Feb-16 Fixed Date: 2012-Feb-20 Description A vigilant community member sent us a security notice to let us know that he found a securit...

Skype 0day detailed analysis-vulnerability warning-the black bar safety net

Recently, we heard about the Skype 0day related news, on the Mac OS in the remote script execution vulnerability. In fact, we in the 2 months before long discovered this vulnerability. Due to the test reason we did not promptly report to the Supplier, because we are still in testing this...

WordPress Plugin Spellchecker 3.1 - general.php LocalRemote File Inclusion

WordPress Plugin Spellchecker 3.1 - general.php LocalRemote File Inclusion source: https://www.securityfocus.com/bid/47317/info The Spellchecker plugin for WordPress is prone to a local file-include vulnerability and a remote file-include vulnerability because the application fails to sufficientl...

Cross-Site Scripting Vulnerability in Interstage Portalworks and Interstage Interaction Manager Portal Function

Overview The portal function of Interstage Portalworks and Interstage Interaction Manager is vulnerable to cross-site scripting. Impact A remote attacker could execute arbitrary scripts on the affected browser. Solution Please refer to the 'Vendor Information' section for the official...

Xss Discuz! version 5.0.0 RC1

No description provided by source. Xss Discuz! version 5.0.0 RC1 Author: SpiderZ Sito: http://www.spiderz.altervista.org Sito2: https://www.spiderz.netsons.org Download Board : http://www.discuz.com File: usearch.html ?site=www.discuz.net&kw= Message Script:...

PT-2009-4182 · Apple · Ios +2

Name of the Vulnerable Software and Affected Versions: Apple Safari versions prior to 4.0 iPhone OS versions 1.0 through 2.2.1 iPhone OS for iPod touch versions 1.1 through 2.2.1 Description: A cross-site scripting XSS issue allows remote attackers to inject arbitrary web script or HTML via vecto...

Groupmax Workflow - Development Kit for Active Server Pages Cross-Site Scripting Vulnerability

Overview Groupmax Workflow - Development Kit for Active Server Pages contains a cross-site scripting vulnerability. Impact A remote attacker could have the users execute malicious scripts. Solution Please refer to the 'Vendor Information' section for the official countermeasure and take appropria...

Groupmax World Wide Web Desktop/BUNSHOKANRI(=DocumentManagement) Cross-Site Scripting Vulnerability

Overview A cross-site scripting vulnerability has been found in the Groupmax World Wide Web Desktop/BUNSHOKANRI =DocumentManagement. Impact A remote attacker could execute malicious scripts. Solution Please refer to the 'Vendor Information' section for official countermesure and take appropriate...

Hitachi Groupmax Collaboration Products Cross-Site Scripting Vulnerability

Overview A cross-site scripting vulnerability has been found in the Hitachi Groupmax Collaboration products. Impact A remote attacker could execute arbitrary scripts. Solution Please refer to the 'Vendor Information' section for official countermesure and take appropriate action...

bea-xss.txt

+============================================================================================+ + Oracle Corporation BEA WebLogic Portal & high XSS Vulnerabilities + +============================================================================================+ Authors: Ivan Sanchez Producto:...

Meneame cross-site scripting vulnerability

Overview Meneame, an open source social bookmark system, contains a cross-site scripting vulnerability. Meneame, an open-source web application to build social bookmark systems, contains a cross-site scripting vulnerability, as it does not properly handle output data. Impact A remote attacker cou...

Namazu cross-site scripting vulnerability

Overview Namazu, Japanese full-text search engine, contains a cross-site scripting vulnerability. Namazu, Japanese full-text search engine does not specify charset in the ContentType header that could allow a remote attacker to execute an arbitrary script on the user's web browser. Impact An...

Trac cross-site scripting vulnerability

Overview Trac is a project management tool from Edgewall Software. InterAct Corp. provides a localized version of Trac in Japan. Trac wiki engine contains a cross-site scripting vulnerability which affects Microsoft Internet Explorer. Impact A remote attacker could possibly execute an arbitrary...

mod_imap cross-site scripting vulnerability

Overview The "modimap" and "modimagemap" modules of the Apache HTTP Server are used for implementing server-side image map processing. modimap and modimagemap are affected by a cross-site scripting vulnerability when referer values are used in an image map in such a way that they do not handle...

w3m Cross-Site Scripting Vulnerability

Overview w3m contains a cross-site scripting vulnerability due to insufficient sanitization of HTML tags in the frame. Impact An remote attacker could execute arbitrary scripts and gain access to files or cookies. Solution Please refer to the 'Vendor Information' section for official remediation...