SA-CONTRIB-2010-010 - Author Contact - Cross site scripting

The Author Contact module provides a form to contact the author of the current post. The module does not properly sanitize parts of the provided block, leading to a cross-site scripting XSS vulnerability. Such an attack may lead to a malicious user gaining full administrative access. A user must...

imageVue Gallery r16 XSS Vulnerability

No description provided by source. ======================================================================================== | Title : imageVue Gallery Cross Site Scripting Vulnerability | Author : indoushka | email : [email protected] | Home : Souk Naamane - 04325 - Oum El Bouaghi - Algeria...

WHOISCART Scripting Vulnerability

Exploit for unknown platform in category web applications ================================= WHOISCART Scripting Vulnerability ================================= HOME : http://whoiscart.net Dork : "inurl:whoiscart/admin/hostinginterfaces/" Exploit :...

MyShoutPro 1.2 Final - Cross-Site Scripting

MyShoutPro 1.2 Final - Cross-Site Scripting ======================================================================================== | Title : MyShoutPro v1.2 Final Cross Site Scripting Vulnerability | | Author : indoushka | | email : [email protected] | | Home : Souk Naamane - 04325 - Oum El...

Unfixed XSS vulnerability at www.ags.uci.edu

Security researcher 444Team, has submitted on 11/02/2009 a cross-site-scripting XSS vulnerability affecting www.ags.uci.edu, which at the time of submission ranked 6330 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 10/07/2009. It is currently...

CVE-2009-3647

CVE-2009-3647 describes a cross-site scripting (XSS) vulnerability in the YABSoft Mega File Hosting Script (MFH/MFHS) 1.2, where an attacker can inject arbitrary web script or HTML via the moudi parameter in emaullinks.php. The evidence in connected sources confirms the affected component and the...

SuSE 10 Security Update : Websphere Community Edition (ZYPP Patch Number 6312)

This update of WebSphere fixes the following vulnerabilities : - GERONIMO-3838: close potential denial of service attack - fix Apache Geronimo web administration console directory traversal vulnerabilities. CVE-2008-5518 - fix Apache Geronimo web administration console XSS vulnerabilities...

Buildbot 'waterfall.py' Cross-Site Scripting Vulnerability

This host is installed with Buildbot and is prone to Cross Site Scripting vulnerability. OpenVAS Vulnerability Test $Id: gbbuildbotwaterfallxssvuln.nasl 4865 2016-12-28 16:16:43Z teissa $ Buildbot 'waterfall.py' Cross-Site Scripting Vulnerability Authors: Nikita MR Copyright: Copyright c 2009...

Unfixed XSS vulnerability at www.stadt-trebbin.de

Security researcher Ehl-i Beyt, has submitted on 09/05/2009 a cross-site-scripting XSS vulnerability affecting www.stadt-trebbin.de, which at the time of submission ranked 9650746 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 09/12/2011. It i...

CVE-2008-6927

The CVE-2008-6927 entry describes multiple cross-site scripting (XSS) vulnerabilities in autoinstall4imagesgalleryupgrade.php of the Fantastico De Luxe Module for cPanel. An attacker can inject arbitrary web script or HTML through the parameters (localapp, updatedir, scriptpath_show, domain_show,...

Unfixed XSS vulnerability at la-femme.net

Security researcher Viper.aT, has submitted on 07/01/2009 a cross-site-scripting XSS vulnerability affecting la-femme.net, which at the time of submission ranked 368316 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 06/07/2010. It is currently...

Sun Java System Web Proxy Server Vulnerabilities (Windows)

This host has Sun Java Web Server running on Linux, which is prone to Cross-Site Scripting vulnerability. OpenVAS Vulnerability Test $Id: gbsunjavasyswebservxssvulnlin.nasl 5158 2017-02-01 14:53:04Z mime $ Sun Java System Web Server XSS Vulnerability Linux Authors: Sharath S Copyright: Copyright ...

CVE-2004-2763

The default configuration of Sun ONE/iPlanet Web Server 4.1 SP1 through SP12 and 6.0 SP1 through SP5 responds to the HTTP TRACE request, which can allow remote attackers to steal information using cross-site tracing XST attacks in applications that are vulnerable to cross-site scripting...

Unfixed XSS vulnerability at www.aetna.com

Security researcher mckt, has submitted on 29/05/2009 a cross-site-scripting XSS vulnerability affecting www.aetna.com, which at the time of submission ranked 5946 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 17/02/2012. It is currently...

Unfixed XSS vulnerability at camwithher.com

Security researcher DDXhunter, has submitted on 28/05/2009 a cross-site-scripting XSS vulnerability affecting camwithher.com, which at the time of submission ranked 33275 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 18/07/2010. It is current...

Cross site scripting

Cross-site scripting XSS vulnerability in CGI RESCUE MiniBBS 8t before 8.95t, 8 before 8.95, 9 before 9.08, and 10 before 10.32 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Unfixed XSS vulnerability at artlibre.org

Security researcher warvector, has submitted on 05/07/2009 a cross-site-scripting XSS vulnerability affecting artlibre.org, which at the time of submission ranked 1298787 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 16/12/2011. It is current...

Woodstock 4.2 404 - Error Page Cross-Site Scripting

source: https://www.securityfocus.com/bid/34829/info Woodstock is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of...

Microsoft ISA Server and Forefront Threat Management Gateway Cross-Site Scripting Vulnerability

Description Microsoft ISA Internet Security and Acceleration Server and Forefront Threat Management Gateway TMG are prone to a cross-site scripting vulnerability because the software fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script co...

Turnkey eBook Store <= 1.1 XSS Vulnerability - Active Check

Turnkey eBook Store is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...