6252 matches found
Unfixed XSS vulnerability at www.gulf-daily-news.com
Security researcher cueballr, has submitted on 17/04/2008 a cross-site-scripting XSS vulnerability affecting www.gulf-daily-news.com, which at the time of submission ranked 39705 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 17/04/2008. It is...
Unfixed XSS vulnerability at www.radyoruzgar.com
Security researcher TraCK10ya, has submitted on 17/04/2008 a cross-site-scripting XSS vulnerability affecting www.radyoruzgar.com, which at the time of submission ranked 102523 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 17/04/2008. It is...
EsContacts 1.0 - groupes.php?msg Cross-Site Scripting
EsContacts 1.0 - groupes.php?msg Cross-Site Scripting source: https://www.securityfocus.com/bid/28825/info EsContacts is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. Attackers may leverage these issues to execute arbitrary scrip...
EsContacts 1.0 - login.php?msg Cross-Site Scripting
EsContacts 1.0 - login.php?msg Cross-Site Scripting source: https://www.securityfocus.com/bid/28825/info EsContacts is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. Attackers may leverage these issues to execute arbitrary script...
Unfixed XSS vulnerability at www.cairn.info
Security researcher death-angel, has submitted on 04/10/2008 a cross-site-scripting XSS vulnerability affecting www.cairn.info, which at the time of submission ranked 40704 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 04/10/2008. It is...
Unfixed XSS vulnerability at www.tias.com
Security researcher tenest, has submitted on 04/09/2008 a cross-site-scripting XSS vulnerability affecting www.tias.com, which at the time of submission ranked 21908 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 23/09/2008. It is currently...
JVN#76669770 PerlMailer cross-site scripting vulnerability
PerlMailer is a mail form CGI provided by "Homepage Decorator". It is used to send mail from a form on a web page. A cross-site scripting vulnerabiltiy exists in PerlMailer. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the latest...
CVE-2008-1502
The badprotocolonce function in phpgwapi/inc/class.kses.inc.php in KSES, as used in eGroupWare before 1.4.003, Moodle before 1.8.5, and other products, allows remote attackers to bypass HTML filtering and conduct cross-site scripting XSS attacks via a string containing crafted URL protocols...
Unfixed XSS vulnerability at www.osp.ru
Security researcher CCC, has submitted on 22/03/2008 a cross-site-scripting XSS vulnerability affecting www.osp.ru, which at the time of submission ranked 41890 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 03/04/2008. It is currently unfixed...
Unfixed XSS vulnerability at www.escstone.com
Security researcher SaMTHG, has submitted on 03/09/2008 a cross-site-scripting XSS vulnerability affecting www.escstone.com, which at the time of submission ranked 14957352 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 24/09/2008. It is...
CVE-2008-0826
Cross-site scripting XSS vulnerability in Claroline before 1.8.9 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Mambo MOStlyCE Mambot Arbitrary File Rename
The remote host is running MOStlyContent Editor MOStlyCE, the default WYSIWYG editor for Mambo. The version of MOStlyCE installed on the remote host contains a design flaw that may allow an attacker to rename files subject to the privileges of the web server user id. An unauthenticated attacker m...
CVE-2008-0455
Cross-site scripting XSS vulnerability in the modnegotiation module in the Apache HTTP Server 2.2.6 and earlier in the 2.2.x series, 2.0.61 and earlier in the 2.0.x series, and 1.3.39 and earlier in the 1.3.x series allows remote authenticated users to inject arbitrary web script or HTML by...
Unfixed XSS vulnerability at www.naa.org
Security researcher holisticinfosec, has submitted on 18/01/2008 a cross-site-scripting XSS vulnerability affecting www.naa.org, which at the time of submission ranked 169593 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 01/03/2008. It is...
Debian Security Advisory DSA 125-1 (analog)
The remote host is missing an update to analog announced via advisory DSA 125-1. OpenVAS Vulnerability Test $Id: deb1251.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 125-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...
Unfixed XSS vulnerability at www.rotary9640.org
Security researcher Camilo-TcK, has submitted on 01/10/2008 a cross-site-scripting XSS vulnerability affecting www.rotary9640.org, which at the time of submission ranked 9787259 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 02/10/2008. It is...
Unfixed XSS vulnerability at www.winchesterguns.com
Security researcher skathgh420, has submitted on 01/08/2008 a cross-site-scripting XSS vulnerability affecting www.winchesterguns.com, which at the time of submission ranked 197648 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 06/08/2008. It ...
Unfixed XSS vulnerability at www.canuckster.com
Security researcher Uber0n, has submitted on 01/07/2008 a cross-site-scripting XSS vulnerability affecting www.canuckster.com, which at the time of submission ranked 519412 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 07/07/2008. It is...
Unfixed XSS vulnerability at www.cad-media.com
Security researcher Mutant, has submitted on 01/03/2008 a cross-site-scripting XSS vulnerability affecting www.cad-media.com, which at the time of submission ranked 133488 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 06/03/2008. It is...
aolygp-overflows.txt
The AOL YGP Picture Editor ControlAIM PicEditor Control version 9.5.1.8 suffers from multiple exploitable buffer overflows in various properties. This object is marked safe for scripting. I have not tested other versions. PoC as follows: ---------------- function Check var s = 'A'; while s.length...