6236 matches found
WordPress Social Connect Plugin <= 1.0.4 XSS Vulnerability - Active Check
WordPress Social Connect Plugin is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
CVE-2014-4537
CVE-2014-4537 affects WordPress Keyword Strategy Internal Links Plugin (
Microsoft Outlook 98/2000/2002 Unauthorized Email Access Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/3025/info Microsoft Outlook introduces a vulnerability that may allow attackers to access and manipulate user email. The vulnerability is due to a new ActiveX control called 'Microsoft Outlook View Control'. The flaw is...
DevBB 1.0 Member.PHP Cross-Site Scripting Vulnerability
No description provided by source...
GNU MyProxy 20030629 Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/9846/info It has been reported that GNU MyProxy may be prone to a cross-site scripting vulnerability that may allow a remote attacker to execute HTML or script code in a user's browser. The issue presents itself due to...
CoolPHP Index.PHP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/18124/info CoolPHP is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script...
2z Project 0.9.5 Rating.PHP Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/24122/info 2z Project is prone to a cross-site scripting vulnerability. Exploiting this vulnerability could allow an attacker to perform cross-site scripting attacks on unsuspecting users in the context of the affected...
MyShoutPro 1.2 Final - Cross Site Scripting Vulnerability
No description provided by source. ======================================================================================== | Title : MyShoutPro v1.2 Final Cross Site Scripting Vulnerability | | Author : indoushka | | email : [email protected] | | Home : Souk Naamane - 04325 - Oum El Bouaghi ...
Microsoft Internet Explorer 5 Shell: IFrame Cross-Zone Scripting Vulnerability (2)
No description provided by source. source: http://www.securityfocus.com/bid/9628/info It has been alleged that Microsoft Internet Explorer is prone to a weakness that may potentially allow for the execution of hostile script code in the context of the My Computer Zone. This issue is related to ho...
Uapplication Ublog Reload 1.0.5 Trackback.ASP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/13994/info Ublog Reload is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary...
NixieAffiliate 1.9 Lostpassword.PHP Cross-Site Scripting Vulnerability
No description provided by source...
XGB Guestbook 1.2 User-Embedded Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/4513/info xGB is guestbook software. It is written in PHP and will run on most Unix and Linux variants as well as Microsoft Windows operating systems. xGB allows users to post images in guestbook entries by using special...
Dev Web Manager System 1.5 Index.PHP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/20590/info DEV Web Manager System is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code execute i...
Slackware Linux /usr/bin/ppp-off Insecure /tmp Call Exploit
No description provided by source. !/bin/sh In SlackWare Linux the script /usr/bin/ppp-off writes the output of 'ps x' to /tmp/grep.tmp. Since root is the user that runs ppp-off, a non-privileged user could create a link from /tmp/grep.tmp to any fileie: /etc/issue, thus when root runs the ppp-of...
MF Piadas 1.0 Admin.PHP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/18676/info MF Piadas is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code execute in the browser of ...
Advantech WebAccess Stored Cross-Site Scripting
Binary data scadaadvantechwebaccess7120130529.nbin...
IBM WebSphere Portal Themes Unspecified XSS (PM90118)
The version of WebSphere Portal on the remote host is affected by a cross-site scripting vulnerability. An attacker could execute arbitrary code in a user's browser. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description...
CVE-2012-6447
Concretely, CVE-2012-6447 affects Splunk Web in Splunk 5.0.0–5.0.2, where a cross-site scripting (XSS) vulnerability allows remote attackers to inject arbitrary script/HTML via unspecified vectors. The issue is mitigated by upgrading to a fixed release (e.g., Splunk 5.0.3 or later) as indicated b...
XAMPP 3.2.1跨站脚本漏洞
No description provided by source. Title : XAMPP 3.2.1 Cross Site Scripting Author : DevilScreaM Date : 15 January 2014 Category : Web Applications Vendor : http://sourceforge.net/projects/xampp Version : 3.2.1 Type : PHP Greetz : 0day-id.com | newbie-security.or.id | Borneo Security | Indonesian...
Command School Student Management System - '/sw/backup/backup_ray2.php' Database Backup Direct Request Information Disclosure
source: https://www.securityfocus.com/bid/64707/info Command School Student Management System is prone to the following security vulnerabilities: 1. Multiple SQL-injection vulnerabilities 2. A cross-site request forgery vulnerability 3. A cross-site scripting vulnerability 4. An HTML injection...