6236 matches found
Unfixed XSS vulnerability at ssl.omnihotels.com
Security researcher C1c4Tr1Z, has submitted on 29/04/2008 a cross-site-scripting XSS vulnerability affecting ssl.omnihotels.com, which at the time of submission ranked 46251 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 30/04/2008. It is...
Unfixed XSS vulnerability at webmail.primary.net
Security researcher Uber0n, has submitted on 28/04/2008 a cross-site-scripting XSS vulnerability affecting webmail.primary.net, which at the time of submission ranked 602088 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 20/06/2008. It is...
miniBB 2.2 - 'bb_admin.php' Cross-Site Scripting Vulnerability
miniBB 2.2 'bbadmin.php' Cross-Site Scripting Vulnerability. Webapps exploit for php platform source: http://www.securityfocus.com/bid/28957/info miniBB is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue ...
Unfixed XSS vulnerability at www.ypamerica.com
Security researcher cueballr, has submitted on 19/04/2008 a cross-site-scripting XSS vulnerability affecting www.ypamerica.com, which at the time of submission ranked 0 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 21/04/2008. It is currently...
EsContacts 1.0 - groupes.php?msg Cross-Site Scripting
EsContacts 1.0 - groupes.php?msg Cross-Site Scripting source: https://www.securityfocus.com/bid/28825/info EsContacts is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. Attackers may leverage these issues to execute arbitrary scrip...
EsContacts 1.0 - login.php?msg Cross-Site Scripting
EsContacts 1.0 - login.php?msg Cross-Site Scripting source: https://www.securityfocus.com/bid/28825/info EsContacts is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. Attackers may leverage these issues to execute arbitrary script...
Unfixed XSS vulnerability at www.radyoruzgar.com
Security researcher TraCK10ya, has submitted on 17/04/2008 a cross-site-scripting XSS vulnerability affecting www.radyoruzgar.com, which at the time of submission ranked 102523 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 17/04/2008. It is...
Unfixed XSS vulnerability at www.gulf-daily-news.com
Security researcher cueballr, has submitted on 17/04/2008 a cross-site-scripting XSS vulnerability affecting www.gulf-daily-news.com, which at the time of submission ranked 39705 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 17/04/2008. It is...
Unfixed XSS vulnerability at www.cairn.info
Security researcher death-angel, has submitted on 04/10/2008 a cross-site-scripting XSS vulnerability affecting www.cairn.info, which at the time of submission ranked 40704 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 04/10/2008. It is...
Unfixed XSS vulnerability at www.tias.com
Security researcher tenest, has submitted on 04/09/2008 a cross-site-scripting XSS vulnerability affecting www.tias.com, which at the time of submission ranked 21908 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 23/09/2008. It is currently...
JVN#76669770 PerlMailer cross-site scripting vulnerability
PerlMailer is a mail form CGI provided by "Homepage Decorator". It is used to send mail from a form on a web page. A cross-site scripting vulnerabiltiy exists in PerlMailer. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the latest...
CVE-2008-1502
The badprotocolonce function in phpgwapi/inc/class.kses.inc.php in KSES, as used in eGroupWare before 1.4.003, Moodle before 1.8.5, and other products, allows remote attackers to bypass HTML filtering and conduct cross-site scripting XSS attacks via a string containing crafted URL protocols...
Unfixed XSS vulnerability at www.osp.ru
Security researcher CCC, has submitted on 22/03/2008 a cross-site-scripting XSS vulnerability affecting www.osp.ru, which at the time of submission ranked 41890 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 03/04/2008. It is currently unfixed...
Unfixed XSS vulnerability at www.escstone.com
Security researcher SaMTHG, has submitted on 03/09/2008 a cross-site-scripting XSS vulnerability affecting www.escstone.com, which at the time of submission ranked 14957352 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 24/09/2008. It is...
CVE-2008-0826
Cross-site scripting XSS vulnerability in Claroline before 1.8.9 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Mambo MOStlyCE Mambot Arbitrary File Rename
The remote host is running MOStlyContent Editor MOStlyCE, the default WYSIWYG editor for Mambo. The version of MOStlyCE installed on the remote host contains a design flaw that may allow an attacker to rename files subject to the privileges of the web server user id. An unauthenticated attacker m...
CVE-2008-0455
Cross-site scripting XSS vulnerability in the modnegotiation module in the Apache HTTP Server 2.2.6 and earlier in the 2.2.x series, 2.0.61 and earlier in the 2.0.x series, and 1.3.39 and earlier in the 1.3.x series allows remote authenticated users to inject arbitrary web script or HTML by...
Unfixed XSS vulnerability at www.naa.org
Security researcher holisticinfosec, has submitted on 18/01/2008 a cross-site-scripting XSS vulnerability affecting www.naa.org, which at the time of submission ranked 169593 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 01/03/2008. It is...
Debian Security Advisory DSA 125-1 (analog)
The remote host is missing an update to analog announced via advisory DSA 125-1. OpenVAS Vulnerability Test $Id: deb1251.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 125-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...
Unfixed XSS vulnerability at www.rotary9640.org
Security researcher Camilo-TcK, has submitted on 01/10/2008 a cross-site-scripting XSS vulnerability affecting www.rotary9640.org, which at the time of submission ranked 9787259 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 02/10/2008. It is...