CVE-2012-3398

CVE-2012-3398 describes an algorithmic complexity DoS in Moodle. The vulnerability affects Moodle releases: 1.9.x before 1.9.19, 2.0.x before 2.0.10, 2.1.x before 2.1.7, and 2.2.x before 2.2.4. It arises when remote authenticated users use the advanced-search on a highly populated database, causi...

X3 CMS 0.4.3.1 Cross Site Scripting

Exploit Title: X3 CMS 0.4.3.1 Xss Vulnerability Date: 17.02.2012 Author: l20ot Software Link: http://www.x3cms.net/ Web Browser : Mozilla Firefox Blog : http://www.twitter.com/l20ot ------------------------------------------------------ X3Cms is a simple and powerful content manager system...

CVE-2011-4142

The Web Search feature in EMC SourceOne Email Management 6.5 before 6.5.2.4033, 6.6 before 6.6.1.2194, and 6.7 before 6.7.2.2033 places cleartext credentials in log files, which allows local users to obtain sensitive information by reading these files...

Unfixed XSS vulnerability at www.geny.com

Security researcher miss4pple, has submitted on 20/12/2011 a cross-site-scripting XSS vulnerability affecting www.geny.com, which at the time of submission ranked 12781 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 20/12/2011. It is currently...

CVE-2010-4973

Cross-site scripting XSS vulnerability in the search feature in Campsite 3.4.0 allows remote attackers to inject arbitrary web script or HTML via the fsearchkeywords parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

CVE-2010-4973

Cross-site scripting XSS vulnerability in the search feature in Campsite 3.4.0 allows remote attackers to inject arbitrary web script or HTML via the fsearchkeywords parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

Cross site scripting

Cross-site scripting XSS vulnerability in the search feature in Campsite 3.4.0 allows remote attackers to inject arbitrary web script or HTML via the fsearchkeywords parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

CVE-2010-4973

Cross-site scripting XSS vulnerability in the search feature in Campsite 3.4.0 allows remote attackers to inject arbitrary web script or HTML via the fsearchkeywords parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

CVE-2010-4973

The CVE-2010-4973 entry describes a Cross-site scripting (XSS) vulnerability in Campsite 3.4.0, specifically in the search feature where an attacker can inject arbitrary script or HTML through the f_search_keywords parameter. The affected component is Campsite 3.4.0, and the flaw is related to th...

CVE-2010-4913

The OpenVAS entry confirms that ColdGen ColdUserGroup is prone to both Cross-Site Scripting (XSS) and SQL Injection vulnerabilities. The CVE-2010-4913 entry describes an XSS flaw in the search feature of ColdGen ColdUserGroup 1.06, exploitable via the Keywords parameter to inject arbitrary script...

XSS Vulnerability in Facebook Translations !

Summary The Facebook Translations tool's search feature was vulnerable to a simple reflected XSS attack. How did it work? The Translations tool allows users to perform phrase searches within translations. In this case, when a search query returned 0 results, the script displayed a message "Your...

Unfixed XSS vulnerability at www.iutah.tv

Security researcher bho, has submitted on 13/07/2010 a cross-site-scripting XSS vulnerability affecting www.iutah.tv, which at the time of submission ranked 1880088 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 13/12/2011. It is currently...

CVE-2010-2672

Multiple SQL injection vulnerabilities in eZ Publish 3.7.0 through 4.2.0 allow remote attackers to execute arbitrary SQL commands via the 1 SectionID and 2 SearchTimestamp parameters to the search feature and the 3 SearchContentClassAttributeID parameter to the advancedsearch feature...

CVE-2009-2930

Cross-site scripting XSS vulnerability in the Search feature in elka CMS aka Elkapax allows remote attackers to inject arbitrary web script or HTML via the q parameter to the default URI...

CVE-2009-2021

SQL injection vulnerability in search.php in Virtue Classifieds allows remote attackers to execute arbitrary SQL commands via the category parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in the search feature in XMLPortal 3.0 allows remote attackers to inject arbitrary web script or HTML via the query parameter...

CVE-2008-6600

Cross-site scripting XSS vulnerability in the search feature in XMLPortal 3.0 allows remote attackers to inject arbitrary web script or HTML via the query parameter...

Unfixed XSS vulnerability at www.agid.org.tr

Security researcher Kacak, has submitted on 02/11/2009 a cross-site-scripting XSS vulnerability affecting www.agid.org.tr, which at the time of submission ranked 6661455 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 05/07/2010. It is currentl...

CVE-2008-3316

Cross-site scripting XSS vulnerability in the search feature in the Forum plugin before 2.7.1 for Geeklog allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, probably related to 1 publichtml/index.php, 2 config.php, and 3 functions.inc...

Unfixed XSS vulnerability at www.bamzu.com

Security researcher fallingmidget, has submitted on 25/07/2008 a cross-site-scripting XSS vulnerability affecting www.bamzu.com, which at the time of submission ranked 267332 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 26/07/2008. It is...