Mobile Mp3 Search Script 2.0 - dl.php HTTP Response Splitting

Mobile Mp3 Search Script 2.0 - dl.php HTTP Response Splitting source: https://www.securityfocus.com/bid/52136/info Mobile Mp3 Search Script is prone to an HTTP-response-splitting vulnerability because it fails to sufficiently sanitize user-supplied data. Attackers can leverage this issue to...

Mobile Mp3 Search Script 2.0 - 'dl.php' HTTP Response Splitting

source: https://www.securityfocus.com/bid/52136/info Mobile Mp3 Search Script is prone to an HTTP-response-splitting vulnerability because it fails to sufficiently sanitize user-supplied data. Attackers can leverage this issue to influence or misrepresent how web content is served, cached, or...

WSN Links SQL injection vulnerability-vulnerability warning-the black bar safety net

WSN Links is an advanced PHP-based/MySQL search script, WSN Links 6.0.1, 5.1.51;, 5.0.81 version of the search. php file existsSQL injectionvulnerabilities that could lead to sensitive information disclosure. +info: 'WSN Links' SQL Injection Vulnerability CVE-2 0 1 0-4 0 0 6 Mark Stanislav -...

CVE-2008-6683

Cross-site scripting XSS vulnerability in listtest.php in Apartment Search Script allows remote attackers to inject arbitrary web script or HTML via the r parameter...

CVE-2008-6684

Unrestricted file upload vulnerability in editimage.php in Apartment Search Script allows remote attackers to execute arbitrary code by uploading a file with an executable extension and a GIF header, then accessing this file via a direct request to a renamed file in MemberAdmin/logo/...

CVE-2008-6683

Cross-site scripting XSS vulnerability in listtest.php in Apartment Search Script allows remote attackers to inject arbitrary web script or HTML via the r parameter...

CVE-2008-6684

CVE-2008-6684 describes an unrestricted file upload vulnerability in editimage.php of the Apartment Search Script. An attacker can upload a file with an executable extension bearing a GIF header and then access the renamed file via a direct request to Elephant/Member_Admin/logo/ to execute arbitr...

CVE-2008-6683

CVE-2008-6683 is an XSS in the Apartment Search Script (listtest.php) that allows remote attackers to inject arbitrary web script or HTML via the r parameter. Affected component: listtest.php; root cause: insufficient input sanitization on the r parameter enabling script execution in the victim’s...

CVE-2009-0931

Cross-site scripting XSS vulnerability in the tag cloud search script horde/services/portal/cloudsearch.php in Horde before 3.2.4 and 3.3.3, and Horde Groupware before 1.1.5, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Oracle Application Server Portal 10g Cross Site Scripting Vulnerability

OracleAS Portal is a Web-based application for building and deploying portals. It provides a secure, manageable environment for accessing and interacting with enterprise software services and information resources. A vulnerability has been identified in Oracle Application Server 10g, This could b...

apartment-rfuxss.txt

Apartment Search Script Multiple Remote Vuln. Remote File Upload & XSS ---------------------------------------------------------- Discovered By: ZoRLu Date: 02.11.2008 Home: www.z0rlu.blogspot.com contact: [email protected] N0T: YALNIZLIK, YiTiRDi ANLAMINI YALNIZLIGIMDA : dork:...

Apartment Search Script (RFU/XSS) Multiple Remote Vulnerabilities

No description provided by source. Apartment Search Script Multiple Remote Vuln. Remote File Upload & XSS ---------------------------------------------------------- Discovered By: ZoRLu Date: 02.11.2008 Home: www.z0rlu.blogspot.com contact: [email protected] N0T: YALNIZLIK, YiTiRDi ANLAMINI...

Apartment Search Script (RFU/XSS) Multiple Remote Vulnerabilities

Exploit for unknown platform in category web applications ================================================================= Apartment Search Script RFU/XSS Multiple Remote Vulnerabilities ================================================================= Apartment Search Script Multiple Remote Vul...

Open redirect

Open redirect vulnerability in the search script in Trac before 0.10.5 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the q parameter, possibly related to the quickjump function...

CVE-2008-2951

Open redirect vulnerability in the search script in Trac before 0.10.5 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the q parameter, possibly related to the quickjump function...

PYSEC-2008-4

Open redirect vulnerability in the search script in Trac before 0.10.5 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the q parameter, possibly related to the quickjump function...

DEBIAN-CVE-2008-2951

Open redirect vulnerability in the search script in Trac before 0.10.5 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the q parameter, possibly related to the quickjump function...

CVE-2008-2951

Open redirect vulnerability in the search script in Trac before 0.10.5 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the q parameter, possibly related to the quickjump function...

PYSEC-2008-4

Open redirect vulnerability in the search script in Trac before 0.10.5 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the q parameter, possibly related to the quickjump function...

CVE-2008-2951

CVE-2008-2951 affects Trac before 0.10.5, where the search script’s q parameter enables an open redirect to arbitrary sites, potentially enabling phishing. The GHSA and OSV entries describe this as a Trac open redirect vulnerability. Exploitation would involve remote actors enticing a user to fol...