476 matches found
CVE-2013-3759
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.52 and 8.53 allows remote attackers to affect integrity via vectors related to PIA Search Functionality...
WordPress Plugin miniBB - SQL Injection / Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/61116/info miniBB is prone to an SQL-injection vulnerability and multiple cross-site scripting vulnerabilities. Successful exploits could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data...
InstantCMS 1.6 Code Execution
NoTrayIcon Region ; Directives created by AutoIt3WrapperGUI AutoIt3WrapperOutfile=exploit.exe AutoIt3WrapperUseUpx=n AutoIt3WrapperChange2CUI=y EndRegion ; Directives created by AutoIt3WrapperGUI include include cs Demo vid: http://youtu.be/jRIPh-nYpY Print Screen:...
Penske Media Corporation Cross Site Scripting
---------------------------------------------------------------------------------------------------- Title : Penske Media Corporation reflected Cross Site Scripting XSS vulnerabilities Vendor : Penske Media Corporation http://www.pmc.com/ Description : Multiple PMC web-sites are vulnerable to...
CVE-2011-5198
SQL injection vulnerability in search.php in Neturf eCommerce Shopping Cart allows remote attackers to execute arbitrary SQL commands via the SearchFor parameter. NOTE: some of these details are obtained from third party information...
AdaptCMS 2.0.2 Cross Site Scripting
=================================================== AdaptCMS v2.0.2 XSS/HTML Injection Vulnerability =================================================== Vendor: http://garr.dl.sourceforge.net/project/adaptcms/AdaptCMS%202.x/2.0.x/AdaptCMS2.0.2.zip Date: 2012-06-06 Author : indoushka Tested on :...
Yuku Forums Cross Site Scripting
Exploit Title: Yuku Forums Cross Site Scripting Date: 24.01.2012 Author: Sony Software Link: http://www.yuku.com/ Google Dorks: inurl:.yuku.com intext:forum Web Browser : Mozilla Firefox Blog : http://st2tea.blogspot.com PoC: http://st2tea.blogspot.com/2012/01/yuku-forums-cross-site-scripting.htm...
Unfixed XSS vulnerability at www.archifind.co.il
Security researcher Codeshift3r, has submitted on 17/12/2011 a cross-site-scripting XSS vulnerability affecting www.archifind.co.il, which at the time of submission ranked 1874444 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 18/12/2011. It i...
CVE-2010-5035
Cross-site scripting XSS vulnerability in search.php in iScripts eSwap 2.0 allows remote attackers to inject arbitrary web script or HTML via the txtHomeSearch parameter aka the search field. NOTE: some of these details are obtained from third party information...
Searching within restricted pages/spaces
panel:bgColor=e7f4fa NOTE: This suggestion is for Confluence Cloud. Using Confluence Server? See the corresponding suggestion|http://jira.atlassian.com/browse/CONFSERVER-22074. panel This is the issue reference:...
Unfixed XSS vulnerability at www.southsoundchristian.org
Security researcher P0W3RFU7, has submitted on 14/03/2011 a cross-site-scripting XSS vulnerability affecting www.southsoundchristian.org, which at the time of submission ranked 3792048 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 09/12/2011...
Unfixed XSS vulnerability at www.softline.am
Security researcher Sony, has submitted on 19/02/2011 a cross-site-scripting XSS vulnerability affecting www.softline.am, which at the time of submission ranked 6968697 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 13/12/2011. It is currently...
Unfixed XSS vulnerability at www.hnn.co.il
Security researcher IsraeliBugsReportProject, has submitted on 10/08/2010 a cross-site-scripting XSS vulnerability affecting www.hnn.co.il, which at the time of submission ranked 400926 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 21/11/2011...
Unfixed XSS vulnerability at www.ledevoir.com
Security researcher h3xStream, has submitted on 09/07/2010 a cross-site-scripting XSS vulnerability affecting www.ledevoir.com, which at the time of submission ranked 54455 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 09/07/2010. It is...
Unfixed XSS vulnerability at www.corning-observer.com
Security researcher Devek, has submitted on 27/07/2010 a cross-site-scripting XSS vulnerability affecting www.corning-observer.com, which at the time of submission ranked 2410763 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 15/12/2011. It is...
Abzarak Cross Site Scripting
Abzarak XSS Vulnerability Author:Mohammad Javanbakht Email:secanaratgmail.com blog:secanar.blogspot.com Exploit: site/?s= html code-Decode ACSII to Hex Vulnerable code: Search Demo: http://www.abzarak.com/?s=%3Cinput+value%3D%22XSS%22%3E%3C%2Finput%3E END...
Gekko CMS (SQL Injection) Vulnerability
No description provided by source. 2-SQL injection Vulnerability Description: SQL injection is a code injection technique that exploits a security vulnerability occurring in the database layer of an application. The vulnerability is present when user input is either incorrectly filtered for strin...
CVE-2010-0132
Cross-site scripting XSS vulnerability in ViewVC 1.1 before 1.1.5 and 1.0 before 1.0.11, when the regular expression search functionality is enabled, allows remote attackers to inject arbitrary web script or HTML via vectors related to "searchre input," a different vulnerability than CVE-2010-073...
Cross site scripting
Cross-site scripting XSS vulnerability in ViewVC 1.1 before 1.1.5 and 1.0 before 1.0.11, when the regular expression search functionality is enabled, allows remote attackers to inject arbitrary web script or HTML via vectors related to "searchre input," a different vulnerability than CVE-2010-073...
CVE-2009-4736
Cross-site scripting XSS vulnerability in search.php in CommonSense CMS 5.0 allows remote attackers to inject arbitrary web script or HTML via the q parameter...