476 matches found
liberoit-xss.txt
The Italian ISP Libero.it not check the HTTP POST Parameter "pQuery" on search query and displays the content of this variable without modification within the html form area. Security problems on Libero's 155.it allows attackers to conduct XSS attacks for the following URL:...
Unfixed XSS vulnerability at www.shopsex.cz
Security researcher CrypTIc, has submitted on 26/07/2007 a cross-site-scripting XSS vulnerability affecting www.shopsex.cz, which at the time of submission ranked 2908705 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 07/08/2007. It is current...
CVE-2007-3484
Cross-site scripting XSS vulnerability in search.php in Google Custom Search Engine allows remote attackers to inject arbitrary web script or HTML via the q parameter. NOTE: this issue is disputed by the Google Security Team, who states that "Google does not provide the 'search.php' script...
PT-2007-4745 · Google · Google Custom Search Engine
Name of the Vulnerable Software and Affected Versions: Google Custom Search Engine affected versions not specified Description: A cross-site scripting XSS issue allows remote attackers to inject arbitrary web script or HTML via the q parameter in the search functionality. This issue is disputed b...
Unfixed XSS vulnerability at www.nfpa.org
Security researcher CoNqUeRoR, has submitted on 06/07/2007 a cross-site-scripting XSS vulnerability affecting www.nfpa.org, which at the time of submission ranked 108056 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 07/07/2007. It is currentl...
Unfixed XSS vulnerability at caricatura.ru
Security researcher zuppergazi, has submitted on 06/03/2007 a cross-site-scripting XSS vulnerability affecting caricatura.ru, which at the time of submission ranked 54809 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 06/03/2007. It is current...
CVE-2007-2321
Unspecified vulnerability in the search functionality in SilverStripe 2.0.0 has unknown impact and attack vectors...
Code injection
Unspecified vulnerability in the search functionality in SilverStripe 2.0.0 has unknown impact and attack vectors...
CVE-2007-2321
Technical details for CVE-2007-2321 are not publicly available in the provided connected documents; no affected product/version/root-cause/fix information is present. Monitor for updates.
Unfixed XSS vulnerability at www.tripple.net
Security researcher Uber0n, has submitted on 04/12/2007 a cross-site-scripting XSS vulnerability affecting www.tripple.net, which at the time of submission ranked 38044 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 05/12/2007. It is currently...
Unfixed XSS vulnerability at www.fulltorrent.net
Security researcher MaXWeL, has submitted on 04/03/2007 a cross-site-scripting XSS vulnerability affecting www.fulltorrent.net, which at the time of submission ranked 45821 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 06/03/2007. It is...
Unfixed XSS vulnerability at www.newasp.net
Security researcher cyber, has submitted on 31/03/2007 a cross-site-scripting XSS vulnerability affecting www.newasp.net, which at the time of submission ranked 13481 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 31/03/2007. It is currently...
Unfixed XSS vulnerability at www.cstiger.de
Security researcher zuppergazi, has submitted on 17/03/2007 a cross-site-scripting XSS vulnerability affecting www.cstiger.de, which at the time of submission ranked 1106260 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 17/03/2007. It is...
CVE-2007-0925
Cross-site scripting XSS vulnerability in search/SearchResults.aspx in Community Server allows remote attackers to inject arbitrary web script or HTML via the q parameter...
Unfixed XSS vulnerability at www.barhan.cn
Security researcher CoNqUeRoR, has submitted on 02/07/2007 a cross-site-scripting XSS vulnerability affecting www.barhan.cn, which at the time of submission ranked 1992683 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 03/07/2007. It is...
CVE-2006-6196
Cross-site scripting XSS vulnerability in the search functionality in Fixit iDMS Pro Image Gallery allows remote attackers to inject arbitrary web script or HTML via a search field txtsearchtext parameter...
CVE-2006-6196
CVE-2006-6196 describes a cross-site scripting (XSS) vulnerability in the search functionality of the Fixit iDMS Pro Image Gallery. The issue allows remote attackers to inject arbitrary web script or HTML via the search field (txtsearchtext parameter). The NVD entry lists a CVSSv2 base score of 6...
CVE-2006-6196
Cross-site scripting XSS vulnerability in the search functionality in Fixit iDMS Pro Image Gallery allows remote attackers to inject arbitrary web script or HTML via a search field txtsearchtext parameter...
CVE-2006-5430
CVE-2006-5430 is an XSS vulnerability affecting db-central (dbc) Enterprise CMS and db-central CMS, exploitable through the search needle parameter. The core issue is a reflected/script injection in the search functionality, enabling remote attackers to inject arbitrary script/HTML. The CVSS v2 v...
CVE-2006-5168
Cross-site scripting XSS vulnerability in the search functionality in Simon Brown Pebble 2.0.0 RC1 and RC2 allows remote attackers to inject arbitrary web script or HTML via the query string...