gallery-xss.txt

. . | / | | \ \ | / / |\ \ \ |/ // / /\ \ / |/ \ / // | / | | / \ /|\ / / / / \ / \ / / / \ | | /\ /\ / \ | \ // est.2007 / / forum.darkc0de.com -d3hydr8 - sinner01 - baltazar - P47r1ck - C1c4Tr1Z - beenu -rsauron - letsgorun - K1u - DON - OutLawz - MAGE -JeTFyrE Author: r45c4l...

Unfixed XSS vulnerability at www.cinezik.org

Security researcher PHPLizardo, has submitted on 16/08/2008 a cross-site-scripting XSS vulnerability affecting www.cinezik.org, which at the time of submission ranked 233663 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 13/07/2009. It is...

rmsoftminishop-xss.txt

RMSOFT MiniShop module multiple variable XSS Vendor url:http://redmexico.com.mx Advisore:http://lostmon.blogspot.com/2008/08 /rmsoft-minishop-module-multiple.html Vendor notify:no exploit available:yes RMSOFT MiniShop is a E-commerce php/Mysql script module for multiple CMS Systems like...

Unfixed XSS vulnerability at mazuke.com

Security researcher SaMTHG, has submitted on 08/11/2008 a cross-site-scripting XSS vulnerability affecting mazuke.com, which at the time of submission ranked 0 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 13/09/2009. It is currently unfixed...

CVE-2008-3565

Multiple cross-site scripting XSS vulnerabilities in Meeting Room Booking System MRBS 1.2.6 allow remote attackers to inject arbitrary web script or HTML via the area parameter to 1 day.php, 2 week.php, 3 month.php, 4 search.php, 5 report.php, and 6 help.php. NOTE: the provenance of this...

MyBB search.php文件跨站脚本执行漏洞

BUGTRAQ ID: 30401 CVECAN ID: CVE-2008-3334 MyBB是一款流行的Web论坛程序。 MyBB的search.php文件没有正确地验证某些参数便返回给了用户，远程攻击者可以通过向论坛提交恶意请求执行脚本注入或跨站脚本攻击。 MyBB 1.2.x MyBB ---- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://www.mybboard.net/download/latest...

Cross site scripting

Cross-site scripting XSS vulnerability in MyBB 1.2.x before 1.2.14 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly involving search.php...

CVE-2008-3334

Cross-site scripting XSS vulnerability in MyBB 1.2.x before 1.2.14 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly involving search.php...

CVE-2008-3334

Summary (CVE-2008-3334) : A cross‑site scripting (XSS) vulnerability exists in MyBB 1.2.x prior to 1.2.14 . The issue arises from insufficient input validation in certain parameters handled by the search path (likely including search.php), allowing remote attackers to inject arbitrary script/HTML...

CVE-2008-3334

Cross-site scripting XSS vulnerability in MyBB 1.2.x before 1.2.14 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly involving search.php...

Unfixed XSS vulnerability at www.rue-des-puzzles.com

Security researcher Sheiry, has submitted on 26/07/2008 a cross-site-scripting XSS vulnerability affecting www.rue-des-puzzles.com, which at the time of submission ranked 266850 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 07/09/2008. It is...

Unfixed XSS vulnerability at www.cmclb.com

Security researcher LeBaNeSe-XsSeR, has submitted on 17/07/2008 a cross-site-scripting XSS vulnerability affecting www.cmclb.com, which at the time of submission ranked 4922562 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 18/07/2008. It is...

Directory traversal

Directory traversal vulnerability in search.php in Pivot 1.40.5 allows remote attackers to read arbitrary files via a .. dot dot in the t parameter...

CVE-2008-3128

Directory traversal vulnerability in search.php in Pivot 1.40.5 allows remote attackers to read arbitrary files via a .. dot dot in the t parameter...

CVE-2008-3128

Directory traversal vulnerability in search.php in Pivot 1.40.5 allows remote attackers to read arbitrary files via a .. dot dot in the t parameter...

Unfixed XSS vulnerability at www.unidir.ch

Security researcher Tec-n0x, has submitted on 07/05/2008 a cross-site-scripting XSS vulnerability affecting www.unidir.ch, which at the time of submission ranked 1825542 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 08/06/2008. It is currentl...

Pivot 1.40.5 Dreamwind load_template() Credentials Disclosure Exploit

No description provided by source. ?php / Pivot 1.40.5 'Dreamwind' loadtemplate credentials disclosure exploit by Nine:Situations:Group::bookoo our site: http://retrogod.altervista.org/ software site: http://www.pivotlog.net/ Google dork: "by Pivot - 1.40.5" +'Dreadwind' -pivotlog.net...

Pivot 1.40.5 - Dreamwind load_template() Credentials Disclosure

Pivot 1.40.5 - Dreamwind loadtemplate Credentials Disclosure ?php / Pivot 1.40.5 'Dreamwind' loadtemplate credentials disclosure exploit by Nine:Situations:Group::bookoo our site: http://retrogod.altervista.org/ software site: http://www.pivotlog.net/ Google dork: "by Pivot - 1.40.5" +'Dreadwind'...

Pivot 1.40.5 Dreamwind load_template() Credentials Disclosure Exploit

Exploit for unknown platform in category web applications ===================================================================== Pivot 1.40.5 Dreamwind loadtemplate Credentials Disclosure Exploit ===================================================================== ?php / Pivot 1.40.5 'Dreamwind'...

Cross site scripting

Cross-site scripting XSS vulnerability in search.php in phpInv 0.8.0 allows remote attackers to inject arbitrary web script or HTML via the keyword parameter...