2152 matches found
Moderate: Red Hat Security Advisory: : Updated KDE packages fix security issues
Updated KDE packages that resolve a local security issue with KDM PAM support and weak session cookie generation are now available. KDE is a graphical desktop environment for the X Window System. KDE between versions 2.2.0 and 3.1.3 inclusive contain a bug in the KDE Display Manager KDM when...
Maxwebportal 1.30 - search.asp?Search Cross-Site Scripting
Maxwebportal 1.30 - search.asp?Search Cross-Site Scripting source: https://www.securityfocus.com/bid/7837/info A number of vulnerabilities have been discovered in the MaxWebPortal. The issues that have been discovered include: MaxWebPortal 'search.asp' has been reported prone to a cross-site...
Maxwebportal 1.30 - Remote Database Disclosure
source: https://www.securityfocus.com/bid/7837/info A number of vulnerabilities have been discovered in the MaxWebPortal. The issues that have been discovered include: MaxWebPortal 'search.asp' has been reported prone to a cross-site scripting vulnerability. An attacker may execute arbitrary scri...
Maxwebportal 1.30 - 'search.asp?Search' Cross-Site Scripting
source: https://www.securityfocus.com/bid/7837/info A number of vulnerabilities have been discovered in the MaxWebPortal. The issues that have been discovered include: MaxWebPortal 'search.asp' has been reported prone to a cross-site scripting vulnerability. An attacker may execute arbitrary scri...
Multiple webmin bugs
Crossite scripting, session cookie hijacking...
HTTP login page
This script logs onto a web server through a login page and stores the authentication / session cookie. C Tenable Network Security, Inc. @PREFERENCES@ include"compat.inc"; ifdescription scriptid11149; scriptversion"1.37"; scriptsetattributeattribute:"pluginmodificationdate", value:"2025/09/29";...
YaBB 1.401.41 - Login Cross-Site Scripting
YaBB 1.401.41 - Login Cross-Site Scripting source: https://www.securityfocus.com/bid/6004/info A cross-site scripting vulnerability has been reported in the YaBB Yet Another Bulletin Board forum login script. HTML tags or script code are not sanitized from the error output of erroneous login...
CSS on Microsoft Content Management Server
Hi, while doing a pen-test I found what seems a Cross Site Scriptting on Microsoft Content Management Server. On M$ words: "Microsoft® Content Management Server 2001 MSCMS is an enterprise Web content management system that enables companies to build, deploy, and maintain Internet, intranet, and...
Citrix Nfuse 1.6 - Published Applications Information Leak
Citrix Nfuse 1.6 - Published Applications Information Leak source: https://www.securityfocus.com/bid/3926/info Citrix Nfuse is an application portal server meant to provide the functionality of any application on the server via a web browser. Nfuse works in conjunction with a previously-installed...
Citrix Nfuse 1.6 - Published Applications Information Leak
source: https://www.securityfocus.com/bid/3926/info Citrix Nfuse is an application portal server meant to provide the functionality of any application on the server via a web browser. Nfuse works in conjunction with a previously-installed webserver. If a request for 'applist.asp' is submitted...
CVE-2001-0857
Cross-site scripting vulnerability in status.php3 in Imp Webmail 2.2.6 and earlier allows remote attackers to gain access to the e-mail of other users by hijacking session cookies via the message parameter...
XFree86 X11R6 3.3 XDM - Session Cookie Guessing
// source: https://www.securityfocus.com/bid/2985/info xdm is the X Display Manager, a component of the XFree86 package. xdm manages the display of X sessions both locally and remotely. An xdm server compiled without WrapHelp.c is vulnerable to a brute force X cookie attack, due to using triviall...