Lucene search
K

838 matches found

Mozilla
Mozilla
added 2008/02/07 12:0 a.m.30 views

URL token stealing via stylesheet redirect — Mozilla

Security researcher Martin Straka reported that Gecko-based browsers update the .href property of stylesheet DOM nodes to reflect the final URI of the stylesheet after following any 302 redirects much as the document.location property is updated. This differs from other browsers and could...

4.3CVSS9.3AI score0.02037EPSS
Exploits1References2Affected Software2
xssed
xssed
added 2008/02/06 12:0 a.m.14 views

Unfixed XSS vulnerability at antena1.ro

Security researcher Shocker -at- ShockingSoft.com, has submitted on 02/06/2008 a cross-site-scripting XSS vulnerability affecting antena1.ro, which at the time of submission ranked 19888 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 05/11/200...

Exploits0References1
xssed
xssed
added 2008/01/13 12:0 a.m.9 views

Unfixed XSS vulnerability at www.fawri.dz

Security researcher t0fx, has submitted on 13/01/2008 a cross-site-scripting XSS vulnerability affecting www.fawri.dz, which at the time of submission ranked 200838 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 14/01/2008. It is currently...

6.6AI score
Exploits0References1
Packet Storm
Packet Storm
added 2008/01/11 12:0 a.m.26 views

digitalhive-sql.txt

body margin:3%; font-size:10px; color:FFFFFF; font-family:Verdana,Arial; background-color:1a1a1a; text-align: center; input background:303030; color:FFFFFF; font-family:Verdana,Arial; font-size:10px; vertical-align:middle; border-left:1px solid 5d5d5d; border-right:1px solid 121212;...

7.4AI score
Exploits0
xssed
xssed
added 2007/12/21 12:0 a.m.15 views

Unfixed XSS vulnerability at www.haaretz.com

Security researcher TreX, has submitted on 21/12/2007 a cross-site-scripting XSS vulnerability affecting www.haaretz.com, which at the time of submission ranked 8645 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 23/12/2007. It is currently...

Exploits0References1
xssed
xssed
added 2007/11/29 12:0 a.m.18 views

Unfixed XSS vulnerability at vip-seek.info

Security researcher Genocide, has submitted on 29/11/2007 a cross-site-scripting XSS vulnerability affecting vip-seek.info, which at the time of submission ranked 0 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 04/12/2007. It is currently...

6.6AI score
Exploits0References1
xssed
xssed
added 2007/11/27 12:0 a.m.14 views

Unfixed XSS vulnerability at www.aladin.wrlc.org

Security researcher Genocide, has submitted on 27/11/2007 a cross-site-scripting XSS vulnerability affecting www.aladin.wrlc.org, which at the time of submission ranked 132714 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 29/11/2007. It is...

6.6AI score
Exploits0References1
Cvelist
Cvelist
added 2007/10/23 5:0 p.m.22 views

CVE-2007-5631

Multiple PHP remote file inclusion vulnerabilities in PeopleAggregator 1.2pre6, when registerglobals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the currentblockmodulepath parameter to 1 AudiosMediaGalleryModule/AudiosMediaGalleryModule.php, 2...

7.6AI score0.39416EPSS
Exploits1References12
Packet Storm
Packet Storm
added 2007/10/23 12:0 a.m.23 views

webif-xss.txt

----------------------------- || WWW.SMASH-THE-STACK.NET || ----------------------------- || ADVISORY: IFNET.IT WEBIF XSS VULNERABILITY || 0x00: ABOUT ME || 0x01: DATELINE || 0x02: INFORMATION || 0x03: EXPLOITATION || 0x04: GOOGLE DORK || 0x05: RISK LEVEL || 0x00: ABOUT ME Author: SkyOut Date:...

7.4AI score
Exploits0
xssed
xssed
added 2007/09/26 12:0 a.m.7 views

Unfixed XSS vulnerability at gwar.org.ru

Security researcher iD - uNkn0wn.eu, has submitted on 26/09/2007 a cross-site-scripting XSS vulnerability affecting gwar.org.ru, which at the time of submission ranked 1453096 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 01/10/2007. It is...

Exploits0References1
xssed
xssed
added 2007/09/25 12:0 a.m.17 views

Unfixed XSS vulnerability at www.a-market.jp

Security researcher kusomiso.com, has submitted on 25/09/2007 a cross-site-scripting XSS vulnerability affecting www.a-market.jp, which at the time of submission ranked 127760 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 28/09/2007. It is...

6.6AI score
Exploits0References1
xssed
xssed
added 2007/09/20 12:0 a.m.8 views

Unfixed XSS vulnerability at www.vardguiden.se

Security researcher TraCK10ya, has submitted on 20/09/2007 a cross-site-scripting XSS vulnerability affecting www.vardguiden.se, which at the time of submission ranked 102260 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 22/09/2007. It is...

Exploits0References1
xssed
xssed
added 2007/09/16 12:0 a.m.11 views

Unfixed XSS vulnerability at katalog.morbylanga.se

Security researcher By Encore, has submitted on 16/09/2007 a cross-site-scripting XSS vulnerability affecting katalog.morbylanga.se, which at the time of submission ranked 620823 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 20/09/2007. It is...

Exploits0References1
Prion
Prion
added 2007/09/06 7:17 p.m.20 views

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in SpeedTech PHP Library STPHPLibrary 0.8.0 allow remote attackers to execute arbitrary PHP code via a URL in the 1 dbconf or 2 ADODBDIR parameter to utils/stphpimageshow.php; or a URL in the STPHPLIBDIR parameter to 3 stphpbutton.php, 4...

7.5CVSS7.6AI score0.10661EPSS
Exploits0References36Affected Software1
Prion
Prion
added 2007/08/25 12:17 a.m.10 views

Sql injection

Multiple SQL injection vulnerabilities in Ripe Website Manager 0.8.9 and earlier allow remote authenticated users to execute arbitrary SQL commands via one or more of the following vectors: the 1 id parameter to a pages/deletepage.php, b navigation/deletemenu.php, and c navigation/deleteitem.php ...

6CVSS8.8AI score0.0173EPSS
Exploits1References5Affected Software1
NVD
NVD
added 2007/08/17 9:17 p.m.12 views

CVE-2007-4384

Multiple PHP remote file inclusion vulnerabilities in depouilg.php3 in Stephane Pineau VOTE 1c allow remote attackers to execute arbitrary PHP code via a URL in the 1 NomVote and 2 FilePalHex parameters...

6.8CVSS7.7AI score0.02094EPSS
Exploits0References3
Prion
Prion
added 2007/08/17 9:17 p.m.9 views

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in depouilg.php3 in Stephane Pineau VOTE 1c allow remote attackers to execute arbitrary PHP code via a URL in the 1 NomVote and 2 FilePalHex parameters...

6.8CVSS8.2AI score0.02094EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2007/08/17 9:12 p.m.17 views

CVE-2007-4384

Multiple PHP remote file inclusion vulnerabilities in depouilg.php3 in Stephane Pineau VOTE 1c allow remote attackers to execute arbitrary PHP code via a URL in the 1 NomVote and 2 FilePalHex parameters...

7.7AI score0.02094EPSS
Exploits0References3
NVD
NVD
added 2007/08/08 10:17 p.m.15 views

CVE-2007-4235

Multiple PHP remote file inclusion vulnerabilities in VietPHP allow remote attackers to execute arbitrary PHP code via a URL in 1 the dirpath parameter to a functions.php, or 2 the language parameter to b admin/index.php or c index.php...

9.3CVSS7.7AI score0.03395EPSS
Exploits0References4
Prion
Prion
added 2007/08/07 10:17 a.m.14 views

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in AL-Athkar 2.0 allow remote attackers to execute arbitrary PHP code via a URL in the 1 include parameter to a Main.php and b get.php and the 2 exec parameter to c count.php...

10CVSS8.2AI score0.0215EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder