Lucene search
K

152 matches found

xssed
xssed
added 2011/12/29 12:0 a.m.13 views

Unfixed XSS vulnerability at www.allcompanyltd.com

Security researcher IrIsT.Ir, has submitted on 29/12/2011 a cross-site-scripting XSS vulnerability affecting www.allcompanyltd.com, which at the time of submission ranked 474861 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 30/12/2011. It is...

6.6AI score
Exploits0References1
OpenVAS
OpenVAS
added 2011/06/13 12:0 a.m.19 views

Microsoft Internet Explorer Cookie Hijacking Vulnerability

Internet Explorer is prone to cookie hijacking vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS5.2AI score0.19305EPSS
Exploits1References2
CVE
CVE
added 2010/06/11 5:28 p.m.56 views

CVE-2010-1384

The CVE-2010-1384 entry concerns Safari’s address bar spoofing vulnerability. Affected products include Safari before 5.0 on Mac OS X 10.5–10.6 and Windows, and before 4.1 on Mac OS X 10.4. The underlying issue is that the URL displayed in the address bar can be spoofed, making the user believe t...

4.3CVSS6.1AI score0.02981EPSS
Exploits0References14Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
added 2010/02/21 12:0 a.m.18 views

[20100423] - Core - Negative Values for Limit and Offset

If a user entered a URL with a negative query limit or offset, a PHP notice would display revealing information about the system...

6.8AI score
Exploits0Affected Software1
UbuntuCve
UbuntuCve
added 2009/09/15 10:30 p.m.27 views

CVE-2009-3166

token.cgi in Bugzilla 3.4rc1 through 3.4.1 places a password in a URL at the beginning of a login session that occurs immediately after a password reset, which allows context-dependent attackers to discover passwords by reading 1 web-server access logs, 2 web-server Referer logs, or 3 the browser...

5CVSS5.9AI score0.01159EPSS
Exploits1References1
Exploit DB
Exploit DB
added 2008/12/15 12:0 a.m.37 views

FLDS 1.2a - 'lpro.php' SQL Injection

Free Links Directory Script id SQL Injection Vulnerability Author: nuclear site: http://flds-script.com vuln: http://localhost/path/lpro.php?id=-1 UNION SELECT 1,concatusername,0x3a,password,3,4,5,6,7,8,9,10,11 from users demo:...

7.4AI score
Exploits0
Atlassian
Atlassian
added 2008/09/15 4:25 p.m.43 views

XSS in RSS feed creation

URL http://localhost:8080/dashboard/doconfigurerssfeed.action The RSS feed creation process is vulnerable to XSS attacks. It is possible to inject javascript code into the page by changing the types field to: types="alertdocument.cookie complete example from the testenvironment:...

6.4AI score
Exploits0Affected Software1
Packet Storm
Packet Storm
added 2008/07/15 12:0 a.m.28 views

maiangreetings-cookie.txt

Author: Saime Date: July 12, 2008 Script: Maian Greetings v2.1 Insecure Cookie Handling Vulnerability URL: http://www.maianscriptworld.co.uk Dork: Powered by: Maian Greetings v2.1 Description: Maian Greetings v2.1 is suffering from insecure cookie handling, the /admin/index.php only checks if...

7.4AI score
Exploits0
xssed
xssed
added 2008/01/31 12:0 a.m.7 views

Unfixed XSS vulnerability at soft.rosinstrument.com

Security researcher Uber0n, has submitted on 31/01/2008 a cross-site-scripting XSS vulnerability affecting soft.rosinstrument.com, which at the time of submission ranked 68117 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 09/02/2008. It is...

6.6AI score
Exploits0References1
CVE
CVE
added 2005/03/26 5:0 a.m.43 views

CVE-2002-1626

CVE-2002-1626 describes a directory traversal vulnerability in Mike Spice My Calendar before 1.5. An attacker can craft a URL containing .. sequences to write arbitrary files on the server. The issue arises from improper validation of path traversal in the web-facing handler, enabling verifying a...

5CVSS7.2AI score0.01973EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2004/09/01 4:0 a.m.70 views

CVE-2002-1186

CVE-2002-1186 affects Microsoft Internet Explorer versions 5.01 through 6.0. The vulnerability arises because IE does not properly perform security checks on certain encoded characters within a URL, enabling a remote attacker to steal potentially sensitive information by redirecting the user to a...

5CVSS6.1AI score0.19121EPSS
Exploits1References9Affected Software2
Cvelist
Cvelist
added 2002/06/25 4:0 a.m.29 views

CVE-2001-0917

Jakarta Tomcat 4.0.1 allows remote attackers to reveal physical path information by requesting a long URL with a .JSP extension...

6.2AI score0.08176EPSS
Exploits0References6
Rows per page
Query Builder