24 matches found
EUVD-2005-4430
Malware in sbrugna...
EUVD-2007-4606
Malware in sbrugna...
EUVD-2005-4429
Malware in sbrugna...
SUSE CVE-2005-4434
Cross-site scripting XSS vulnerability in AbleDesign ReSearch 2.x allows remote attackers to inject arbitrary web script or HTML via unknown vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
AbleDesign MyCalendar 2.20.3 Index.PHP Multiple Cross-Site Scripting Vulnerabilities
No description provided by source...
AbleDesign D-Man 3.0 Title Parameter Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/15993/info D-Man is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input to the 'title' parameter. An attacker may leverage this issue t...
CVE-2007-4624
Cross-site scripting XSS vulnerability in pframe.php in AbleDesign Dynamic Picture Frame 1.00 allows remote attackers to inject arbitrary web script or HTML via the imgurl parameter. NOTE: some of these details are obtained from third party information...
CVE-2007-4624
Cross-site scripting XSS vulnerability in pframe.php in AbleDesign Dynamic Picture Frame 1.00 allows remote attackers to inject arbitrary web script or HTML via the imgurl parameter. NOTE: some of these details are obtained from third party information...
CVE-2007-4624
The CVE-2007-4624 entry describes a cross-site scripting (XSS) vulnerability in AbleDesign Dynamic Picture Frame 1.00, specifically in pframe.php where the img_url parameter can be exploited to inject arbitrary web script or HTML. The vulnerability stems from inadequate input validation of the im...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in index.php in AbleDesign MyCalendar allow remote attackers to inject arbitrary web script or HTML via 1 the go parameter, 2 the keyword parameter in the search menu go=search, or 3 the username or 4 the password in a go=Login action...
CVE-2007-1050
Multiple cross-site scripting XSS vulnerabilities in index.php in AbleDesign MyCalendar allow remote attackers to inject arbitrary web script or HTML via 1 the go parameter, 2 the keyword parameter in the search menu go=search, or 3 the username or 4 the password in a go=Login action...
CVE-2007-1050
Multiple cross-site scripting XSS vulnerabilities in index.php in AbleDesign MyCalendar allow remote attackers to inject arbitrary web script or HTML via 1 the go parameter, 2 the keyword parameter in the search menu go=search, or 3 the username or 4 the password in a go=Login action...
CVE-2007-1050
CVE-2007-1050 describes multiple cross-site scripting (XSS) vulnerabilities in index.php of AbleDesign MyCalendar. The issue allows remote attackers to inject arbitrary web script or HTML via the following input points: (1) the go parameter, (2) the keyword parameter in the search menu (go=search...
EUVD-2007-1047
Multiple cross-site scripting XSS vulnerabilities in index.php in AbleDesign MyCalendar allow remote attackers to inject arbitrary web script or HTML via 1 the go parameter, 2 the keyword parameter in the search menu go=search, or 3 the username or 4 the password in a go=Login action...
AbleDesign MyCalendar 2.20.3 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/22635/info MyCalendar is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...
CVE-2005-4434
Cross-site scripting XSS vulnerability in AbleDesign ReSearch 2.x allows remote attackers to inject arbitrary web script or HTML via unknown vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2005-4434
Cross-site scripting XSS vulnerability in AbleDesign ReSearch 2.x allows remote attackers to inject arbitrary web script or HTML via unknown vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2005-4435
CVE-2005-4435 describes a cross-site scripting (XSS) vulnerability in the AbleDesign D-Man 3.x product, occurring in index.php via the title parameter. An attacker could inject arbitrary web script or HTML by supplying a crafted title value. The connected documents confirm the affected component ...
CVE-2005-4435
Cross-site scripting XSS vulnerability in index.php AbleDesign D-Man 3.x allows remote attackers to inject arbitrary web script or HTML via the title parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2005-4434
CVE-2005-4434 affects AbleDesign ReSearch 2.x with a Cross-site scripting (XSS) vulnerability. The vectors are unknown, allowing remote injection of arbitrary script/HTML. Impact: partial integrity, no confidentiality or availability impact stated. The provided data does not specify exploitable c...