21 matches found
EUVD-2005-0946
Malware in sbrugna...
EUVD-2005-0803
Malware in sbrugna...
EUVD-2005-1291
Malware in sbrugna...
ACS Blog 0.8/0.9/1.0/1.1 Search.ASP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/12836/info ACS Blog is reportedly affected by a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have...
ACS Blog 0.8/0.9/1.0/1.1 Name Field HTML Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/12921/info ACS Blog is affected by an HTML injection vulnerability. The issue affects the 'Name' field and may be exploited to execute arbitrary HTML and script code in the browser of the user when the user views an...
acs-blog turkce v1.1.3-(tr) Database Disclosure Exploit
!/usr/bin/perl -w blog turkce v1.1.3-tr Database Disclosure Exploit Found & Coded: indoushka Date: 25/07/2010 Home: http://www.hack-r1z.com/cc/ Dz-Ghost Team ===== Saoucha Star08 Cyber Sec theblind74 XproratiX onurozkan n2n Meher Assel =========================== special thanks to : r0073r...
CVE-2005-1288
inclogincheck.asp ACS Blog 0.8 through 1.1.3 allows remote attackers to gain administrator privileges via the "in" value in a cookie...
CVE-2005-0945
Cross-site scripting XSS vulnerability in ACS Blog 1.1.1 allows remote attackers to inject arbitrary web script or HTML via onmouseover or onload events in 1 img, 2 link, or 3 mail tags...
CVE-2005-0802
Cross-site scripting XSS vulnerability in search.asp in ACS Blog 0.8 through 1.1b allows remote attackers to execute arbitrary web script or HTML via the search parameter...
CVE-2005-1288
The vulnerability CVE-2005-1288 affects ACS Blog 0.8 through 1.1.3, where attackers can gain administrator privileges by manipulating the value of the in cookie. Affected component: login/authentication flow (inc_login_check.asp). Root cause: insecure cookie handling that allows privilege escalat...
CVE-2005-1288
inclogincheck.asp ACS Blog 0.8 through 1.1.3 allows remote attackers to gain administrator privileges via the "in" value in a cookie...
CVE-2005-0945
Cross-site scripting XSS vulnerability in ACS Blog 1.1.1 allows remote attackers to inject arbitrary web script or HTML via onmouseover or onload events in 1 img, 2 link, or 3 mail tags...
CVE-2005-0945
CVE-2005-0945 describes a stored/reflected Cross-site scripting (XSS) vulnerability in ACS Blog 1.1.1, where remote attackers can inject arbitrary script via onmouseover or onload events in (1) img, (2) link, or (3) mail tags. The NVD entry lists a base score of 4.3 (Medium) with network attack v...
Multiple XSS vulnerabilities in ACS Blog
These vulnerabilities have been tested on the latest version of ACS Blog. v1.1.1 In the comments section of ACS Blog, it is possible to execute an XSS attack through the link, mail, and img tags, due to lack of filtering of single quotes and spaces inside the tags. Examples/PoCs:...
ACSblog111.txt
These vulnerabilities have been tested on the latest version of ACS Blog. v1.1.1 In the comments section of ACS Blog, it is possible to execute an XSS attack through the link, mail, and img tags, due to lack of filtering of single quotes and spaces inside the tags. Examples/PoCs:...
ACS Blog 0.8/0.9/1.0/1.1 - 'Name' HTML Injection
source: https://www.securityfocus.com/bid/12921/info ACS Blog is affected by an HTML injection vulnerability. The issue affects the 'Name' field and may be exploited to execute arbitrary HTML and script code in the browser of the user when the user views an affected Web page. Name:...
ACS Blog 0.80.91.01.1 - Name HTML Injection
ACS Blog 0.80.91.01.1 - Name HTML Injection source: https://www.securityfocus.com/bid/12921/info ACS Blog is affected by an HTML injection vulnerability. The issue affects the 'Name' field and may be exploited to execute arbitrary HTML and script code in the browser of the user when the user view...
CVE-2005-0802
CVE-2005-0802 concerns a cross-site scripting (XSS) vulnerability in the search.asp handler of ACS Blog versions 0.8 through 1.1b. The issue allows remote attackers to inject and execute arbitrary web script or HTML via the search parameter, potentially impacting users viewing search results. The...
XSS in ACS blog
XSS vulnerability exist in the ACS blog ASP WEBLOG SYSTEM . Vulnerable : ACS Blog v 0.8 ACS Blog v 0.9 ACS Blog v 1.0 ACS Blog v 1.1b Code : /search.asp?search=223Cbr3E3Ciframe+src3D22http3A2F2Fgoogle.com223E3C2Fiframe3E or goto /search.asp and copy this code : "briframe...
ACS Blog 0.8/0.9/1.0/1.1 - 'search.asp' Cross-Site Scripting
source: https://www.securityfocus.com/bid/12836/info ACS Blog is reportedly affected by a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in t...