3152 matches found
Unfixed XSS vulnerability at ad-click.jp
Security researcher kusomiso.com, has submitted on 10/09/2007 a cross-site-scripting XSS vulnerability affecting ad-click.jp, which at the time of submission ranked 547254 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 13/09/2007. It is...
Unfixed XSS vulnerability at ad-click.jp
Security researcher kusomiso.com, has submitted on 10/09/2007 a cross-site-scripting XSS vulnerability affecting ad-click.jp, which at the time of submission ranked 547254 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 13/09/2007. It is...
Cross site scripting
Cross-site scripting XSS vulnerability in mail.asp in Netkamp Emlak Scripti allows remote attackers to inject arbitrary web script or HTML via the 1 Email parameter, and possibly the 2 Ad, 3 Soyad, 4 Konu, and 5 Mesaj parameters to iletisim.asp...
Samba NSS_Info插件本地权限提升漏洞
BUGTRAQ ID: 25636 CVECAN ID: CVE-2007-4138 Samba是一套实现SMB(Server Messages Block)协议、跨平台进行文件共享和打印共享服务的程序。 idmapad.so库中为Winbind提供了nssinfo扩展用于从活动目录域控制台检索用户的主目录路径、登录shell和主组id等,可通过将winbind nss info的smb.conf选项定义为sfu或rfc2307来启用这个功能。 Windows的Identity Management for Unix和Services for Unix...
phpnukesearch-xss.txt
PHP-Nuke ALL versions Search Module multiple XSS and HTML injection ------------------------------------------------------------------- The well-known PHP-Nuke CMS is vulnerable to multiple XSS attacks and HTML injections through the Search Module. The request is made using POST, but the whole...
CVE-2007-2476
CVE-2007-2476 is associated with Novell SecureLogin (NSL) versions prior to 6.0.106 (NSL 6 SP1 and earlier). The connected Nessus data confirms multiple issues, including a vulnerability that could grant users excessive permissions to their own AD attributes and an additional security issue relat...
Novell SecureLogin < 6.0.106 Multiple Vulnerabilities
The version of Novell SecureLogin installed on the remote host is earlier than 6.0.106. Such versions reportedly grant a user excessive permissions to their own attributes in an Active Directory AD environment. There is also a security issue with AD password change. Note that Novell strongly...
Mandrake Linux Security Advisory : madwifi-source (MDKSA-2007:082)
The athratesample function in the athrate/sample/sample.c sample code in MadWifi before 0.9.3 allows remote attackers to cause a denial of service failed KASSERT and system crash by moving a connected system to a location with low signal strength, and possibly other vectors related to a race...
Unfixed XSS vulnerability at ad-click.jp
Security researcher kusomiso.com, has submitted on 04/09/2007 a cross-site-scripting XSS vulnerability affecting ad-click.jp, which at the time of submission ranked 561558 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 08/09/2007. It is...
CVE-2006-7177
MadWifi, when Ad-Hoc mode is used, allows remote attackers to cause a denial of service system crash via unspecified vectors that lead to a kernel panic in the ieee80211input function, related to "packets coming from a 'malicious' WinXP system."...
CVE-2006-7177
MadWifi, when Ad-Hoc mode is used, allows remote attackers to cause a denial of service system crash via unspecified vectors that lead to a kernel panic in the ieee80211input function, related to "packets coming from a 'malicious' WinXP system."...
CVE-2006-7177
CVE-2006-7177 affects the MadWifi driver when operating in Ad-Hoc mode. The vulnerability allows remote attackers to cause a denial of service (system crash) by sending wireless packets that trigger a kernel panic in the ieee80211_input function, related to packets from a potentially malicious Wi...
CVE-2006-7177
MadWifi, when Ad-Hoc mode is used, allows remote attackers to cause a denial of service system crash via unspecified vectors that lead to a kernel panic in the ieee80211input function, related to "packets coming from a 'malicious' WinXP system."...
CVE-2007-0570
PHP remote file inclusion vulnerability in ainsmain.php in Johannes Gijsbers aka Taradino Ad Fundum Integratable News Script AINS 0.02b allows remote attackers to execute arbitrary PHP code via a URL in the ainspath parameter...
CVE-2006-6768
Multiple cross-site scripting XSS vulnerabilities in default.asp in PWP Technologies The Classified Ad System allow remote attackers to inject arbitrary web script or HTML via the 1 cat or 2 main parameter...
CVE-2006-6768
The CVE-2006-6768 entry documents multiple XSS vulnerabilities in the default.asp page of PWP Technologies The Classified Ad System, exploitable via the (1) cat and (2) main parameters. The underlying issue is cross-site scripting in input handling on that page, with a CVSS base score of 6.8 (Med...
The Classified Ad System 1.0 (main) Remote SQL Injection Exploit
No description provided by source. !/usr/bin/perl Script Name: The Classified Ad System 1.0 main Remote SQL Injection Exploit Coded by : ajann Author : ajann Contact : : S.Page : http://www.mxmania.net $$ : 29.99 . .. : ajann,Turkey use IO::Socket; if@ARGV 1 print "...
The Classified Ad System 1.0 - 'main' SQL Injection
!/usr/bin/perl Script Name: The Classified Ad System 1.0 main Remote SQL Injection Exploit Coded by : ajann Author : ajann Contact : : S.Page : http://www.mxmania.net $$ : 29.99 . .. : ajann,Turkey use IO::Socket; if@ARGV : "; $dir = ; chop $dir; if $dir = /exit/ print "-- Exploit FailedYou Are...
The Classified Ad System 1.0 (main) Remote SQL Injection Exploit
Exploit for unknown platform in category web applications ================================================================ The Classified Ad System 1.0 main Remote SQL Injection Exploit ================================================================ !/usr/bin/perl Script Name: The Classified Ad...
CVE-2006-6349
Multiple SQL injection vulnerabilities in PWP Technologies The Classified Ad System allow remote attackers to execute arbitrary SQL commands via 1 the main parameter in a view action includes/mainpage/view.asp in default.asp or 2 a query in the search engine...