Sun Java Web Sever 7.0 u7 Admin Interface DoS

No description provided by source. Sun Java Web Sever 7.0 u7 Admin Interface DOS Software Package sjsws-70u7-windows-i586.zip 4fb8d1fb700d5649234a2891a4ecedea While attempting to verify http://www.exploit-db.com/exploits/14194/ which was not verified, I stumbled across semi amusing DOS: root@bt: ...

Multiple Vulnerabilities in Pixie

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Pixie which could be exploited to perform cross-site scripting, script insertions and cross-site request forgery attacks. 1 Cross-site scripting XSS vulnerability in Pixie The vulnerability exists due to input...

Cross site scripting

Cross-site scripting XSS vulnerability in adminloginok.html in the Administrator web interface in Wing FTP Server for Windows 3.5.0 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted POST request...

CVE-2010-2428

Cross-site scripting XSS vulnerability in adminloginok.html in the Administrator web interface in Wing FTP Server for Windows 3.5.0 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted POST request...

G.CMS Generator - SQL Injection

G.CMS Generator - SQL Injection 1 1 0 I'm Sid3^effects member from Inj3ct0r Team 1 1 0 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1 Name : Gcms generator SQLi Vulnerability Date : june, 21 2010 Critical Level : HIGH Vendor Url : http://www.laubrotel.com/gcms/demo/ Auth...

cups: web interface memory disclosure

The cgiinitializestring function in cgi-bin/var.c in the web interface in CUPS before 1.4.4, as used on Apple Mac OS X 10.5.8, Mac OS X 10.6 before 10.6.4, and other platforms, does not properly handle parameter values containing a % percent character without two subsequent hex characters, which...

CVE-2010-1985

Multiple cross-site scripting XSS vulnerabilities in the administrative user interface in Six Apart Movable Type 5.0 and 5.01 allow remote attackers to inject arbitrary web script or HTML via unknown vectors...

Litespeed Web Server 4.0.12 Cross Site Request Forgery / Cross Site Scripting

Exploit Title: Litespeed Web Server - Add Admin CSRF and XSS Vulnerabilities Date: 2010-02-04 Author: d1dn0t didnotatmedotcom Software Link: http://www.litespeedtech.com/litespeed-web-server-downloads.html Version: 4.0.12 Greetz: Muts/Ryujin/KernelSaunders 0x00 Product Description LiteSpeed Web...

Litespeed Web Server 4.0.12 - Cross-Site Request Forgery (Add Admin) / Cross-Site Scripting

Author: d1dn0t didnotatmedotcom Software Link: http://www.litespeedtech.com/litespeed-web-server-downloads.html Version: 4.0.12 Greetz: Muts/Ryujin/KernelSaunders 0x00 Product Description LiteSpeed Web Server is the leading high-performance, high-scalability web server. It is completely Apache...

WD-CMS 3.0 - Multiple Vulnerabilities

WD-CMS 3.0 - Multiple Vulnerabilities Exploit Title: WD-CMS 3.0 Multiple Vulnerabilities Date: December 31st, 2009 Author: Sora Software Link: http://www.webdiamond.net/cms.html Version: 3.0 Tested on: Windows Vista and Linux Backtrack 3...

WD-CMS 3.0 Multiple Vulnerabilities

Exploit for unknown platform in category web applications =================================== WD-CMS 3.0 Multiple Vulnerabilities =================================== Exploit Title: WD-CMS 3.0 Multiple Vulnerabilities Date: December 31st, 2009 Author: Sora Software Link:...

CVE-2009-4402

The default configuration of SQL-Ledger 2.8.24 allows remote attackers to perform unspecified administrative operations by providing an arbitrary password to the admin interface...

CVE-2009-4402

The default configuration of SQL-Ledger 2.8.24 allows remote attackers to perform unspecified administrative operations by providing an arbitrary password to the admin interface...

CVE-2009-4402

The default configuration of SQL-Ledger 2.8.24 allows remote attackers to perform unspecified administrative operations by providing an arbitrary password to the admin interface...

CVE-2009-4402

CVE-2009-4402 affects SQL-Ledger 2.8.24, where default configuration allows remote attackers to perform unspecified administrative operations by supplying an arbitrary password to the admin interface. This is supported by multiple sources in the connected set (NVD/NASL/OpenVAS), all describing th...

CVE-2009-4402

The default configuration of SQL-Ledger 2.8.24 allows remote attackers to perform unspecified administrative operations by providing an arbitrary password to the admin interface...

Sun Solaris AnswerBook2 Multiple Cross-Site Scripting Vulnerabilities

Sun Solaris AnswerBook2 is reported prone to multiple cross-site scripting vulnerabilities. These issues arise due to insufficient sanitization of user-supplied data facilitating execution of arbitrary HTML and script code in a user's browser. The following specific issues were identified: It is...

Websense Email Security multiple security vulnerabilities

Crossite scripting and DoS in Web administration interface...

Big Banyan network article management system of 0day-vulnerability warning-the black bar safety net

Big Banyan network article management system Ver 3.0 Build 0 9 0 6 0 2 user registry filter is not strict can be inserted into a word Use: Google for: inurl:ArtClaShow. asp? cid search inurl:ArtClaShow. asp? cid for about1,170 query results, the following is the1-1 0 article Open the page, find t...

CVE-2009-2851

Cross-site scripting XSS vulnerability in the administrator interface in WordPress before 2.8.2 allows remote attackers to inject arbitrary web script or HTML via a comment author URL...