DataWatch Monarch BI v5.1 admin section reflected cross-site scripting

Class: Input Validation Error Remote: Yes Local: No Published: 26/06/2012 Credit: Raymond Rizk of Dionach Limited [email protected] Vulnerable: DataWatch Monarch BI v5.1 DataWatch's Monarch BI admin section is prone to a reflected cross-site scripting vulnerability because it fails to sufficientl...

DataWatch Monarch Business Intelligence (BI) v5.1 admin section stored cross-site scripting

DataWatch Monarch BI v5.1 admin section stored cross-site scripting Class: Input Validation Error Remote: Yes Local: No Published: 26/06/2012 Credit: Raymond Rizk of Dionach Limited [email protected] Vulnerable: DataWatch Monarch BI v5.1 DataWatch's Monarch BI admin section is prone to a stored...

CVE-2012-2936

Multiple cross-site scripting XSS vulnerabilities in Pligg CMS before 1.2.2 allow remote attackers to inject arbitrary web script or HTML via the 1 user or 2 page parameter to a admin/admincomments.php or b admin/adminlinks.php; or list parameter in a 3 move or 4 minimize action to c...

VisualSite CMS 1.3 - Multiple Vulnerabilities

''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | | | | | || / \ || | | | || ||// \/|/ http://www.exploit-db.com/moaub-25-visualsite-cms-multiple-vulnerabilities/ ''' Abysssec Inc Public Advisory Title : VisualSite CMS Multiple Vulnerabilities Affected Version :...

FreeDiscussionForums v1.0 Multiple Remote Vulnerabilities

Exploit for asp platform in category web applications ========================================================= FreeDiscussionForums v1.0 Multiple Remote Vulnerabilities ========================================================= Title : FreeDiscussionForums Multiple Remote Vulnerabilities Affected...

freediscussionforums 1.0 - Multiple Vulnerabilities

freediscussionforums 1.0 - Multiple Vulnerabilities ''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | | | | | || / \ || | | | || ||// \/|/ http://www.exploit-db.com/moaub-14-freediscussionforums-multiple-remote-vulnerabilities/ ''' Abysssec Inc Public Advisory...

freediscussionforums 1.0 - Multiple Vulnerabilities

''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | | | | | || / \ || | | | || ||// \/|/ http://www.exploit-db.com/moaub-14-freediscussionforums-multiple-remote-vulnerabilities/ ''' Abysssec Inc Public Advisory Title : FreeDiscussionForums Multiple Remote...

Simple to Use Property Management System SQLi & XSS Vulnerability

Exploit for php platform in category web applications ================================================================= Simple to Use Property Management System SQLi & XSS Vulnerability ================================================================= Author: L0rd CrusAd3r aka VSN email protected...

iScripts eSwap v2.0 XSS / SQL Injection Vulnerability

Exploit for php platform in category web applications ===================================================== iScripts eSwap v2.0 XSS / SQL Injection Vulnerability ===================================================== Title:iScripts eSwap v2.0 sqli and xss vulnerability Author: Sid3^effects...

iScripts eSwap 2.0 - SQL Injection / Cross-Site Scripting

Title:iScripts eSwap v2.0 sqli and xss vulnerability Author: Sid3^effects Published: 2010-06-05 price:$99.95 email:[email protected] vendor: iScripts url : http://www.iscripts.com/eswap/ google dork : Powered by iScripts eSwap. ooooo .oooooo. oooooo oooooo oooo 888' d8P' Y8b 888. 888. .8' 888 88...

XSS vulnerability in some JSPs under admin section

Several JSPs found under the admin section of Confluence have been found to be vulnerable to XSS attacks. This issue corrects those problems. This issue is rated HIGH. Please refer to http://confluence.atlassian.com/x/ZILmD for information on other security related issues and more information on...

Announcement Preview banner is a vector for an XSS attack

The announcement preview banner is currently displayed via the global decorator. It can be used for an XSS attack on virtually every page, via the announcementpreviewbannerst URL parameter. We should display the preview only locally in the admin section...

Announcement Preview banner is a vector for an XSS attack

The announcement preview banner is currently displayed via the global decorator. It can be used for an XSS attack on virtually every page, via the announcementpreviewbannerst URL parameter. We should display the preview only locally in the admin section...

Announcement Preview banner is a vector for an XSS attack

The announcement preview banner is currently displayed via the global decorator. It can be used for an XSS attack on virtually every page, via the announcementpreviewbannerst URL parameter. We should display the preview only locally in the admin section...

Multiple Stored XSS in XOOPS 2.4.4 Admin Section

Greetz to all Darkc0de ,AI,ICW, AH Memebers Shoutz to r45c4l,j4ckh4x0r,silic0n,smith,baltazar,d3hydr8,FB1H2S, lowlz,Eberly,Sumit, Author: Beenu Arora Home : www.BeenuArora.com Email : [email protected] Share the c0de! Exploit: Multiple Stored XSS in XOOPS 2.4.4 Admin Section AppSite:...

FreePBX 2.5.x - Information Disclosure

Advisory Name: Information disclosure in FreePBX 2.5.x Internal Cybsec Advisory Id: 2010-0101 Vulnerability Class: Information disclosure Release Date: 15/01/2010 Affected Applications: Confirmed in FreePBX 2.5.x Other versions may also be affected Affected Platforms: Any running FreePBX2.5.x Loc...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in transLucid 1.75 allow remote attackers to inject arbitrary web script or HTML via the a NodeID and b action parameters to the default URI, and the c NodeID parameter to the default URI for the admin section; and allow remote authenticated users...

CVE-2009-2145

Multiple cross-site scripting XSS vulnerabilities in transLucid 1.75 allow remote attackers to inject arbitrary web script or HTML via the a NodeID and b action parameters to the default URI, and the c NodeID parameter to the default URI for the admin section; and allow remote authenticated users...

nabopoll 1.2 Remote Unprotected Admin Section Vulnerability

No description provided by source. By Cr@zyKing [email protected] Thakns : ApAci & Erne & Uyussman & Eno7 & Thehacker & CrackersChild Script : nabopoll 1.1.2 Risk : Remote Add Admin Exploit |High Site : http://nabocorp.com/ Google Dork : inurl:"nabopoll/" Exploit :...

nabopoll 1.2 - Remote Unprotected Admin Section

nabopoll 1.2 - Remote Unprotected Admin Section nabopoll 1.1.2 sensitive file admin without password By : sn0oPy Risk : high site : http://nabocorp.com/ Dork : inurl:"nabopoll/" exploit : acces without password to : http://target/nabopoll/admin/configedit.php...