18 matches found
EUVD-2004-2195
Malware in sbrugna...
EUVD-2004-2258
Malware in sbrugna...
EUVD-2004-2259
Malware in sbrugna...
ansel.library.northwestern.edu XSS vulnerability
Vulnerable URL: http://ansel.library.northwestern.edu/ImageServer/links.jsp?title=%22%3E%3Csvg/onload=prompt%28/XSSPOSED/%29%3E=5=512=512=0=0=0=1=%2Fdimages%2Fpublic%2Fimages%2Finu-afrps%2Finu-afrps-ah-0710.jp2 Details: Description| Value ---|--- Patched:| No Latest check for patch:| 26.07.2017...
Unfixed XSS vulnerability at home.proflowers.com
Security researcher Michael Ansel, has submitted on 23/04/2008 a cross-site-scripting XSS vulnerability affecting home.proflowers.com, which at the time of submission ranked 7479 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 23/04/2008. It is...
Unfixed XSS vulnerability at www.avery.com
Security researcher Michael Ansel, has submitted on 23/04/2008 a cross-site-scripting XSS vulnerability affecting www.avery.com, which at the time of submission ranked 14808 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 23/04/2008. It is...
Unfixed XSS vulnerability at www.phrozen.biz
Security researcher Michael Ansel, has submitted on 22/04/2008 a cross-site-scripting XSS vulnerability affecting www.phrozen.biz, which at the time of submission ranked 7618089 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 23/04/2008. It is...
Unfixed XSS vulnerability at www.odesk.com
Security researcher Michael Ansel, has submitted on 02/05/2008 a cross-site-scripting XSS vulnerability affecting www.odesk.com, which at the time of submission ranked 7483 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 20/06/2008. It is...
CVE-2004-2267
Cross-site scripting XSS vulnerability in Ansel 2.1 and earlier allows remote attackers to inject arbitrary HTML or web script via the album name...
CVE-2004-2266
SQL injection vulnerability in Ansel 2.1 and earlier allows remote attackers to modify SQL statements via the image parameter...
CVE-2004-2266
CVE-2004-2266 affects Ansel 2.1 and earlier. The issue is a SQL injection vulnerability that allows remote attackers to modify SQL statements via the image parameter. According to the provided data, the NVD CVSS v2.0 base score is 7.5 (HIGH) with network attack vector, low attack complexity, no a...
CVE-2004-2267
The CVE-2004-2267 entry describes a Cross-site scripting (XSS) vulnerability in Ansel 2.1 and earlier. The issue allows remote attackers to inject arbitrary HTML or web script via the album name. Affected product/versions: Ansel 2.1 and earlier. Root cause: unsanitized album name input enabling s...
CVE-2004-2203
Ansel 1.2 through 2.0 uses insecure default permissions, which allows remote attackers to gain access to web readable directories...
CVE-2004-2203
CVE-2004-2203 affects Ansel 1.2 through 2.0. The vulnerability stems from insecure default permissions, which can allow remote attackers to access web-readable directories. The available connected documents confirm the affected product versions and the underlying issue (default permissions), but ...
CVE-2004-2203
Ansel 1.2 through 2.0 uses insecure default permissions, which allows remote attackers to gain access to web readable directories...
CVE-2004-2266
SQL injection vulnerability in Ansel 2.1 and earlier allows remote attackers to modify SQL statements via the image parameter...
CVE-2004-2267
Cross-site scripting XSS vulnerability in Ansel 2.1 and earlier allows remote attackers to inject arbitrary HTML or web script via the album name...
[SA12856] Ansel "image" SQL Injection and Script Insertion Vulnerabilities
TITLE: Ansel "image" SQL Injection and Script Insertion Vulnerabilities SECUNIA ADVISORY ID: SA12856 VERIFY ADVISORY: http://secunia.com/advisories/12856/ CRITICAL: Moderately critical IMPACT: Cross Site Scripting, Manipulation of data WHERE: From remote SOFTWARE: Ansel 2.x...