MODx CMS 0.9.6.1 Multiple Remote Vulnerabilities

No description provided by source. WwW.BugReport.ir AmnPardaz Security Research Team Title: MODx CMS Vulnerabilities Vendor: http://modxcms.com Bugs: Source code disclosure, local file inclusion Vulnerable Version: 0.9.6.1 prior versions also may be affected Exploitation: Remote with browser...

MODx CMS 0.9.6.1 - Multiple Vulnerabilities

MODx CMS 0.9.6.1 - Multiple Vulnerabilities WwW.BugReport.ir AmnPardaz Security Research Team Title: MODx CMS Vulnerabilities Vendor: http://modxcms.com Bugs: Source code disclosure, local file inclusion Vulnerable Version: 0.9.6.1 prior versions also may be affected Exploitation: Remote with...

MODx CMS 0.9.6.1 - Multiple Vulnerabilities

WwW.BugReport.ir AmnPardaz Security Research Team Title: MODx CMS Vulnerabilities Vendor: http://modxcms.com Bugs: Source code disclosure, local file inclusion Vulnerable Version: 0.9.6.1 prior versions also may be affected Exploitation: Remote with browser Fix Available: No! - Description: quote...

MODx CMS 0.9.6.1 Multiple Remote Vulnerabilities

Exploit for unknown platform in category web applications ================================================ MODx CMS 0.9.6.1 Multiple Remote Vulnerabilities ================================================ AmnPardaz Security Research Team Title: MODx CMS Vulnerabilities Vendor: http://modxcms.com...

openSUSE 10 Security Update : horde (horde-1868)

This update fixes the following two security issues in the Horde Application Framework : - CVE-2006-3548: Multiple cross-site scripting XSS vulnerabilities allow remote attackers to inject arbitrary web script or HTML via a 1 JavaScript URI or an external 2 http, 3 https, or 4 ftp URI in the url...

CVE-2004-2741

Cross-site scripting XSS vulnerability in the "help window" help.php in Horde Application Framework 2.2.6 allows remote attackers to inject arbitrary web script or HTML via the 1 module, 2 topic, or 3 module parameters...

CVE-2004-2741

The CVE covers a Cross-site scripting (XSS) vulnerability in Horde Application Framework 2.2.6, specifically in the Help Window (help.php) of the Horde Help subsystem. The issue arises from improper sanitization of three parameters (module, topic, and module) that can be exploited remotely to inj...

bitweaver-xss.txt

-=--------------------ADVISORY-------------------=- bitweaver 1.3.1 Author: CorryL [email protected] -=-----------------------------------------------=- -=+ Application: bitweaver -=+ Version: 1.3.1 -=+ Vendor's URL: http://www.bitweaver.org/articles/ -=+ Platform: Windows\Linux\Unix -=+ Bug typ...

MODx CMS <= 0.9.2.1 (FCKeditor) Remote File Include Vulnerability

No description provided by source. +------------------------------------------------------------------------------------------- + MODx CMS 0.9.2.1 basepath Remote File Include Vulnerability +------------------------------------------------------------------------------------------- + Affected...

MODx CMS <= 0.9.2.1 (FCKeditor) Remote File Include Vulnerability

Exploit for unknown platform in category web applications ================================================================= MODx CMS include $basepath."manager/media/browser/mcpuk/connectors/php/Command...

MODx CMS 0.9.2.1 - FCKeditor Remote File Inclusion

MODx CMS 0.9.2.1 - FCKeditor Remote File Inclusion +------------------------------------------------------------------------------------------- + MODx CMS 0.9.2.1 basepath Remote File Include Vulnerability +------------------------------------------------------------------------------------------...

MODx CMS 0.9.2.1 - &#039;FCKeditor&#039; Remote File Inclusion

+------------------------------------------------------------------------------------------- + MODx CMS 0.9.2.1 basepath Remote File Include Vulnerability +------------------------------------------------------------------------------------------- + Affected Software .: MODx CMS 0.9.2.1 + Vendor...

MODx CMS 0.9.2.1 &#40;base_path&#41; Remote File Include Vulnerability

+------------------------------------------------------------------------------------------- + MODx CMS 0.9.2.1 basepath Remote File Include Vulnerability +------------------------------------------------------------------------------------------- + Affected Software .: MODx CMS 0.9.2.1 + Vendor...

Debian DSA-1033-1 : horde3 - several vulnerabilities

Several remote vulnerabilities have been discovered in the Horde web application framework, which may lead to the execution of arbitrary web script code. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2005-4190 Several Cross-Site-Scripting vulnerabiliti...

CVE-2006-4256

index.php in Horde Application Framework before 3.1.2 allows remote attackers to include web pages from other sites, which could be useful for phishing attacks, via a URL in the url parameter, aka "cross-site referencing." NOTE: some sources have referred to this issue as XSS, but it is different...

CVE-2006-4256

index.php in Horde Application Framework before 3.1.2 allows remote attackers to include web pages from other sites, which could be useful for phishing attacks, via a URL in the url parameter, aka "cross-site referencing." NOTE: some sources have referred to this issue as XSS, but it is different...

CVE-2006-4256

index.php in Horde Application Framework before 3.1.2 allows remote attackers to include web pages from other sites, which could be useful for phishing attacks, via a URL in the url parameter, aka "cross-site referencing." NOTE: some sources have referred to this issue as XSS, but it is different...

CVE-2006-4256

The CVE-2006-4256 issue affects the Horde Application Framework prior to 3.1.2, where index.php can include web pages from other sites via the url parameter, enabling cross-site referencing that could aid phishing. Affected platforms and advisories corroborate remote inclusion risks, with related...

CVE-2006-3548

Multiple cross-site scripting XSS vulnerabilities in Horde Application Framework 3.0.0 through 3.0.10 and 3.1.0 through 3.1.1 allow remote attackers to inject arbitrary web script or HTML via a 1 javascript URI or an external 2 http, 3 https, or 4 ftp URI in the url parameter in services/go.php a...

CVE-2006-3549

services/go.php in Horde Application Framework 3.0.0 through 3.0.10 and 3.1.0 through 3.1.1 does not properly restrict its image proxy capability, which allows remote attackers to perform "Web tunneling" attacks and use the server as a proxy via 1 http, 2 https, and 3 ftp URL in the url parameter...