MG2 0.5.1 Cross Site Scripting

MG2 0.5.1 Multiple XSS Vulnerabilities Vendor: MiniGal Product web page: http://www.minigal.dk Affected version: 0.5.1 Summary: MG2 is the sequel to the popular image gallery script MiniGal. One of the highlights of MG2 is, that it supports PHP running in safe mode which is unsupported by almost...

Multiple Vulnerabilities in IWantOneButton WordPress Plugin

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in IWantOneButton WordPress Plugin which could be exploited to perform cross-site scripting and SQL injection attacks. 1 Cross-site scripting XSS vulnerability in IWantOneButton WordPress Plugin The vulnerability...

Cross-site Scripting (XSS) Vulnerability in NinkoBB

High-Tech Bridge SA Security Research Lab has discovered vulnerability in NinkoBB which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in NinkoBB: CVE-2010-4874 The vulnerability exists due to input sanitation error in parameters...

Micro CMS v1.0 b1 Persistent XSS Vulnerability

Exploit for php platform in category web applications ============================================== Micro CMS v1.0 b1 Persistent XSS Vulnerability ============================================== Class: Persistent Cross-Site Scripting Severity: High Overview: --------- Micro CMS is prone to...

Oracle Application Server Portal Cross Site Scripting

Oracle Application Server is a multi-platform solution for developing and deploying enterprise applications and web sites. The server ships with several additional components that extend its functionality. Oracle's Single Sign-On Server SSO was part of Oracle Application Server till version...

FreeBSD : typo3 -- multiple vulnerabilities (653606e9-f6ac-11dd-94d9-0030843d3802)

Secunia reports : Some vulnerabilities have been reported in Typo3, which can be exploited by malicious people to bypass certain security restrictions, conduct cross-site scripting and session fixation attacks, and compromise a vulnerable system. The 'Install tool' system extension uses...

phpBB Photo Album Module <= 2.0.53 Multiple Vulnerabilities

The installed version of phpBB on the remote host includes a photo album module that has multiple vulnerabilities: - A SQL Injection Vulnerability An attacker can pass arbitrary SQL code through the 'mode' parameter of the 'albumsearch.php' script to manipulate database queries. - Various...

Macromedia Dreamweaver MX 6.0 - PHP User Authentication Suite Cross-Site Scripting

source: https://www.securityfocus.com/bid/8339/info It is possible to create an authentication or access control page, using Dreamweaver MX PHP Authentication Suite. This script will generate an error page that contains dynamic content when a user fails to authenticate correctly to the site. A...