48 matches found
articlelive-xss.txt
01010111 01001001 01010010 01000101 01000100 01010011 - 01000101 01000011 01010101 01010010 01001001 01010100 - 01011001 ADVISORY: INTERSPIRE ARTICLELIVE NX XSS || 0x00: ABOUT ME || 0x01: DATELINE || 0x02: INFORMATION || 0x03: EXPLOITATION || 0x04: RISK LEVEL || 0x00: ABOUT ME Author: SkyOut Date...
CVE-2007-4147
Multiple unspecified vulnerabilities in Interspire ArticleLive NX before 1.7.1.2 have unknown impact and attack vectors, possibly related to 1 ALSANITIZE and 2 "Calling the constructor to make sure things are checked, safe mode, etc."...
Code injection
Multiple unspecified vulnerabilities in Interspire ArticleLive NX before 1.7.1.2 have unknown impact and attack vectors, possibly related to 1 ALSANITIZE and 2 "Calling the constructor to make sure things are checked, safe mode, etc."...
CVE-2007-4147
Multiple unspecified vulnerabilities in Interspire ArticleLive NX before 1.7.1.2 have unknown impact and attack vectors, possibly related to 1 ALSANITIZE and 2 "Calling the constructor to make sure things are checked, safe mode, etc."...
CVE-2007-4147
Interspire ArticleLive NX prior to 1.7.1.2 is affected by multiple unspecified vulnerabilities with unknown impact and attack vectors. The connected sources mention potential issues related to AL_SANITIZE and a constructor-related check mechanism, but no concrete exploit details, affected file/en...
CVE-2005-3726
SQL injection vulnerability in Interspire ArticleLive NX 0.3 allows remote attackers to execute arbitrary SQL commands via the Query parameter...
CVE-2005-3726
SQL injection vulnerability in Interspire ArticleLive NX 0.3 allows remote attackers to execute arbitrary SQL commands via the Query parameter...
CVE-2005-3726
Interspire ArticleLive NX 0.3 contains an SQL injection vulnerability exploitable via the Query parameter. The affected software is Interspire ArticleLive NX 0.3, with the root cause described as improper handling of the Query parameter leading to arbitrary SQL execution. According to NVD, the CV...
[SA17585] Interspire ArticleLive NX "Query" SQL Injection Vulnerability
TITLE: Interspire ArticleLive NX "Query" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA17585 VERIFY ADVISORY: http://secunia.com/advisories/17585/ CRITICAL: Moderately critical IMPACT: Manipulation of data WHERE: From remote SOFTWARE: Interspire ArticleLive NX http://secunia.com/product/6140...
Interspire ArticleLive 2005 XSS Vulnerability
The remote web server is running ArticleLive, a set of CGIs designed to simplify the management of a news site which is vulnerable to a cross site scripting issue. SPDX-FileCopyrightText: 2005 Noam Rathaus Some text descriptions might be excerpted from a referenced sources, and are Copyright C by...
articleLive2005.txt
Dcrab 's Security Advisory Hsc Security Group http://www.hackerscenter.com/ dP Security http://digitalparadox.org/ Get Dcrab's Services to audit your Web servers, scripts, networks, etc. Learn more at http://www.digitalparadox.org/services.ah SPECIAL OFFER Hire my auditing services, if I dont fin...
Interspire ArticleLive 2005 XSS problem
"Critical Security" advisory 001 www.critical.lt - security today Vulnerable product: Interspire ArcticleLive 2005 latest url: http://www.interspire.com/articlelive/demo.php Vulnerability type: Cross Site Scripting Risk: very low Credits: "Critical Security", website: http://www.critical.lt The...
CVE-2005-1482
ArticleLive 2005 allows remote attackers to gain privileges by modifying the 1 auth and 2 userId fields in a cookie...
CVE-2005-1482
ArticleLive 2005 allows remote attackers to gain privileges by modifying the 1 auth and 2 userId fields in a cookie...
CVE-2005-1483
Multiple cross-site scripting XSS vulnerabilities in ArticleLive 2005 allow remote attackers to inject arbitrary web script or HTML via the 1 Query, 2 Username, 3 LastName, 4 Biography, or 5 BlogId parameter...
CVE-2005-1482
CVE-2005-1482 affects ArticleLive 2005. Remote attackers can gain privileges by modifying the (1) auth and (2) userId fields in a cookie. The provided sources describe the cookie-tampering vulnerability and resulting privilege escalation; no explicit patch/remediation is detailed in the supplied ...
CVE-2005-1483
Multiple cross-site scripting XSS vulnerabilities in ArticleLive 2005 allow remote attackers to inject arbitrary web script or HTML via the 1 Query, 2 Username, 3 LastName, 4 Biography, or 5 BlogId parameter...
CVE-2005-1483
Interspire ArticleLive 2005 is affected by multiple XSS vulnerabilities that allow remote attackers to inject arbitrary script/HTML via the Query, Username, LastName, Biography, or BlogId parameters. A Nessus plugin also notes a session-handling flaw that could enable remote attackers to gain adm...
Authentication bypass, sql injections and xss in ArticleLive 2005
Dcrab 's Security Advisory Hsc Security Group http://www.hackerscenter.com/ dP Security http://digitalparadox.org/ Get Dcrab's Services to audit your Web servers, scripts, networks, etc. Learn more at http://www.digitalparadox.org/services.ah SPECIAL OFFER Hire my auditing services, if I dont fin...
Interspire ArticleLive Multiple Remote Vulnerabilities (XSS, Auth Bypass)
The remote host is running a version of Interspire ArticleLive that suffers from the following vulnerabilities : - A session handling flaw allowing a remote attacker to gain administrator access. - Multiple cross-site scripting vulnerabilities. The session handling vulnerability can be exploited ...