73 matches found
WordPress Core 1.2.1/1.2.2 - 'link-add.php' Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/11984/info Wordpress is reported vulnerable to multiple cross-site scripting, HTML injection, and SQL injection vulnerabilities. These issues are due to a lack of proper sanitization of user-supplied data. The cross-site scripting and HTML injection issue...
WordPress Core 1.2.1/1.2.2 - '/wp-admin/templates.php?file' Cross-Site Scripting
source: https://www.securityfocus.com/bid/11984/info Wordpress is reported vulnerable to multiple cross-site scripting, HTML injection, and SQL injection vulnerabilities. These issues are due to a lack of proper sanitization of user-supplied data. The cross-site scripting and HTML injection issue...
Linux Kernel: Multiple information leaks
Background The Linux kernel is responsible for managing the core aspects of a GNU/Linux system, providing an interface for core system applications as well as providing the essential structure and capability to access hardware that is needed for a running system. Description The Linux kernel allo...
Comersus Open Technologies Comersus 5.0 - comersus_message.asp Cross-Site Scripting
Comersus Open Technologies Comersus 5.0 - comersusmessage.asp Cross-Site Scripting source: https://www.securityfocus.com/bid/10674/info Comersus Cart is reported prone to multiple vulnerabilities. These issues may allow a remote attacker to carry out cross-site scripting attacks and manipulate...
OpenBB 1.0.x - board.php?FID SQL Injection
OpenBB 1.0.x - board.php?FID SQL Injection source: https://www.securityfocus.com/bid/10214/info It has been reported that OpenBB is affected by multiple input validation vulnerabilities. These issues are due to a failure of the application to properly sanitize user supplied user input. The SQL...
Microsoft Internet Explorer 56 Mozilla 1.2.1 - URI Display Obfuscation (1)
Microsoft Internet Explorer 56 Mozilla 1.2.1 - URI Display Obfuscation 1 source: https://www.securityfocus.com/bid/9182/info A weakness has been reported in multiple browsers that may allow attackers to obfuscate the URI for a visited page. The problem is said to occur when a URI designed to pass...
ImageFolio 2.2x/3.0/3.1 - 'Admin.cgi' Directory Traversal
source: https://www.securityfocus.com/bid/7828/info ImageFolio 'admin.cgi' has been reported prone to a directory traversal vulnerability. By supplying directory traversal sequences, as a URI parameter, to the 'admin.cgi' script an attacker may break out of the web root directory. Successful...
WebChat 2.0 - users.php Cross-Site Scripting
WebChat 2.0 - users.php Cross-Site Scripting source: https://www.securityfocus.com/bid/7779/info WebChat has been reported prone to a cross-site scripting vulnerability. WebChat does not adequately filter script code from URI parameters, making it prone to cross-site scripting attacks...
M-TECH P-Synch 6.2.5 - nph-psf.exe?css Cross-Site Scripting
M-TECH P-Synch 6.2.5 - nph-psf.exe?css Cross-Site Scripting source: https://www.securityfocus.com/bid/7745/info P-Synch does not adequately filter HTML code from URL parameters, making it prone to cross-site scripting attacks. Code will be executed in the security context of the system running...
phpLinkat 0.1 - Multiple Cross-Site Scripting Vulnerabilities
phpLinkat 0.1 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/5890/info Reportedly, phpLinkat is prone to cross site scripting attacks. An attacker may exploit this vulnerability by enticing a victim user to follow a malicious link containing HTML and...
CVE-2002-0770
Quake 2 Q2 server 3.20 and 3.21 allows remote attackers to obtain sensitive server cvar variables, obtain directory listings, and execute Q2 server admin commands via a client that does not expand "$" macros, which causes the server to expand the macros and leak the information, as demonstrated...
MiniBB 1.2 - Cross-Site Scripting
source: https://www.securityfocus.com/bid/4619/info MiniBB is web forum software. It is written in PHP and will run on most Unix and Linux variants as well as Microsoft Windows operating systems. MiniBB does not filter script code from URL parameters, making it prone to cross-site scripting...
Cisco IOS 1112 - SNMP Message Denial of Service
Cisco IOS 1112 - SNMP Message Denial of Service // source: https://www.securityfocus.com/bid/4132/info Cisco products contain multiple vulnerabilities in handling of SNMP requests and traps. A general report for multiple vendors was initially published on February 12 Bugtraq IDs 4088 and 4089,...