9 matches found
EUVD-2020-7753
Malware in sbrugna...
CVE-2020-7050
Codologic Codoforum through 4.8.4 allows a DOM-based XSS. While creating a new topic as a normal user, it is possible to add a poll that is automatically loaded in the DOM once the thread/topic is opened. Because session cookies lack the HttpOnly flag, it is possible to steal authentication cooki...
Paessler PRTG Traffic Grapher 6.2.1.945 Cross Site Scripting
aushack.com - Vulnerability Advisory ----------------------------------------------- Release Date: 08-Jun-2010 Software: Paessler - PRTG Traffic Grapher http://www.paessler.com "PRTG Network Monitor runs 24/7 on a Windows-based machine within your network, recording network usage parameters...
[Full-Disclosure] Symantec Gateway Security Management Service Cross Site Scripting
Symantec Gateway Security Management Service Cross Site Scripting Product: Symantec Gateway Security 2.0 Date: 02/25/2004 Author: Brian Soby, Raytheon 1. Overview ---------------------------------------- A cross site scripting vulnerability exists in Symantec Gateway Security's management service...
PostNuke 0.6/0.7 web_links Module - TTitle Cross-Site Scripting
source: https://www.securityfocus.com/bid/8374/info It has been reported that a cross site scripting vulnerability exists in the Downlaods and WebLinks modules of PostNuke. It is possible that an attacker may construct a link containing malicious script code that could be executed in a browser of...
PostNuke 0.6/0.7 Downloads Module - TTitle Cross-Site Scripting
source: https://www.securityfocus.com/bid/8374/info It has been reported that a cross site scripting vulnerability exists in the Downlaods and WebLinks modules of PostNuke. It is possible that an attacker may construct a link containing malicious script code that could be executed in a browser of...
LedNews 0.7 Post Script - Code Injection
source: https://www.securityfocus.com/bid/7920/info It has been reported that LedNews does not properly filter input from news posts. Because of this, it may be possible for an attacker to steal authentication cookies or perform other nefarious activities...
W-Agora 4.1.6 - EditForm.php Cross-Site Scripting
W-Agora 4.1.6 - EditForm.php Cross-Site Scripting source: https://www.securityfocus.com/bid/6464/info W-Agora is a freely available, open source PHP forum software package. It is available for Unix and Linux systems. A problem with W-Agora may make cross-site scripting attacks possible. It has be...
W-Agora 4.1.6 - 'EditForm.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/6464/info W-Agora is a freely available, open source PHP forum software package. It is available for Unix and Linux systems. A problem with W-Agora may make cross-site scripting attacks possible. It has been reported that W-Agora has a vulnerability in th...