25 matches found
EUVD-2005-1784
Malware in sbrugna...
EUVD-2005-1785
Malware in sbrugna...
BookReview 1.0 add_url.htm node Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/13783/info BookReview is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have...
BookReview 1.0 add_classification.htm isbn Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/13783/info BookReview is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have...
BookReview 1.0 add_booklist.htm node Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/13783/info BookReview is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have...
BookReview 1.0 add_contents.htm Multiple Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/13783/info BookReview is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have...
BookReview beta 1.0 Multiple Vulnerabilities - Active Check
BookReview is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2005 Josh Zlatin-Amishav Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2005-1783
BookReview beta 1.0 allows remote attackers to obtain the path of the web server via certain parameters to search.htm, possibly due to a searchstring parameter with a missing value or an incorrect submittype value, which reveals the path in the resulting error message. NOTE: it is not clear wheth...
CVE-2005-1782
Multiple cross-site scripting XSS vulnerabilities in BookReview beta 1.0 allow remote attackers to inject arbitrary web script or HTML via the node parameter to 1 addreview.htm, 2 suggestreview.htm, 3 suggestcategory.htm, 4 addbooklist.htm, or 5 addurl.htm, the isbn parameter to 6 addreview.htm, ...
CVE-2005-1783
CVE-2005-1783 : BookReview beta 1.0 is vulnerable to a path-disclosure flaw. An attacker can trigger the web server to reveal its filesystem path via parameters to search.htm (likely a missing value in search[string] or an incorrect submit[type]). This is a network-accessible issue with low compl...
CVE-2005-1783
BookReview beta 1.0 allows remote attackers to obtain the path of the web server via certain parameters to search.htm, possibly due to a searchstring parameter with a missing value or an incorrect submittype value, which reveals the path in the resulting error message. NOTE: it is not clear wheth...
CVE-2005-1782
BookReview beta 1.0 is affected by multiple cross-site scripting (XSS) vulnerabilities due to lack of input sanitization. Concrete vectors include injecting script via: node parameter on add_review.htm, suggest_review.htm, suggest_category.htm, add_booklist.htm, add_url.htm; isbn parameter on add...
BookReview 1.0 Multiple Script XSS
The remote host is running the BookReview software. The remote version of this software is vulnerable to multiple cross-site scripting attacks due to a lack of sanitization of user-supplied data. Successful exploitation of this issue may allow an attacker to use the remote server to perform an...
CVE-2005-1782
Multiple cross-site scripting XSS vulnerabilities in BookReview beta 1.0 allow remote attackers to inject arbitrary web script or HTML via the node parameter to 1 addreview.htm, 2 suggestreview.htm, 3 suggestcategory.htm, 4 addbooklist.htm, or 5 addurl.htm, the isbn parameter to 6 addreview.htm, ...
BookReview 1.0 - 'contact.htm?user' Cross-Site Scripting
source: https://www.securityfocus.com/bid/13783/info BookReview is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code executed in...
BookReview 1.0 - suggest_category.htm?node Cross-Site Scripting
BookReview 1.0 - suggestcategory.htm?node Cross-Site Scripting source: https://www.securityfocus.com/bid/13783/info BookReview is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may...
BookReview 1.0 - add_review.htm Multiple Cross-Site Scripting Vulnerabilities
BookReview 1.0 - addreview.htm Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/13783/info BookReview is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An...
BookReview 1.0 - 'suggest_category.htm?node' Cross-Site Scripting
source: https://www.securityfocus.com/bid/13783/info BookReview is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code executed in...
BookReview 1.0 - 'search.htm?submit string' Cross-Site Scripting
source: https://www.securityfocus.com/bid/13783/info BookReview is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code executed in...
BookReview 1.0 - 'add_contents.htm' Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/13783/info BookReview is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code executed in...