Lucene search
+L

737 matches found

exploitpack
exploitpack
added 2007/11/12 12:0 a.m.13 views

Miro Broadcast Machine 0.9.9 - login.php Cross-Site Scripting

Miro Broadcast Machine 0.9.9 - login.php Cross-Site Scripting source: https://www.securityfocus.com/bid/26407/info Miro Broadcast Machine is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue allows attackers to execut...

6.8AI score
Exploits0
Exploit DB
Exploit DB
added 2007/11/12 12:0 a.m.23 views

Miro Broadcast Machine 0.9.9 - 'login.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/26407/info Miro Broadcast Machine is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue allows attackers to execute arbitrary HTML or script code in a user's browser session in...

7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2007/11/09 12:0 a.m.21 views

FreeBSD : tikiwiki -- multiple vulnerabilities (20a4eb11-8ea3-11dc-a396-0016179b2dd5)

Secunia reports : Some vulnerabilities have been reported in TikiWiki, which can be exploited by malicious people to conduct cross-site scripting and script insertion attacks and disclose potentially sensitive information. Input passed to the username parameter in tiki-remindpassword.php when...

7.5CVSS5.4AI score0.03024EPSS
Exploits1References5
Exploit DB
Exploit DB
added 2007/11/07 12:0 a.m.76 views

Computer Associates SiteMinder - Web Agent Smpwservices.FCC Cross-Site Scripting

source: https://www.securityfocus.com/bid/26375/info Computer Associates SiteMinder Web Agent is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue allows attackers to execute arbitrary HTML or script code in a user's...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2007/11/02 12:0 a.m.12 views

Helios Calendar 1.11.2 - adminindex.php Cross-Site Scripting

Helios Calendar 1.11.2 - adminindex.php Cross-Site Scripting source: https://www.securityfocus.com/bid/26312/info Helios Calendar is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue allows attackers to execute...

6.8AI score
Exploits0
FreeBSD
FreeBSD
added 2007/10/29 12:0 a.m.26 views

wordpress -- cross-site scripting

A Secunia Advisory report: Input passed to the "postscolumns" parameter in wp-admin/edit-post-rows.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site...

2.6CVSS6.5AI score0.07003EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2007/10/17 12:0 a.m.44 views

phpmyadmin -- cross-site scripting vulnerability

The DigiTrust Group discovered serious XSS vulnerability in the phpMyAdmin serverstatus.php script. According to their report vulnerability can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site...

4.3CVSS6.4AI score0.03326EPSS
Exploits0References2
securityvulns
securityvulns
added 2007/10/08 12:0 a.m.72 views

Directory Image Gallery XSS vuln.

Sunday, 7 October 2007 Directory Image Gallery XSS vuln. Vuln. discovered by : r0t Date: 7 October 2007 Vendor:http://splitside.net/store/index.php?mainpage=productinfo&productsid=1 affected versions:Directory Image Gallery 1.1 other versions also can be affected. Directory Image Gallery contains...

1AI score
Exploits0
FreeBSD
FreeBSD
added 2007/08/27 12:0 a.m.19 views

tikiwiki -- multiple vulnerabilities

Secunia reports: Some vulnerabilities have been reported in TikiWiki, which can be exploited by malicious people to conduct cross-site scripting and script insertion attacks and disclose potentially sensitive information. Input passed to the username parameter in tiki-remindpassword.php when remi...

7.5CVSS6.8AI score0.03024EPSS
Exploits1References2
Cisco
Cisco
added 2007/08/08 4:55 p.m.21 views

Cisco Unified MeetingPlace Template Cross-Site Scripting Vulnerability

Cisco Unified MeetingPlace versions prior to 5.3.235.0 contain a vulnerability that could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks. This vulnerability exists due to insufficient filtering of parameters by Cisco Unified MeetingPlace. An unauthenticated,...

4.3CVSS6.8AI score0.01569EPSS
Exploits0References1
securityvulns
securityvulns
added 2007/08/03 12:0 a.m.56 views

OpenWebMail Multiple XSS vuln.

OpenWebMail Multiple XSS vuln. Vuln. discovered by : r0t Date: 2 August 2007 vendor:openwebmail.org orginal advisory: http://pridels-team.blogspot.com/2007/08/openwebmail-multiple-xss-vuln.html affected versions:2.52 20060831 and previous OpenWebMail contains multiple flaws that allows a remote...

6.8AI score
Exploits0
seebug.org
seebug.org
added 2007/07/26 12:0 a.m.21 views

LinkedIn IE工具栏IEContextMenu控件远程溢出漏洞

BUGTRAQ ID: 25032 LinkedIn是一个联网工具,帮助用户在线寻找各类工作或业务联系人。 LinkedIn的IEToolbar.IEContextMenu.1 ActiveX控件实现上存在缓冲区溢出漏洞,远程攻击者可能利用此漏洞控制用户机器。 LinkedIn工具栏的IEToolbar.IEContextMenu.1(LinkedInIEToolbar.dll)控件在处理Search方式时将VARIANT用作了varBrowser参数,如果用户受骗访问了恶意网页的话就可能触发缓冲区溢出,导致在用户浏览器会话中执行任意指令。 LinkedIn IE Toolbar...

6.9AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2007/03/26 12:0 a.m.36 views

GLSA-200703-23 : WordPress: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200703-23 WordPress: Multiple vulnerabilities WordPress contains cross-site scripting or cross-site scripting forgery vulnerabilities reported by: g30rg3x in the 'year' parameter of the wptitle function Alexander Concha in the...

6.8CVSS5.5AI score0.07315EPSS
Exploits2References6
Exploit DB
Exploit DB
added 2007/01/05 12:0 a.m.70 views

Adobe Acrobat Reader Plugin 7.0.x - 'acroreader' Cross-Site Scripting

Stefano Di Paola http://www.wisec.it/ From Secunia: Input passed to a hosted PDF file is not properly sanitised by the browser plug-in before being returned to users. This can be exploited to execute arbitrary script code in a user's browser session in context of an affected site. Example: -...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2006/12/22 12:0 a.m.20 views

Oracle Portal 9i/10g - Container_Tabs.jsp Cross-Site Scripting

source: https://www.securityfocus.com/bid/21717/info Oracle Portal is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input before returning it to the user. An attacker can exploit this issue to execute arbitrary HTML and script code in a userâ??s...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2006/12/22 12:0 a.m.12 views

Oracle Portal 9i10g - Container_Tabs.jsp Cross-Site Scripting

Oracle Portal 9i10g - ContainerTabs.jsp Cross-Site Scripting source: https://www.securityfocus.com/bid/21717/info Oracle Portal is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input before returning it to the user. An attacker can exploit this...

6.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2006/09/05 12:0 a.m.26 views

FreeBSD : mailman -- Multiple Vulnerabilities (fffa9257-3c17-11db-86ab-00123ffe8333)

Secunia reports : Mailman can be exploited by malicious people to conduct cross-site scripting and phishing attacks, and cause a DoS Denial of Service. 1 An error in the logging functionality can be exploited to inject a spoofed log message into the error log via a specially crafted URL. Successf...

7.5CVSS6AI score0.06425EPSS
Exploits1References6
Packet Storm
Packet Storm
added 2006/09/01 12:0 a.m.22 views

hlstats.txt

Hello, world ; Input passed to multiple parameters in index.php isn't properly sanitised before being returned to the user. This can be exploited to execute HTML and script code in a user's browser session in context of an affected site with limitation of ' and ". This may also affect prior...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2006/08/31 12:0 a.m.39 views

XSS in HLstats 1.34

Hello, world ; Input passed to multiple parameters in index.php isn't properly sanitised before being returned to the user. This can be exploited to execute HTML and script code in a user's browser session in context of an affected site with limitation of ' and ". This may also affect prior...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2006/08/29 12:0 a.m.46 views

[SA21667] PmWiki Table Markups Script Insertion Vulnerability

TITLE: PmWiki Table Markups Script Insertion Vulnerability SECUNIA ADVISORY ID: SA21667 VERIFY ADVISORY: http://secunia.com/advisories/21667/ CRITICAL: Moderately critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: PmWiki 2.x http://secunia.com/product/6195/ DESCRIPTION: A...

0.7AI score
Exploits0
Rows per page
Query Builder