Parallels Plesk Sitebuilder Persistent Xss Vulnerability

Exploit for php platform in category web applications ======================================================== Parallels Plesk Sitebuilder Persistent Xss Vulnerability ======================================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0...

XSS vulnerability in Diem

Vulnerability ID: HTB22459 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityindiem1.html Product: Diem Vendor: Diem team Vulnerable Version: 5.1.2 and Probably Prior Versions Vendor Notification: 29 June 2010 Vulnerability Type: XSS Cross Site Scripting Status: Not Fixed, Vendor Alerted...

WordPress Plugin Firestats 1.6.5 - Multiple Cross-Site Scripting Vulnerabilities

WordPress Plugin Firestats 1.6.5 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/41548/info FireStats is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issue...

Smart ASP Survey - Cross-Site Scripting / SQL Injection

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : Inj3ct0r.com 0 1 + Support e-mail :...

PHPAccess - SQL Injection

Author: L0rd CrusAd3r aka VSN [email protected] Exploit Title:PHPAccess SQLi Vulnerability Version:n/a Vendor url:http://www.krizleebear.de Published: 2010-06-09 Greetz to:Sid3^effects, MaYur, M4n0j, Dark Blue™®, S1ayer,d3c0d3r and to all ICW members PHPAccess SQLi Vulnerability Author: L0rd...

SQL injection vulnerability in Ecomat CMS

Vulnerability ID: HTB22390 Reference: http://www.htbridge.ch/advisory/sqlinjectionvulnerabilityinecomatcms.html Product: Ecomat CMS Vendor: Codefabrik GmbH Vulnerable Version: 5.0 and Probably Prior Versions Vendor Notification: 18 May 2010 Vulnerability Type: SQL Injection Status: Not Fixed,...

Update Protection against IBM Lotus Domino Web Access ActiveX Controls Buffer Overflow

A vulnerability has been reported in IBM Lotus Domino, a Web browser-based client platform that provides functionality similar to that of IBM Lotus Notes. The vulnerability is due to a boundary error while handling malformed data passed to the iNotes Web Access ActiveX controls. A remote attacker...

MySmartBB 1.7 - Multiple Cross-Site Scripting Vulnerabilities

MySmartBB 1.7 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/38385/info MySmartBB is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute...

[SECURITY] Fedora 11 Update: roundcubemail-0.3.1-2.fc11

RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...

Blaze Apps Multiple Vulnerabilities

www.BugReport.ir AmnPardaz Security Research Team Title: Blaze Apps Multiple Vulnerabilities Vendor: http://blazeapps.codeplex.com Vulnerable Version: 1.4.0.051909 and prior versions Exploitation: Remote with browser Fix: N/A - Description: Blaze Apps is a ASP .NET 2 Content Management System. It...

WD-CMS 3.0 XSS / File Disclosure

Exploit Title: WD-CMS 3.0 Multiple Vulnerabilities Date: December 31st, 2009 Author: Sora Software Link: http://www.webdiamond.net/cms.html Version: 3.0 Tested on: Windows Vista and Linux Backtrack 3 --------------------------------------------------------------- WD-CMS 3.0 Multiple Vulnerabiliti...

WD-CMS 3.0 Multiple Vulnerabilities

Exploit for unknown platform in category web applications =================================== WD-CMS 3.0 Multiple Vulnerabilities =================================== Exploit Title: WD-CMS 3.0 Multiple Vulnerabilities Date: December 31st, 2009 Author: Sora Software Link:...

Apache Tomcat 3.2.1 - 404 Error Page Cross-Site Scripting

Apache Tomcat 3.2.1 - 404 Error Page Cross-Site Scripting Apache Tomcat is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...

Sugar CRM 5.5.0.RC2 and 5.2.0j Multiple Remote Vulnerabilities

No description provided by source. Author: Janek Vind 'waraxe' Vulnerable: SugarCRM SugarCRM 5.5.0.RC2 SugarCRM SugarCRM 5.2.0j Product: http://www.sugarcrm.com/crm/ Description: SugarCRM is prone to multiple remote vulnerabilities, including: 1. Multiple SQL-injection vulnerabilities 2. Multiple...

HP Power Manager Remote Code Execution

Added: 11/06/2009 CVE: CVE-2009-2685 BID: 36933 OSVDB: 59684 Background HP Power Manager is a web-based application that enables administrators to manage an HP UPS from a browser-based management console. Problem A stack-based buffer overflow in the HP Power Manager management web server allows...

HP Power Manager Remote Code Execution

Added: 11/06/2009 CVE: CVE-2009-2685 BID: 36933 OSVDB: 59684 Background HP Power Manager is a web-based application that enables administrators to manage an HP UPS from a browser-based management console. Problem A stack-based buffer overflow in the HP Power Manager management web server allows...

Claroline 1.8.11 - '/claroline/linker/notfound.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/34883/info Claroline is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in th...

RazorCMS 0.3RC2 - Multiple Vulnerabilities

RazorCMS 0.3RC2 - Multiple Vulnerabilities source: https://www.securityfocus.com/bid/34566/info razorCMS is prone to a local information-disclosure vulnerability, a local access-validation vulnerability, a security-bypass vulnerability, and multiple cross-site-scripting vulnerabilities. Attackers...

Fedora Update for roundcubemail FEDORA-2008-5333

Check for the Version of roundcubemail OpenVAS Vulnerability Test Fedora Update for roundcubemail FEDORA-2008-5333 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

Fedora Update for roundcubemail FEDORA-2008-5315

Check for the Version of roundcubemail OpenVAS Vulnerability Test Fedora Update for roundcubemail FEDORA-2008-5315 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...