345 matches found
Ninja Blog 4.8 XSRF / XSS
Vendor: http://ninjadesigns.co.uk Versions: Ninja Blog 4.8 May also affect earlier versions Credit: Danny Moules Critical: Yes See PUSH 55 Advisory at https://www.push55.co.uk/index.php?s=ad&id=7 ---- Due to insufficient validation of client-side data, we can inject script directly into the...
Ninja Blog 4.8 (CSRF/HTML Injection) Vulnerability
Exploit for unknown platform in category web applications ================================================== Ninja Blog 4.8 CSRF/HTML Injection Vulnerability ================================================== Vendor: http://ninjadesigns.co.uk Versions: Ninja Blog 4.8 May also affect earlier...
PHPAds 2.0 Multiple Remote Vulnerabilities
No description provided by source. Vendor: http://blondish.net Versions: PHPAds 2.0 May also affect earlier versions Credit: Danny Moules Critical: Yes See PUSH 55 Advisory at http://www.push55.co.uk/advisories.php?id=8 ---- First, we need to acquire administrative access. We point our browser at...
CVE-2006-3914
Cross-site scripting XSS vulnerability in Blackboard Academic Suite 6.2.3.23 allows remote authenticated users to inject arbitrary HTML or web script by bypassing client-side validation through disabling JavaScript when submitting an essay response, which has no server-side validation before bein...
Portcullis Security Advisory 05-007
Portcullis Security Advisory Vulnerable System: Webseries Payment Application Vulnerability Title: Password Policy Implemented At Client rather than Server Vulnerability discovery and development: Portcullis Security Testing Services Affected systems: Bottomline Webseries Payment Application...