3872 matches found
CVE-2006-1434
Cross-site scripting XSS vulnerability in inscription.php in Annuaire Directory 1.0 allows remote attackers to inject arbitrary web script or HTML via the Comment Field COMMENTAIRE parameter...
CVE-2006-1554
Cross-site scripting XSS vulnerability in VSNS Lemon 3.2.0 allows remote attackers to inject arbitrary web script or HTML via the name parameter while adding a comment...
CVE-2006-1554
Cross-site scripting XSS vulnerability in VSNS Lemon 3.2.0 allows remote attackers to inject arbitrary web script or HTML via the name parameter while adding a comment...
Cross site scripting
Cross-site scripting XSS vulnerability in FTPoed Blog Engine 1.1 allows remote attackers to inject arbitrary web script or HTML via the commentbody parameter, as used by the comment field, when posting a comment...
CVE-2006-1143
Cross-site scripting XSS vulnerability in FTPoed Blog Engine 1.1 allows remote attackers to inject arbitrary web script or HTML via the commentbody parameter, as used by the comment field, when posting a comment...
CVE-2006-1143
Cross-site scripting XSS vulnerability in FTPoed Blog Engine 1.1 allows remote attackers to inject arbitrary web script or HTML via the commentbody parameter, as used by the comment field, when posting a comment...
CVE-2006-1127
Cross-site scripting XSS vulnerability in Gallery 2 up to 2.0.2 allows remote attackers to inject arbitrary web script or HTML via the X-Forwarded-For XFORWARDEDFOR HTTP header, which is not properly handled when adding a comment to an album...
sBlog_0.72_xss.txt
sBlog 0.7.2 == Multiple Cross-Site Scripting Vulnerability =================================== Information of Software: Software: sBlog 0.7.2 Site: http://servous.se/ Description: sBlog is a simple and new PHP Blog. Is very very simple and it's use by newbie of PHP...
CVE-2006-1012
SQL injection vulnerability in WordPress 1.5.2, and possibly other versions before 2.0, allows remote attackers to execute arbitrary SQL commands via the User-Agent field in an HTTP header for a comment...
CVE-2006-1012
SQL injection vulnerability in WordPress 1.5.2, and possibly other versions before 2.0, allows remote attackers to execute arbitrary SQL commands via the User-Agent field in an HTTP header for a comment...
CVE-2006-0985
Multiple cross-site scripting XSS vulnerabilities in the "post comment" functionality of WordPress 2.0.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 name, 2 website, and 3 comment parameters...
DEBIAN-CVE-2006-0985
Multiple cross-site scripting XSS vulnerabilities in the "post comment" functionality of WordPress 2.0.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 name, 2 website, and 3 comment parameters...
guestbook06.txt
author.: l0om - www.excluded.org product: guestbox latest non-BETA 0.6 page: http://spring.realone.ch dork: "Login - Guestbox 0.6" inurl:guestbox.php someone asked me to check the guestbook named "guestbox" and thats the advisory based on my checks. 1.0 everyone can set admin comments to all...
CVE-2006-0859
Michael Salzer Guestbox 0.6, and other versions before 0.8, allows remote attackers to post an admin comment to a guestbook entry via a certain modified form, possibly related to the nummer parameter...
Design/Logic Flaw
Michael Salzer Guestbox 0.6, and other versions before 0.8, allows remote attackers to post an admin comment to a guestbook entry via a certain modified form, possibly related to the nummer parameter...
CVE-2006-0859
Michael Salzer Guestbox 0.6, and other versions before 0.8, allows remote attackers to post an admin comment to a guestbook entry via a certain modified form, possibly related to the nummer parameter...
CVE-2006-0859
CVE-2006-0859 affects Michael Salzer Guestbox 0.6 and earlier versions up to 0.7/0.8 pre-release? It describes a vulnerability where remote attackers can post an admin comment to a guestbook entry via a modified form, possibly related to the nummer parameter. The connected sources corroborate the...
siteframe_5.0.2_xss.txt
Siteframe Beaumont 5.0.2 == User Comment Cross-Site Scripting Vulnerability Information of Software: Software: Siteframe Beaumont 5.0.1a Site: http://www.siteframe.org/ Description of software: Siteframe is a lightweight content-management system designed for the rapid deployment of community-bas...
[SA18924] PerlBLOG Multiple Vulnerabilities
TITLE: PerlBLOG Multiple Vulnerabilities SECUNIA ADVISORY ID: SA18924 VERIFY ADVISORY: http://secunia.com/advisories/18924/ CRITICAL: Moderately critical IMPACT: Security Bypass, Cross Site Scripting WHERE: From remote SOFTWARE: PerlBLOG 1.x http://secunia.com/product/8128/ DESCRIPTION: Aliaksand...
Cross site scripting
Cross-site scripting XSS vulnerability in sNews 1.3 allows remote attackers to inject arbitrary web script or HTML via the comment field...