SimpNews version 2.41.03 Multiple XSS Attack Vulnerabilities

netVigilance Security Advisory 70 SimpNews version 2.41.03 Multiple XSS Attack Vulnerabilities Description: SimpNews is a news system written in PHP. Features: Data stored in MySQL, admin interface, support for multiple languages, support for multiple instances in one database, own header, multip...

CVE-2007-5012

Cross-site scripting XSS vulnerability in picture.php in PhpWebGallery 1.7.0, when Comments for all is enabled, allows remote attackers to inject arbitrary web script or HTML via the author parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third...

CVE-2007-5012

Cross-site scripting XSS vulnerability in picture.php in PhpWebGallery 1.7.0, when Comments for all is enabled, allows remote attackers to inject arbitrary web script or HTML via the author parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third...

Only allow basic formatting macros in comments

Currently it is possible for users with create comments permission to embed macros in these comments. This is a security risk and unnecessary/unwanted feature. Should a macro contain security vulnerability, we can't rely on the fact that only trusted users whom we given permission to create/edit...

FreeBSD : wordpress -- unmoderated comments disclosure (6a31cbe3-1695-11dc-a197-0011098b2f36)

Blogsecurity reports : An attacker can read comments on posts that have not been moderated. This can be a real security risk if blog admins are using unmoderated comments comments that have not been made public to hide sensitive notes regarding posts, future work, passwords etc. So please be...

Security level for attachments and screenshots

Discussing inside the team issues reported to JIRA by customers, we can hide from them our in-team comments, but cannot do it to attachments and screen-shots...

Security level for attachments and screenshots

Discussing inside the team issues reported to JIRA by customers, we can hide from them our in-team comments, but cannot do it to attachments and screen-shots...

Design/Logic Flaw

Webbler CMS before 3.1.6 provides the full installation path within HTML comments in certain documents, which allows remote attackers to obtain sensitive information by viewing the HTML source, as demonstrated by viewing the source generated from index.php...

CVE-2007-4072

Webbler CMS before 3.1.6 provides the full installation path within HTML comments in certain documents, which allows remote attackers to obtain sensitive information by viewing the HTML source, as demonstrated by viewing the source generated from index.php...

CVE-2007-4063

Multiple cross-site request forgery CSRF vulnerabilities in Drupal 5.x before 5.2 allow remote attackers to 1 delete comments, 2 delete content revisions, and 3 disable menu items as privileged users, related to improper use of HTTP GET and the Forms API...

CVE-2007-4072

Webbler CMS before 3.1.6 provides the full installation path within HTML comments in certain documents, which allows remote attackers to obtain sensitive information by viewing the HTML source, as demonstrated by viewing the source generated from index.php...

Authentication flaw

geoBlog aka BitDamaged 1 does not require authentication for 1 deletecomment.php, 2 deleteblog.php, and 3 listcomment.php in admin/, which allows remote attackers to delete arbitrary comments, delete arbitrary blogs, and have other unspecified impact via a request with a valid id parameter...

CVE-2007-4047

geoBlog aka BitDamaged 1 does not require authentication for 1 deletecomment.php, 2 deleteblog.php, and 3 listcomment.php in admin/, which allows remote attackers to delete arbitrary comments, delete arbitrary blogs, and have other unspecified impact via a request with a valid id parameter...

GeoBlog MOD_1.0 - deletecomment.php?id Arbitrary Comment Deletion

GeoBlog MOD1.0 - deletecomment.php?id Arbitrary Comment Deletion source: https://www.securityfocus.com/bid/24966/info geoBlog is prone to multiple security-bypass vulnerabilities because the application fails to properly validate users when deleting user blogs and comments. An attacker may exploi...

GeoBlog MOD_1.0 - deleteblog.php?id Arbitrary Blog Deletion

GeoBlog MOD1.0 - deleteblog.php?id Arbitrary Blog Deletion source: https://www.securityfocus.com/bid/24966/info geoBlog is prone to multiple security-bypass vulnerabilities because the application fails to properly validate users when deleting user blogs and comments. An attacker may exploit thes...

Geoblog v1 administrator bypass

Geoblog v1. A vulnerability exists in geoblog version 1 latest that allows users to delete other peoples comments without administration credentials. It works on blogs too. Users can delete blogs without user credentials. The reason why is because the listcomments.php and deletecomments.php files...

GeoBlog MOD_1.0 - 'deleteblog.php?id' Arbitrary Blog Deletion

source: https://www.securityfocus.com/bid/24966/info geoBlog is prone to multiple security-bypass vulnerabilities because the application fails to properly validate users when deleting user blogs and comments. An attacker may exploit these issues to delete blogs and comments regardless of the...

Code injection

PHPIDS before 20070703 does not properly handle 1 arithmetic expressions and 2 unclosed comments, which allows remote attackers to inject arbitrary web script...

CVE-2007-3578

PHPIDS before 20070703 does not properly handle 1 arithmetic expressions and 2 unclosed comments, which allows remote attackers to inject arbitrary web script...

flack123 buffer overflow

Stack-based buffer overflow on Vorbis comments parsing...