Lucene search
+L

128 matches found

exploitpack
exploitpack
added 2012/10/16 12:0 a.m.12 views

WANem - Multiple Cross-Site Scripting Vulnerabilities

WANem - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/56326/info WANem is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2012/10/02 12:0 a.m.21 views

ZenPhoto - admin-news-articles.php Cross-Site Scripting

ZenPhoto - admin-news-articles.php Cross-Site Scripting source: https://www.securityfocus.com/bid/55755/info Zenphoto is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...

6.8AI score
Exploits0
exploitdb
exploitdb
added 2012/10/01 12:0 a.m.33 views

Omnistar Mailer - Multiple SQL Injections / HTML Injection Vulnerabilities

source: https://www.securityfocus.com/bid/55760/info Omnistar Mailer is prone to multiple SQL-injection vulnerabilities and an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting these issues may allow an attacker to compromise the application,...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2012/09/03 12:0 a.m.57 views

DataWatch Monarch BI v5.1 admin section reflected cross-site scripting

Class: Input Validation Error Remote: Yes Local: No Published: 26/06/2012 Credit: Raymond Rizk of Dionach Limited [email protected] Vulnerable: DataWatch Monarch BI v5.1 DataWatch's Monarch BI admin section is prone to a reflected cross-site scripting vulnerability because it fails to sufficientl...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2012/08/04 12:0 a.m.11 views

Open Constructor - datafileedit.php?result Cross-Site Scripting

Open Constructor - datafileedit.php?result Cross-Site Scripting source: https://www.securityfocus.com/bid/54822/info Open Constructor is prone to multiple input-validation vulnerabilities because it fails to properly sanitize user-supplied input. Exploiting these vulnerabilities could allow an...

6.8AI score
Exploits0
exploitpack
exploitpack
added 2012/08/02 12:0 a.m.13 views

Barracuda Email Security Service - Multiple HTML Injection Vulnerabilities

Barracuda Email Security Service - Multiple HTML Injection Vulnerabilities source: https://www.securityfocus.com/bid/54773/info Barracuda Email Security Service is prone to multiple HTML-injection vulnerabilities because it fails to properly validate user-supplied input. An attacker may leverage...

0.5AI score
Exploits0
exploitdb
exploitdb
added 2012/07/06 12:0 a.m.24 views

WordPress Plugin Knews Multilingual Newsletters - Cross-Site Scripting

source: https://www.securityfocus.com/bid/54330/info Knews Multilingual Newsletters for WordPress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2012/04/27 12:0 a.m.22 views

MySQLDumper 1.24.4 - main.php Multiple Cross-Site Request Forgery Vulnerabilities

MySQLDumper 1.24.4 - main.php Multiple Cross-Site Request Forgery Vulnerabilities source: https://www.securityfocus.com/bid/53306/info MySQLDumper is prone to multiple security vulnerabilities, including: 1. Multiple cross-site scripting vulnerabilities. 2. A local file-include vulnerability. 3...

0.3AI score
Exploits0
exploitdb
exploitdb
added 2012/04/27 12:0 a.m.24 views

MySQLDumper 1.24.4 - 'install.php' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/53306/info MySQLDumper is prone to multiple security vulnerabilities, including: 1. Multiple cross-site scripting vulnerabilities. 2. A local file-include vulnerability. 3. Multiple cross-site request-forgery vulnerabilities. 4. Multiple...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2012/02/28 12:0 a.m.37 views

Fork CMS 3.x - '/backend/modules/error/actions/index.php?parse()' Multiple Error Display Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/52236/info Fork CMS is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage these issues to execute arbitrary script cod...

7.4AI score
Exploits0
openvas
openvas
added 2012/02/16 12:0 a.m.31 views

11in1 Cross Site Request Forgery and Local File Include Vulnerabilities

11in1 is prone to a cross-site request-forgery and a local file include vulnerability. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, steal cookie-based authentication credentials, and open or run...

6.8CVSS6.8AI score0.09794EPSS
Exploits3References3
exploitpack
exploitpack
added 2012/01/04 12:0 a.m.14 views

Limny 3.0.1 - login.php Script Cross-Site Scripting

Limny 3.0.1 - login.php Script Cross-Site Scripting source: https://www.securityfocus.com/bid/51261/info Limny is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the...

6.8AI score
Exploits0
exploitpack
exploitpack
added 2011/12/13 12:0 a.m.13 views

WordPress Plugin flash-album-gallery - flagshow.php Cross-Site Scripting

WordPress Plugin flash-album-gallery - flagshow.php Cross-Site Scripting source: https://www.securityfocus.com/bid/51031/info flash-album-gallery plug-in for WordPress is prone to a cross-site-scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may...

6.7AI score
Exploits0
openvas
openvas
added 2011/11/30 12:0 a.m.14 views

Manx Multiple Cross Site Scripting and Directory Traversal Vulnerabilities

Manx is prone to multiple cross-site scripting and directory-traversal vulnerabilities because it fails to sufficiently sanitize user-supplied input. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respectiv...

6.8AI score
Exploits0References3
exploitdb
exploitdb
added 2011/11/28 12:0 a.m.21 views

Manx 1.0.1 - '/admin/admin_blocks.php?Filename' Traversal Arbitrary File Access

source: https://www.securityfocus.com/bid/50839/info Manx is prone to multiple cross-site scripting and directory-traversal vulnerabilities because it fails to sufficiently sanitize user-supplied input. Exploiting these issues will allow an attacker to execute arbitrary script code in the browser...

7.4AI score
Exploits0
patchstack
patchstack
added 2011/09/26 12:0 a.m.9 views

WordPress Regular Subscriber Plugin 3.1.x - HTML Injection Vulnerability

WordPress Regular Subscriber plugin is prone to an HTML-injection vulnerability because of failure to sufficiently clean up user-supplied input. It allows an attacker to execute arbitrary script code in the browser in the context of the affected websites. In this way an attacker can steal...

1.3AI score
Exploits0References1Affected Software1
exploitpack
exploitpack
added 2011/09/19 12:0 a.m.30 views

Toko Lite CMS 1.5.2 - HTTP Response Splitting Cross-Site Scripting

Toko Lite CMS 1.5.2 - HTTP Response Splitting Cross-Site Scripting source: https://www.securityfocus.com/bid/49673/info Toko LiteCMS is prone to an HTTP-response-splitting vulnerability and multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An...

6.8AI score
Exploits0
exploitdb
exploitdb
added 2011/05/31 12:0 a.m.41 views

S9Y Serendipity Freetag-plugin 3.21 - 'index.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/48054/info Serendipity Freetag-plugin is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting use...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2011/03/31 12:0 a.m.31 views

InTerra Blog Machine 1.84 - 'subject' HTML Injection

source: https://www.securityfocus.com/bid/47104/info InTerra Blog Machine is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the conte...

7AI score
Exploits0
securityvulns
securityvulns
added 2011/03/10 12:0 a.m.29 views

HTB22878: XSS vulnerability in CosmoShop

Vulnerability ID: HTB22878 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityincosmoshop.html Product: CosmoShop Vendor: Zaunz Publishing GmbH http://www.cosmoshop.de/ Vulnerable Version: ePRO V10.05.00 Vendor Notification: 24 February 2011 Vulnerability Type: Stored XSS Cross Site...

0.5AI score
Exploits0
Rows per page
Query Builder