Lucene search
K

128 matches found

securityvulns
securityvulns
added 2011/03/10 12:0 a.m.28 views

HTB22878: XSS vulnerability in CosmoShop

Vulnerability ID: HTB22878 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityincosmoshop.html Product: CosmoShop Vendor: Zaunz Publishing GmbH http://www.cosmoshop.de/ Vulnerable Version: ePRO V10.05.00 Vendor Notification: 24 February 2011 Vulnerability Type: Stored XSS Cross Site...

0.5AI score
Exploits0
exploitpack
exploitpack
added 2011/02/02 12:0 a.m.16 views

TCExam 11.1.16 - user_password Cross-Site Scripting

TCExam 11.1.16 - userpassword Cross-Site Scripting source: https://www.securityfocus.com/bid/46096/info TCExam is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the...

6.8AI score
Exploits0
0day.today
0day.today
added 2010/12/22 12:0 a.m.26 views

Injader CMS Multiple Vulnerabilities

Exploit for php platform in category web applications Vulnerability ID: HTB22745 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityininjadercms1.html Product: Injader CMS Vendor: http://www.injader.com/ http://www.injader.com/ Vulnerable Version: 2.4.4 Vendor Notification: 07 December 20...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2010/11/03 12:0 a.m.21 views

Webmedia Explorer 6.13.1 Cross Site Scripting

Vulnerability ID: HTB22661 Reference: http://www.htbridge.ch/advisory/storedxssvulnerabilityinwebmediaexplorer.html Product: Webmedia Explorer Vendor: Marc Salmurri http://www.webmediaexplorer.com/ Vulnerable Version: 6.13.1 and probably prior versions Vendor Notification: 19 October 2010...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2010/10/22 12:0 a.m.17 views

W-Agora 4.2.1 - search.php3?bn Traversal Local File Inclusion

W-Agora 4.2.1 - search.php3?bn Traversal Local File Inclusion source: https://www.securityfocus.com/bid/44370/info w-Agora is prone to a local file-include vulnerability and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit the...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2010/08/17 12:0 a.m.152 views

XSS vulnerability in CMSimple

Vulnerability ID: HTB22558 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityincmsimple.html Product: CMSimple Vendor: Peter Andreas Harteg http://www.cmsimple.org/ Vulnerable Version: 3.3 and Probably Prior Versions Vendor Notification: 02 August 2010 Vulnerability Type: XSS Cross Site...

0.7AI score
Exploits0
securityvulns
securityvulns
added 2010/08/08 12:0 a.m.47 views

XSS vulnerability in Amethyst

Vulnerability ID: HTB22501 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityinamethyst1.html Product: Amethyst Vendor: Hulihan Applications http://hulihanapplications.com/projects/amethyst Vulnerable Version: 0.1.5 and Probably Prior Versions Vendor Notification: 22 July 2010...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2010/07/16 12:0 a.m.49 views

DSite CMS 4.81 Cross Site Scripting

Vulnerability ID: HTB22465 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityindsitecms.html Product: DSite CMS Vendor: Media Programming Group http://www.dsite.ru Vulnerable Version: 4.81 and Probably Prior Versions Vendor Notification: 01 July 2010 Vulnerability Type: XSS Cross Site...

7AI score
Exploits0
exploitpack
exploitpack
added 2010/06/22 12:0 a.m.19 views

SoftComplex PHP Event Calendar 1.5 - Multiple Remote Vulnerabilities

SoftComplex PHP Event Calendar 1.5 - Multiple Remote Vulnerabilities source: https://www.securityfocus.com/bid/41043/info SoftComplex PHP Event Calendar is prone to multiple remote security vulnerabilities including cross-site scripting, HTML-injection, directory-traversal, and cross-site...

0.3AI score
Exploits0
Exploit DB
Exploit DB
added 2010/06/22 12:0 a.m.19 views

SoftComplex PHP Event Calendar 1.5 - Multiple Remote Vulnerabilities

source: https://www.securityfocus.com/bid/41043/info SoftComplex PHP Event Calendar is prone to multiple remote security vulnerabilities including cross-site scripting, HTML-injection, directory-traversal, and cross-site request-forgery issues. Attackers can exploit these issues to obtain sensiti...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2010/05/10 12:0 a.m.11 views

EasyPublish CMS 23.04.2010 - URI Cross-Site Scripting

EasyPublish CMS 23.04.2010 - URI Cross-Site Scripting source: https://www.securityfocus.com/bid/40037/info EasyPublish CMS is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script...

6.8AI score
Exploits0
OpenVAS
OpenVAS
added 2010/05/04 12:0 a.m.10 views

osCommerce Local File Include and HTML Injection Vulnerabilities

osCommerce is prone to a local file-include vulnerability and an HTML- injection vulnerability because it fails to properly sanitize user- supplied input. An attacker can exploit the local file-include vulnerability using directory- traversal strings to execute local files within the context of t...

7.2AI score
Exploits0References3
Exploit DB
Exploit DB
added 2010/04/27 12:0 a.m.18 views

ProArcadeScript - 'search.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/39749/info ProArcadeScript is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the conte...

7.4AI score
Exploits0
OpenVAS
OpenVAS
added 2010/04/15 12:0 a.m.12 views

Axon Virtual PBX 2.13 Multiple Remote Vulnerabilities

NCH Software Axon virtual PBX is prone to multiple remote vulnerabilities, including: - A cross-site scripting vulnerability. - A cross-site request forgery vulnerability. - An arbitrary file deletion vulnerability. - A directory traversal vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG...

6.9AI score
Exploits0References1
Exploit DB
Exploit DB
added 2010/03/23 12:0 a.m.56 views

RepairShop2 - 'index.php?Prod' Cross-Site Scripting

source: https://www.securityfocus.com/bid/38907/info RepairShop 2 is prone to an SQL-injection vulnerability and a cross-site scripting vulnerability. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, control how the site is rendered to the user,...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2010/02/18 12:0 a.m.12 views

New-CMS 1.08 - Multiple Local File Inclusion HTML Injection Vulnerabilities

New-CMS 1.08 - Multiple Local File Inclusion HTML Injection Vulnerabilities source: https://www.securityfocus.com/bid/38307/info New-CMS is prone to multiple local file-include vulnerabilities and an HTML-Injection vulnerability because it fails to properly sanitize user-supplied input. An attack...

0.3AI score
Exploits0
Exploit DB
Exploit DB
added 2010/02/16 12:0 a.m.28 views

Extreme Mobster - 'login' Cross-Site Scripting

source: https://www.securityfocus.com/bid/38265/info Extreme Mobster is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the conte...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2010/01/27 12:0 a.m.42 views

SAP BusinessObjects 12 - URI redirection / Cross-Site Scripting

source: https://www.securityfocus.com/bid/37972/info SAP BusinessObjects is prone to multiple URI-redirection issues and multiple cross-site scripting issues because it fails to sufficiently sanitize user-supplied input. Attackers can exploit these issues to execute arbitrary script or HTML code,...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2010/01/06 12:0 a.m.7 views

D-Link DKVM-IP8 - auth.asp Cross-Site Scripting

D-Link DKVM-IP8 - auth.asp Cross-Site Scripting source: https://www.securityfocus.com/bid/37646/info D-LINK DKVM-IP8 is prone to a cross-site scripting vulnerability because the device's web interface fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute...

6.8AI score
Exploits0
Exploit DB
Exploit DB
added 2009/12/31 12:0 a.m.23 views

DieselPay 1.6 - Cross-Site Scripting / Directory Traversal

source: https://www.securityfocus.com/bid/37564/info DieselPay is prone to a cross-site scripting vulnerability and a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker could exploit these vulnerabilities to obtain sensitive information,...

7.4AI score
Exploits0
Rows per page
Query Builder