233 matches found
Ubuntu Update for firefox vulnerabilities USN-592-1
Ubuntu Update for Linux kernel vulnerabilities USN-592-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN5921.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for firefox vulnerabilities USN-592-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...
Ubuntu Update for firefox vulnerabilities USN-428-1
Ubuntu Update for Linux kernel vulnerabilities USN-428-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN4281.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for firefox vulnerabilities USN-428-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...
Nagios -- Cross Site Scripting Vulnerability
Secunia reports: A vulnerability has been reported in Nagios, which can be exploited by malicious people to conduct cross-site scripting attacks...
Debian: Security Advisory (DSA-265)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Cross site scripting
Unspecified vulnerability in the Boost module before 4.7.x-1.0, and 5.x before 5.x-1.0, for Drupal allows remote attackers to create or overwrite arbitrary files, and conduct cross-site scripting attacks XSS via unspecified vectors...
CVE-2007-5270
Unspecified vulnerability in the Boost module before 4.7.x-1.0, and 5.x before 5.x-1.0, for Drupal allows remote attackers to create or overwrite arbitrary files, and conduct cross-site scripting attacks XSS via unspecified vectors...
FreeBSD : joomla -- multiple vulnerabilities (4872d9a7-4128-11dc-bdb0-0016179b2dd5)
A Secunia Advisory reports : joomla can be exploited to conduct session fixation attacks, cross-site scripting attacks or HTTP response splitting attacks. Certain unspecified input passed in comsearch, comcontent and modlogin is not properly sanitised before being returned to a user. This can be...
EPortfolio 1.0 - Client-Side Input Validation
source: https://www.securityfocus.com/bid/22829/info ePortfolio is prone to a client-side input-validation vulnerability because the application fails to sufficiently sanitize user-supplied data. An attacker can exploit this issue to perform various attacks that are caused by input-validation...
PHP Link Directory XSS Vulnerability version <= 3.0.6
Smilehouse Oy -= Security Advisory =- Advisory: PHP Link Directory XSS Vulnerability Release Date: 2007/01/21 Last Modified: 2007/01/21 Authors: Jussi Vuokko, CISSP [email protected] Henri Lindberg, Associate of ISCІ [email protected] Application: PHP Link Directory = 3.0.6...
Site program-Africa SI exploits-vulnerability warning-the black bar safety net
Part I Preface Now the most popular online site attack means, to was SQL Injection, even though SI technology is easy to use, and easy to obtain greater privileges, but because of the limelight too big, now generally is a little security-conscious programmer will pay attention to this problem, an...
CVE-2006-3802
Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to hijack native DOM methods from objects in another domain and conduct cross-site scripting XSS attacks using DOM methods of the top-level object...
CMSimple < 2.4 Beta 5 'index.php?guestbook' XSS Vulnerability - Active Check
CMSimple installed is prone to cross-site scripting XSS attacks due to its failure to sanitize user-supplied input to both the search and guestbook modules. SPDX-FileCopyrightText: 2006 Josh Zlatin-Amishav Some text descriptions might be excerpted from a referenced sources, and are Copyright C by...
arinXSS.txt
This is a multi-part message in MIME format. --117C6D30-EC32-4CA9-A4BD-07EFF66F2B52 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Title ARIN.NET input validation holes in "?queryinput=3D" allows remote users = conduct cross-site scripting attacks...
http TRACE XSS attack
Debugging functions are enabled on the remote HTTP server. The remote webserver supports the TRACE and/or TRACK methods. TRACE and TRACK are HTTP methods which are used to debug web server connections. It has been shown that servers supporting this method are subject to cross-site-scripting...
TeeKai Tracking Online XSS
The remote host runs Teekai Tracking Online, a PHP script used for tracking the number of user's on a Web site. This version is vulnerable to cross-site scripting attacks. With a specially crafted URL, an attacker can cause arbitrary code execution resulting in a loss of integrity. OpenVAS...
CubeCart < 3.0.4 Multiple Script XSS
The remote version of CubeCart contains several cross-site scripting vulnerabilities due to its failure to properly sanitize user-supplied input of certain variables to the 'index.php' and 'cart.php' scripts. %NASLMINLEVEL 70300 Josh Zlatin-Amishav This script is released under the GNU GPLv2...
YaPiG <= 0.9.5b Multiple Vulnerabilities
The remote host is running YaPiG, a web-based image gallery written in PHP. According to its banner, the version of YaPiG installed on the remote host is prone to arbitrary PHP code injection and cross-site scripting attacks. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...
CoolForum 0.50.70.8 - avatar.php?img Cross-Site Scripting
CoolForum 0.50.70.8 - avatar.php?img Cross-Site Scripting source: https://www.securityfocus.com/bid/12852/info Multiple remote input validation vulnerabilities affect CoolForum. These issues are due to a failure of the application to properly sanitize user-supplied input prior to using it to carr...
CVE-2004-2704
Hastymail 1.0.1 and earlier stable and 1.1 and earlier development does not send the "attachment" parameter in the Content-Disposition field for attachments, which causes the attachment to be rendered inline by Internet Explorer when the victim clicks the download link, which facilitates cross-si...
CoolPHP 1.0 - Multiple Remote Input Validation Vulnerabilities
CoolPHP 1.0 - Multiple Remote Input Validation Vulnerabilities source: https://www.securityfocus.com/bid/11437/info Reportedly CoolPHP is affected by multiple remote input validation vulnerabilities. These issues are due to a failure of the application to properly sanitize user supplied input pri...