SUSE CVE-2006-3548

Multiple cross-site scripting XSS vulnerabilities in Horde Application Framework 3.0.0 through 3.0.10 and 3.1.0 through 3.1.1 allow remote attackers to inject arbitrary web script or HTML via a 1 javascript URI or an external 2 http, 3 https, or 4 ftp URI in the url parameter in services/go.php a...

Woltlab Burning Board多个输入验证漏洞

BUGTRAQ ID: 34057 WoltLab Burning Board是一款可自定义的论坛程序。 WoltLab Burning Board没有执行任何有效性检查便允许用户通过HTTP请求执行某些操作，如果登录用户访问了恶意网页便可以将保密消息移动到回收站。 WoltLab Burning Board的wcf/acp/dereferrer.php模块没有验证对url参数的输入便返回给了用户，远程攻击者可以通过提交恶意请求导致在用户浏览器会话中执行任意HTML和脚本代码。 Woltlab Burning Board 3.0.x 厂商补丁： Woltlab -------...

FreeBSD : horde -- various problems in dereferrer (e94cb43d-0c4a-11db-9016-0050bf27ba24)

Horde 3.1.2 release announcement : Security Fixes : - Closed XSS problems in dereferrer IE only, help viewer and problem reporting screen. - Removed unused image proxy code from dereferrer. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin...

horde -- various problems in dereferrer

Horde 3.1.2 release announcement: Security Fixes: Closed XSS problems in dereferrer IE only, help viewer and problem reporting screen. Removed unused image proxy code from dereferrer...