Lucene search
+L

340 matches found

exploitpack
exploitpack
added 2009/12/12 12:0 a.m.12 views

ZeeCareers 2.x - PHP HR Manager Website (Cross-Site Scripting Authentication Bypass)

ZeeCareers 2.x - PHP HR Manager Website Cross-Site Scripting Authentication Bypass Title: ZeeCareers v2x - PHP HR Manager Website XSS / Auth Bypass Date: 12/12/2009 Author: bi0 Software Link: http://www.zeecareers.com/ Version: 2x CVE : Code : /\ == \ /\ \ /\ \ \ \ \ \ \ \ \ /\ \ \ \ \ \ \ \...

0.3AI score
Exploits0
Prion
Prion
added 2009/09/24 4:30 p.m.13 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Match Agency BiZ 1.0 allow remote attackers to inject arbitrary web script or HTML via the 1 important parameter to editprofile.php and 2 pid parameter to report.php...

4.3CVSS6.1AI score0.01573EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2009/09/24 4:0 p.m.18 views

CVE-2009-3359

Multiple cross-site scripting XSS vulnerabilities in Match Agency BiZ 1.0 allow remote attackers to inject arbitrary web script or HTML via the 1 important parameter to editprofile.php and 2 pid parameter to report.php...

5.8AI score0.01573EPSS
Exploits1References5
Packet Storm
Packet Storm
added 2009/06/12 12:0 a.m.31 views

4images 1.7.7 Bypass / Cross Site Scripting

|| || | || o,7 || . o7 || q||| o\, : / / . =By: Qabandi =Email: iqaahotmail.fr From Kuwait, PEACE... =Vuln: 4images = 1.7.7 - filter bypass HTML injection/XSS =INFO: =BUY: =DORK: -=/:Conditions:=- --------------------------------------------------------------------------------- ; Magic quotes...

Exploits0
seebug.org
seebug.org
added 2008/11/12 12:0 a.m.15 views

Pre Real Estate Listings File Upload Vulnerability

No description provided by source. Pre Real Estate Listings login.php ByPass /File Upload Script:Pre Real Estate Listings HomePage:http://preproject.com/ Demo:http://preproject.com/ulisting/ Author:BackDoor By Pass Exploit: http://victim.com/scriptpath/login.php username:'or' password:'or' Live...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2008/10/09 12:0 a.m.11 views

Gforge <= 4.6 rc1 (skill_edit) SQL Injection Vulnerability

No description provided by source. Gforge = 4.6 rc1 skilledit SQL injection Vendor Notified: 2008-10-06 Impact: zomg! Note: should work regardless magicquotesgpc setting. Requires: Creating an account and be logged in Vulnerable function: handlemultiedit$skillids on /www/people/skillsutils.php...

7.1AI score
Exploits0
UbuntuCve
UbuntuCve
added 2008/07/25 4:41 p.m.28 views

CVE-2008-3325

Cross-site request forgery CSRF vulnerability in Moodle 1.6.x before 1.6.7 and 1.7.x before 1.7.5 allows remote attackers to modify profile settings and gain privileges as other users via a link or IMG tag to the user edit profile page...

6CVSS5.9AI score0.01058EPSS
Exploits0References1
seebug.org
seebug.org
added 2008/07/14 12:0 a.m.16 views

MFORUM 0.1a Arbitrary Add-Admin Vulnerability

No description provided by source. ================================================= MFORUM 0.1a Arbitrary Add-Admin Vulnerability ================================================= ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH Underground Hacking Team...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2007/09/21 12:0 a.m.141 views

PhpBB Xs 2 profile.php Permanent Xss Vulnerability

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ PhpBB Xs 2 profile.php Permanent Xss Vulnerability +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Found By Seph1roth +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ POST METHOD Corrupted page:...

1.9AI score
Exploits0
Prion
Prion
added 2007/06/26 11:30 p.m.22 views

Design/Logic Flaw

The 1 login, 2 admin profile edit, 3 reminder, 4 edit profile, 5 profile view, 6 gallery view, 7 gallery comment, and 8 gallery feedback capabilities in web-app.org WebAPP before 0.9.9.7 do not verify presence of users in memberlist.dat, which has unknown impact and remote attack vectors...

7.5CVSS7.3AI score0.01126EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2007/03/02 9:18 p.m.13 views

Cross site scripting

WebAPP before 0.9.9.5 does not properly filter certain characters in contexts related to 1 the query string, 2 Profiles, 3 the Forum Post icon field, 4 the Edit Profile, and 5 the Gallery, which has unknown impact and remote attack vectors, possibly related to cross-site scripting XSS...

5.8CVSS6.6AI score0.01107EPSS
Exploits0References8Affected Software1
ATTACKERKB
ATTACKERKB
added 2007/03/02 9:18 p.m.3 views

CVE-2007-1181

WebAPP before 0.9.9.5 passes 1 Unused Informations and 2 the username through Edit Profile forms, which has unknown impact and attack vectors...

5CVSS5.4AI score0.01076EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2007/03/02 9:18 p.m.4 views

CVE-2007-1177

WebAPP before 0.9.9.5 does not properly filter certain characters in contexts related to 1 the query string, 2 Profiles, 3 the Forum Post icon field, 4 the Edit Profile, and 5 the Gallery, which has unknown impact and remote attack vectors, possibly related to cross-site scripting XSS...

5.8CVSS5.2AI score0.01107EPSS
Exploits0References9
NVD
NVD
added 2007/03/02 9:18 p.m.15 views

CVE-2007-1177

WebAPP before 0.9.9.5 does not properly filter certain characters in contexts related to 1 the query string, 2 Profiles, 3 the Forum Post icon field, 4 the Edit Profile, and 5 the Gallery, which has unknown impact and remote attack vectors, possibly related to cross-site scripting XSS...

5.8CVSS6.2AI score0.01107EPSS
Exploits0References8
Prion
Prion
added 2007/03/02 9:18 p.m.16 views

Design/Logic Flaw

WebAPP before 0.9.9.5 passes 1 Unused Informations and 2 the username through Edit Profile forms, which has unknown impact and attack vectors...

5CVSS7.2AI score0.01076EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2007/02/28 4:0 p.m.24 views

CVE-2007-1181

WebAPP before 0.9.9.5 passes 1 Unused Informations and 2 the username through Edit Profile forms, which has unknown impact and attack vectors...

6.6AI score0.01076EPSS
Exploits0References5
Prion
Prion
added 2006/06/07 10:2 a.m.12 views

Deserialization of untrusted data

profile.php in FunkBoard CF0.71 allows remote attackers to change arbitrary passwords via a modified uid hidden form field in an Edit Profile action...

5CVSS7.3AI score0.09364EPSS
Exploits0References7Affected Software1
NVD
NVD
added 2006/06/07 10:2 a.m.14 views

CVE-2006-2896

profile.php in FunkBoard CF0.71 allows remote attackers to change arbitrary passwords via a modified uid hidden form field in an Edit Profile action...

5CVSS6.7AI score0.09364EPSS
Exploits0References7
CVE
CVE
added 2006/01/04 11:0 a.m.39 views

CVE-2005-4613

Technical details for CVE-2005-4613 are not publicly available in the provided documents; the materials include only a general description of an XSS issue in VUBB alpha rc1. Monitor for updates.

4.3CVSS6AI score0.01164EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2004/12/31 5:0 a.m.12 views

CVE-2004-1863

Multiple cross-site scripting XSS vulnerabilities in XMB aka extreme message board 1.9 beta aka Nexus beta allow remote attackers to inject arbitrary web script or HTML via 1 the u2uheader parameter in editprofile.php, the restrict parameter in 2 member.php, 3 misc.php, and 4 today.php, and 5 an...

4.3CVSS5.8AI score0.02103EPSS
Exploits0References8
Rows per page
Query Builder