Opera 7.0 Error Message History Disclosure Weakness

No description provided by source. source: http://www.securityfocus.com/bid/6759/info It has been reported that Opera fails to ensure that a remote site has proper authorization before executing some methods used to access error messages stored in the Opera console. This issue is further...

M-TECH P-Synch 6.2.5 Path Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7740/info Reportedly an attacker may make a malicious HTTP request for specific P-Synch executables passing an empty URI parameter to trigger the condition. Although unconfirmed, it is likely that the request will cause...

TOPO 1.41 Remote Path Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6768/info It has been reported that TOPo may return information to users that is sensitive in nature. Under some circumstances, it is possible to produce an error message that reveals information about web directory...

BlueFace Falcon Web Server 2.0 Error Message Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5435/info Falcon Webserver does not sufficiently sanitize HTML tags from error message output. In particular, attackers may inject HTML into 301 and 404 error pages. It is possible to create a malicious link to the server...

Symantec Norton Internet Security 2003 6.0.4 .34 Error Message Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8904/info It has been reported that Symantec Norton Internet Security is prone to a cross-site scripting vulnerability. The issue is reported to exist when the software blocks a restricted website and an error message...

Opera Web Browser 7.5 Resource Detection Weakness

No description provided by source. source: http://www.securityfocus.com/bid/10961/info Opera Web Browser is prone to a security weakness that may permit an attacker to determine the existence of resources on a vulnerable computer. An attacker can use an IFRAME that is accessible within the same...

FuseTalk Forum 4.0 - Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/11407/info FuseTalk Forum is reported prone to multiple input validation vulnerabilities. These issues may allow a remote attacker to carry out cross-site scripting attacks. The cause of these issues is insufficient...

Sage 1.0 beta 3 Content Management System Path Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6893/info Sage Content Management System contains a path disclosure vulnerability. When a request is made for a module that does not exist, the returned error message contains the full path to the Sage installation...

PEamp (.mp3) Memory Corruption PoC

No description provided by source. /Title: PEamp .mp3 Memmory Corruption PoC Author: Ayrbyte Link: http:www.softpedia.com/get/Multimedia/Audio/Audio-Players/mp3player.shtml Versi: v1.02b Tested on: Windows 7 Fb: facebook.com/Ayrbyte Greetz To : all CREMY Family, and for all indonesian indonesian...

Virtual Hosting Control System 2.2/2.4 Error Message Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/15538/info Virtual Hosting Control System is prone to cross-site scripting attacks. The vulnerability arises when error messages are rendered and could let an attacker inject hostile HTML and script code into the browser...

Aestiva HTML/OS 2.4 Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5618/info Aestiva HTML/OS is a database engine and development suite for building websites and web-based software products. HTML/OS does not sufficiently sanitize metacharacters from error message output. In particular,...

TIPS MailPost 5.1.1 Error Message Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/11598/info MailPost is reported prone to a cross-site scripting vulnerability. This issue presents itself due to insufficient sanitization of user-supplied data and can allow an attacker to execute arbitrary HTML and scri...

Floosietek FTGate Mail Server 1.2 Path Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10059/info It has been reported that FTGate it prone to a server path disclosure vulnerability. This issue is due to an ill conceived error message that includes the server path. These issues may be leveraged to gain...

myBloggie 2.1.2/2.1.3 addcat.php errormsg Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/17048/info MyBloggie is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have...

Round Cube Webmail 0.1 -20051021 Path Disclosure Weakness

No description provided by source. source: http://www.securityfocus.com/bid/15920/info Round Cube will reportedly reveal its installation path in an error message output to the client. The filesystem layout can be sensitive information that is useful in other attacks against the target server. Th...

RARLAB WinRar 2.90/3.x UUE/XXE Invalid Filename Error Message Format String

No description provided by source. source: http://www.securityfocus.com/bid/15062/info WinRAR is prone to multiple remote vulnerabilities. These issues include a format string and a buffer overflow vulnerability. Successful exploitation may allow an attacker to execute arbitrary code on a...

Microsoft IIS 5.0 IISAPI Extension Enumerate Root Web Server Directory Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/194/info A GET request that specifies a nonexistent file with an IISAPI-registered extension ie .pl, .idq will cause the IIS server to return an error message that includes the full path of the root web server directory...

PAFileDB 3.1 Error Message Path Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/11817/info paFileDB is prone to an installation path disclosure. If invalid requests are made to certain scripts, the installation path is included in the returned error message...

PY Software Active Webcam 4.3 Webserver Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9261/info A vulnerability has been reported to be present in the software that may allow a remote attacker to execute HTML or script code in a user's browser. It has been reported that the problem arises when the software...

CGIScript.net csPassword.CGI 1.0 Information Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/4887/info CGIScript.net provides various webmaster related tools and is maintained by Mike Barone and Andy Angrick. A vulnerability has been reported in the csPassword.cgi script developed by CGIScript.net that discloses...