PHPWebFTP 2.3 - Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/17688/info phpWebFTP is prone to multiple cross-site scripting vulnerabilities. These issues are due to the application's failure to properly sanitize user-supplied input using the HTTP 'POST' method when submitting a...

CartWIZ 1.10 Access.ASP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13338/info CartWIZ is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script...

singapore 0.9.x/0.10 Multiple Parameter Traversal Arbitrary File Access

No description provided by source. source: http://www.securityfocus.com/bid/18518/info singapore gallery is prone to directory-traversal and cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit...

Asn Guestbook 1.5 - header.php version Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/14356/info Asn Guestbook is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issu...

Scoop 1.1 RC1 Missing Story Error XSS

No description provided by source. source: http://www.securityfocus.com/bid/16014/info Scoop is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have...

ASPNuke 0.80 register.asp Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/14062/info ASPNuke is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues to...

PHPNuke 4.x/5.x Remote Arbitrary File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3889/info PHPNuke is a website creation/maintenance tool. The 'index.php' script has a feature which allows users to include files. Due to insufficent input validation, it is possible to include files located on a remote...

MVNForum 1.0 Search Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13213/info mvnForum is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary scrip...

Pyrox Search 1.0.5 Newsearch.PHP Whatdoreplace Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/14343/info A cross-site scripting vulnerability affects Pyrox Search. This issue is due to a failure of the application to properly sanitize user-supplied URI input that will be output in dynamically generated Web pages. ...

Seagate BlackArmor NAS sg2000-2000.1331 Cross Site Scripting

Exploit Title: Seagate BlackArmor NAS - Multiple Persistent Cross Site Scripting Vulnerabilities Google Dork: N/A Date: 04-01-2014 Exploit Author: Jeroen - IT Nerdbox Vendor Homepage: http://www.seagate.com/ Software Link: http://www.seagate.com/support/downloads/item/banas-220-firmware-master-dl...

Code::Blocks - Denial of Service

Code::Blocks - Denial of Service source: https://www.securityfocus.com/bid/60208/info Code::Blocks is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause an affected application to crash, denying service to legitimate users. Due to the nature of this issue,...

[SECURITY] Fedora 18 Update: drupal7-rules-2.3-1.fc18

The rules modules allows site administrators to define conditionally execut ed actions based on occurring events known as reactive or ECA rules. It's a replacement with more features for the trigger module in core and the successor of the Drupal 5 workflow-ng module...

GetSimple Plugins - The Photo Gallery Timthumb Vulnerability

Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...

persistent xss through flash swf file attachment download

It is possible to upload a flash swf file which when the attachment 'download' url is visited the flash swf file is executed in the browser and as such can use ExternalInterface.call method to inject javascript defined in the swf file into the browser...

Oracle GlassFish Server Multiple XSS and CSRF Vulnerabilities

This host is running Oracle GlassFish Server and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gboracleglassfishservermultvuln.nasl 5956 2017-04-14 09:02:12Z teissa $ Oracle GlassFish Server Multiple XSS and CSRF Vulnerabilities Authors: Sooraj KS Copyright: Copyright c 20...

INSECT Pro 2.7 - Penetration testing tool download

INSECT Pro 2.7 - Penetration testing tool download INSECT Pro 2.7 - Ultimate is here! This penetration security auditing and testing software solutionis designed to allow organizations of all sizes mitigate, monitor and manage the latest security threats vulnerabilities and implement active...

MemHT Portal 4.0.1 Cross Site Scripting

===================================== Vulnerability ID: HTB22663 Reference: http://www.htbridge.ch/advisory/storedxsscrosssitescriptingvulnerabilityinmemhtportal.html Product: MemHT Portal Vendor: Miltenovik Manojlo http://www.memht.com/ Vulnerable Version: 4.0.1 and probably prior versions Vendo...

Cross-site Request Forgery (CSRF) Vulnerabilities in BlogBird

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in BlogBird which could be exploited to perform cross-site request forgery attacks. 1 Cross-site request forgery CSRF in BlogBird 1.1 The vulnerability exists due to insufficient validation of the request origin in...

Joomla! Component RSComments 1.0.0 - Persistent Cross-Site Scripting

Exploit Title: Joomla Component RSComments 1.0.0 Multiple XSS Vulnerabilities Date: 18 May 2010 Author: jdc Software Link: http://www.rsjoomla.com Version: 1.0.0 Tested on: PHP5, MySQL5 Name Field Persistent XSS -------------------------...

Code injection

The PL/Tcl implementation in PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21, 8.2 before 8.2.17, 8.3 before 8.3.11, 8.4 before 8.4.4, and 9.0 Beta before 9.0 Beta 2 loads Tcl code from the pltclmodules table regardless of the table's ownership and permissions, which allows remo...