6 matches found
FLV Players 8 player.php url Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/18954/info FLV Player is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code...
CVE-2006-3625
FLV Players 8 allows remote attackers to obtain sensitive information via 1 a direct request to paginate.php or 2 an invalid p parameter to player.php, which reveal the path in an error message...
CVE-2006-3624
Multiple cross-site scripting XSS vulnerabilities in FLV Players 8 allow remote attackers to inject arbitrary web script or HTML via the url parameter to 1 player.php or 2 popup.php...
CVE-2006-3624
CVE-2006-3624 documents multiple cross-site scripting (XSS) vulnerabilities in FLV Players 8 . The issue is triggered by the url parameter to either player.php or popup.php , allowing remote injection of arbitrary script/HTML. NVD reports a CVSSv2 base score of 4.3 (MEDIUM) with network attack ve...
CVE-2006-3624
Multiple cross-site scripting XSS vulnerabilities in FLV Players 8 allow remote attackers to inject arbitrary web script or HTML via the url parameter to 1 player.php or 2 popup.php...
FLVPlayer8.txt
Produce : FLV Players 8 Website : http://www.videospark.com + Fullpath Disclosure : 1 http://localhost/flv8/paginate.php Fatal error: Class simplepagemaker: Cannot inherit from undefined class object in /var/www/zero/httpdocs/flv8/paginate.php on line 45 2...