Lucene search
K

11 matches found

seebug.org
seebug.org
added 2014/07/01 12:0 a.m.16 views

Flyspray 0.9.9 - Information Disclosure, HTML Injection, and Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/28076/info Flyspray is prone to an information-disclosure issue, an HTML-injection issue, and multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may levera...

7.1AI score
Exploits0
Cvelist
Cvelist
added 2008/03/05 11:0 p.m.20 views

CVE-2008-1165

Multiple cross-site scripting XSS vulnerabilities in Flyspray 0.9.9 through 0.9.9.4 allow remote attackers to inject arbitrary web script or HTML via 1 a forced SQL error message or 2 oldvalue and newvalue database fields in task summaries, related to the itemsummary parameter in a details action...

6.1AI score0.01022EPSS
Exploits0References3
exploitpack
exploitpack
added 2008/03/03 12:0 a.m.11 views

Flyspray 0.9.9 - Information DisclosureHTML Injection Cross-Site Scripting

Flyspray 0.9.9 - Information DisclosureHTML Injection Cross-Site Scripting source: https://www.securityfocus.com/bid/28076/info Flyspray is prone to an information-disclosure issue, an HTML-injection issue, and multiple cross-site scripting vulnerabilities because it fails to properly sanitize...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2008/03/03 12:0 a.m.12 views

Flyspray 0.9.9 - Information Disclosure/HTML Injection / Cross-Site Scripting

source: https://www.securityfocus.com/bid/28076/info Flyspray is prone to an information-disclosure issue, an HTML-injection issue, and multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues determine valid...

7AI score
Exploits0
UbuntuCve
UbuntuCve
added 2007/12/20 12:46 a.m.31 views

CVE-2007-6461

Multiple cross-site scripting XSS vulnerabilities in index.php in Flyspray 0.9.9 through 0.9.9.3 allow remote attackers to inject arbitrary web script or HTML via 1 the query string in an index action, related to the savesearch JavaScript function; and 2 the details parameter in a details action,...

4.3CVSS5.9AI score0.01056EPSS
Exploits0References1
Prion
Prion
added 2007/03/31 10:19 a.m.20 views

Authentication flaw

Flyspray 0.9.9, when outputbuffering is disabled or "set to a low value," allows remote attackers to bypass authentication via a crafted post request...

6.8CVSS7AI score0.0126EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2007/03/31 10:19 a.m.21 views

CVE-2007-1788

Flyspray 0.9.9, when outputbuffering is disabled or "set to a low value," allows remote attackers to bypass authentication via a crafted post request...

6.8CVSS6.7AI score0.0126EPSS
Exploits0References4
NVD
NVD
added 2007/03/31 10:19 a.m.15 views

CVE-2007-1789

Flyspray 0.9.9 allows remote attackers to obtain sensitive information private project summaries via direct requests...

6.8CVSS6.2AI score0.01228EPSS
Exploits0References5
Prion
Prion
added 2007/03/31 10:19 a.m.20 views

Information disclosure

Flyspray 0.9.9 allows remote attackers to obtain sensitive information private project summaries via direct requests...

6.8CVSS6.4AI score0.01228EPSS
Exploits0References5Affected Software1
UbuntuCve
UbuntuCve
added 2007/03/31 10:19 a.m.29 views

CVE-2007-1789

Flyspray 0.9.9 allows remote attackers to obtain sensitive information private project summaries via direct requests...

6.8CVSS5.9AI score0.01228EPSS
Exploits0References1
Cvelist
Cvelist
added 2007/03/31 10:0 a.m.20 views

CVE-2007-1789

Flyspray 0.9.9 allows remote attackers to obtain sensitive information private project summaries via direct requests...

6.2AI score0.01228EPSS
Exploits0References5
Rows per page
Query Builder