A Forms 1.4.0 - a-forms.php a_form_shortcode Function Multiple Parameter XSS

The A Forms WordPress plugin was affected by an a-forms.php aformshortcode Function Multiple Parameter XSS security vulnerability...

A Forms 1.4.0 - a-forms.php a_form_section_page Function message Parameter XSS

The A Forms WordPress plugin was affected by a a-forms.php aformsectionpage Function message Parameter XSS security vulnerability...

Easy Contact Forms Export 1.1.0 - Information Disclosure

The easy-contact-forms-exporter WordPress plugin was affected by an Information Disclosure security vulnerability...

WordPress Infusionsoft Gravity Forms Add-on Plugin <= 1.5.6 - XSS

This plugin is prone to a cross site scripting vulnerability. Solution Update the plugin...

CVE-2014-5022

Cross-site scripting XSS vulnerability in the Ajax system in Drupal 7.x before 7.29 allows remote attackers to inject arbitrary web script or HTML via vectors involving forms with an Ajax-enabled textfield and a file field...

UBUNTU-CVE-2014-5022

Cross-site scripting XSS vulnerability in the Ajax system in Drupal 7.x before 7.29 allows remote attackers to inject arbitrary web script or HTML via vectors involving forms with an Ajax-enabled textfield and a file field...

CVE-2014-4599

Multiple cross-site scripting XSS vulnerabilities in forms/search.php in the WP-Business Directory wp-ttisbdir plugin 1.0.2 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 edit, 2 searchterm, 3 pageid, 4 page, or 5 pagelinks parameter...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in forms/search.php in the WP-Business Directory wp-ttisbdir plugin 1.0.2 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 edit, 2 searchterm, 3 pageid, 4 page, or 5 pagelinks parameter...

Kloxo-MR 6.5.0 - CSRF Vulnerability

No description provided by source. Exploit Title :Kloxo-MR 6.5.0 CSRF Vulnerability Vendor Homepage :https://github.com/mustafaramadhan/kloxo/tree/dev Version :Kloxo-MR 6.5.0.f-2014020301 Tested on :Centos 6.4 Exploit Author :Necmettin COSKUN =@babayarisi Blog :http://www.ncoskun.com...

IBM Forms Viewer - Unicode Buffer Overflow

No description provided by source. This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'rexml/document' class Metasploit3 Msf::Exploit::Remote Rank = NormalRanking include REXML include...

XAMPP <= 1.7.3 multiple vulnerabilites

No description provided by source. / / / / / // | / // \ | / / / / / /// / / / / / / / // / / / |/ / // / , / / // / / / / / //// //|///||/,/ / /// Live by the byte |// Members: Pr0T3cT10n -=M.o.B.=- TheLeader Sro Debug Contact: [email protected] -----------------------------------...

CGIScript.NET csMailto Hidden Form Field Remote Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/4579/info CGIScript.NET csMailto is a Perl script designed to support multiple mailto: forms. A vulnerability has been reported in some versions of this script. Reportedly, configuration values used by the script are...

Wordpress Easy Contact Forms Export Plugin 1.1.0 Information Disclosure Vulnerability

No description provided by source. Description : Wordpress Plugins - Easy Contact Forms Export Information Disclosure Vulnerability Version : 1.1.0 Link : http://wordpress.org/extend/easy-contact-forms-exporter/ Plugins : http://downloads.wordpress.org/plugin/easy-contact-forms-exporter.zip Date ...

IBM OmniFind CSRF Vulnerability

No description provided by source. The forms in the administrator interface are not protected against XSRF. The attacker can do any action in the context of the victim. An example attack scenario could be: The attacker creates a malicious website with a prepared form to add a new user, which will...

SourceBans 1.4.7 XSS Vulnerability

No description provided by source. Exploit Title: SourceBans Version 1.4.7 XSS Google Dork: inurl:sourcebans/index.php?p=submit Date: Feb. 9th 2011 Author: Sw1tCh Software Link: http://www.sourcebans.net/ Version: 1.4.7 Info: SourceBans is an application for managing publicly the banned users for...

Oracle Forms 10g/ 6i/9i/4.5.10/5.0/6.0.8 Services Unauthorized Form Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/14319/info Oracle Forms Services is susceptible to an unauthorized form execution vulnerability. Attackers may exploit this vulnerability to execute arbitrary commands with the privileges of the Oracle account under which...

Joomla Component n-forms 1.01 - Blind SQL Injection Exploit

No description provided by source. !/usr/bin/perl use LWP::UserAgent; use Getopt::Long; if!$ARGV1 print \n; print \n; print Mambot Component n-forms Blind SQL Injection Exploit \n; print Author:The Moorish :D \n; print Greetz:Team-dz,His0k4,x.CJP.x,Kader11000,c02,piRAte DIgitAL\n; print...

WordPress MM Forms Community plugin <= 1.2.3 - SQL Injection Vulnerability

No description provided by source. Exploit Title: WordPress MM Forms Community plugin = 1.2.3 SQL Injection Vulnerability Date: 2011-08-26 Author: Miroslav Stampar miroslav.stamparatgmail.com @stamparm Software Link: http://downloads.wordpress.org/plugin/mm-forms-community.zip Version: 1.2.3 test...

Jenkins 1.523 - Inject Persistent HTML Code

No description provided by source. 01. Advisory Information Title: Default markup formatter permits offsite-bound forms Date published : 2013-12-16 Date of last update: 2013-12-16 Vendors contacted : Jenkins CI v 1.523 Discovered by: Christian Catalano Severity: Low 02. Vulnerability Information...

SpagoBI 4.0 - Persistent HTML Script Insertion

No description provided by source. 01. Advisory Information Title: Persistent HTML Script Insertion permits offsite-bound forms Date published: 2014-03-01 Date of last update: 2014-03-01 Vendors contacted: Engineering Group Discovered by: Christian Catalano Severity: Medium 02. Vulnerability...