Snitz Forums 2000 post.asp type Parameter XSS

The remote host is running Snitz Forums 2000, a web-based electronic forum written in ASP. The version of Snitz Forums 2000 installed on the remote host fails to sanitize the 'type' parameter before using it in the 'post.asp' script to generate dynamic content. By leveraging this flaw, an attacke...

phpBB 2.0.19 - Cross-Site Scripting Remote Cookie Disclosure

to be used with cookie stealer located here: http://www.milw0rm.com/id.php?id=1103 https://www.exploit-db.com/exploits/1103/ Make sure you change www.milw0rm.com to your domain. thnx. /str0ke Author: threesixthousan / As long as html is ON in the latest version of phpBB forums, several XSS attack...

ASPThai Forums 8.0 - 'login.asp' SQL Injection

source: https://www.securityfocus.com/bid/16404/info ASPThai Forums is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could allow an attacker to compromise...

ASPThai Forums 8.0 - login.asp SQL Injection

ASPThai Forums 8.0 - login.asp SQL Injection source: https://www.securityfocus.com/bid/16404/info ASPThai Forums is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful...

Cross site scripting

Cross-site scripting XSS vulnerability in searchform.asp in Web Wiz Forums 6.34 allows remote attackers to inject arbitrary web script or HTML via the search parameter...

CVE-2006-0175

Cross-site scripting XSS vulnerability in searchform.asp in Web Wiz Forums 6.34 allows remote attackers to inject arbitrary web script or HTML via the search parameter...

CVE-2005-4646

Technical details about CVE-2005-4646 are not provided in the given documents; no affected product, version, or remediation is specified. Monitor for updates.

CVE-2006-0175

Cross-site scripting XSS vulnerability in searchform.asp in Web Wiz Forums 6.34 allows remote attackers to inject arbitrary web script or HTML via the search parameter...

CVE-2005-4647

Multiple SQL injection vulnerabilities in PEARLINGER Pearl Forums 2.4 allow remote attackers to execute arbitrary SQL commands via the 1 forumsId and 2 topicId parameters in index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party informatio...

CVE-2005-4647

CVE-2005-4647 affects PEARLINGER Pearl Forums 2.4. the vulnerability is an SQL injection in index.php via the forumsId and topicId parameters. root cause: insufficient input sanitization allows remote attackers to craft SQL commands. Impact per available data: partial confidentiality, integrity, ...

CVE-2006-0175

CVE-2006-0175 is an XSS in Web Wiz Forums 6.34 where the search parameter processed by search_form.asp can inject arbitrary script/HTML. Affected component: the search parameter handling in Web Wiz Forums 6.34. Exploitation details in the connected sources are limited to a remote attacker inducin...

CVE-2005-4646

Unspecified vulnerability in index.php in PEARLINGER Pearl Forums 2.4 allows remote attackers to include arbitrary files via the mode parameter, possibly due to a directory traversal vulnerability. NOTE: the provenance of this information is unknown; the details are obtained solely from third par...

[Full-disclosure] Advisory:XSS vulnerability on WebWiz Forums <= 6.34 (search_form.asp)

--Security Report-- Advisory:XSS vulnerability on WebWiz Forums = 6.34 searchform.asp --- Date: 08/01/06 07:19 PM --- Contacts: ICQ: 10072 MSN/Email: [email protected] Web: http://www.nukedx.com --- About: Via this method the WebWiz Forums = 6.34 are being subjected to an attack namely XSS attack...

webwiz634.txt

--Security Report-- Advisory:XSS vulnerability on WebWiz Forums = 7.01 Regards, From the NWPX team, nuker a.k.a nukedx...

WebWiz Forums - Search_form.asp Cross-Site Scripting

WebWiz Forums - Searchform.asp Cross-Site Scripting source: https://www.securityfocus.com/bid/16196/info WebWiz Forums is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue ...

WebWiz Forums - 'Search_form.asp' Cross-Site Scripting

source: https://www.securityfocus.com/bid/16196/info WebWiz Forums is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browse...

CVE-2005-4646

Unspecified vulnerability in index.php in PEARLINGER Pearl Forums 2.4 allows remote attackers to include arbitrary files via the mode parameter, possibly due to a directory traversal vulnerability. NOTE: the provenance of this information is unknown; the details are obtained solely from third par...

CVE-2005-4647

Multiple SQL injection vulnerabilities in PEARLINGER Pearl Forums 2.4 allow remote attackers to execute arbitrary SQL commands via the 1 forumsId and 2 topicId parameters in index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party informatio...

CVE-2005-4485

Multiple cross-site scripting XSS vulnerabilities in ProjectApp 3.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the keywords parameter to 1 forums.asp, 2 searchemployees.asp, 3 cat.asp, and 4 links.asp; 5 projectid parameter to pmprojects.asp, 6 retpage parameter...

CVE-2005-4030

SQL injection vulnerability in Quicksilver Forums before 1.5.1 allows remote attackers to execute arbitrary SQL commands via the HTTPUSERAGENT header...