EUVD-2004-1588

Malware in sbrugna...

FuseTalk 3.2/4.0 - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/42157/info FuseTalk is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...

FuseTalk 4.0 - AuthError.cfm Multiple Cross-Site Scripting Vulnerabilities

FuseTalk 4.0 - AuthError.cfm Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/24564/info FuseTalk is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied input. An attacker can exploit...

FuseTalk 4.0 - blogincludecommoncomfinish.cfm?FTVAR_SCRIPTRUN Cross-Site Scripting

FuseTalk 4.0 - blogincludecommoncomfinish.cfm?FTVARSCRIPTRUN Cross-Site Scripting source: https://www.securityfocus.com/bid/24563/info FuseTalk is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied input. An attacker can...

FuseTalk 4.0 - 'AuthError.cfm' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/24564/info FuseTalk is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied input. An attacker can exploit these issues to steal cookie-based authentication credentials and launch othe...

FuseTalk 4.0 - 'forum/include/common/comfinish.cfm?FTVAR_SCRIPTRUN' Cross-Site Scripting

source: https://www.securityfocus.com/bid/24563/info FuseTalk is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied input. An attacker can exploit these issues to steal cookie-based authentication credentials and launch othe...

CVE-2004-1994

FuseTalk 4.0 allows remote attackers to ban other users via a direct request to banning.cfm...

CVE-2004-1994

FuseTalk 4.0 contains a vulnerability where remote attackers can ban other users by making a direct request to banning.cfm. The description confirms network-attack feasibility with partial availability impact but provides no specific exploit details, affected versions, root-cause analysis, or rem...

CVE-2004-1594

Cross-site scripting XSS vulnerability in FuseTalk 4.0 allows remote attackers to execute arbitrary web script via an img src tag...

CVE-2004-1594

CVE-2004-1594 is an XSS vulnerability in FuseTalk 4.0 where an attacker can trigger arbitrary script execution via an image tag (img src). Public references (NVD/NIST, CVSS 2.0 base score 4.3) corroborate a web context with no authentication required and partial integrity impact. A Nessus NASL en...