570 matches found
The Gemini Portal 4.7 - Insecure Cookie Handling
The Gemini Portal 4.7 - Insecure Cookie Handling -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- The Gemini Portal eNYe-Sec - www.enye-sec.org Program description by the author website Bug Exploit Note: POST is not checked and you can enter all by GET. Also you can create a simp...
The Gemini Portal 4.7 - Insecure Cookie Handling
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- The Gemini Portal eNYe-Sec - www.enye-sec.org Program description by the author website Bug Exploit Note: POST is not checked and you can enter all by GET. Also you can create a simple perl script to send GET and POST packages. Fir...
The Gemini Portal 4.7 - 'lang' Remote File Inclusion
The Gemini Portal Multiple Remote File inj. version: 4.7 ---------------------------------------------------------- Discovered By: ZoRLu Date: 26.09.2008 Home: www.z0rlu.blogspot.com contact: [email protected] contact: [email protected] N0T: TUM iSLAM ALEMiNiN BAYRAMINI KUTLARIM...! N0T: YALNIZLIK,...
The Gemini Portal 4.7 - lang Remote File Inclusion
The Gemini Portal 4.7 - lang Remote File Inclusion The Gemini Portal Multiple Remote File inj. version: 4.7 ---------------------------------------------------------- Discovered By: ZoRLu Date: 26.09.2008 Home: www.z0rlu.blogspot.com contact: [email protected] contact: [email protected] N0T: TUM iSLA...
The Gemini Portal (lang) Remote File Inclusion Vulnerabilities
Exploit for unknown platform in category web applications ============================================================== The Gemini Portal lang Remote File Inclusion Vulnerabilities ============================================================== The Gemini Portal Multiple Remote File inj. version:...
Cross site scripting
Cross-site scripting XSS vulnerability in issue/createissue.aspx in Gemini 2.0 allows remote attackers to inject arbitrary web script or HTML via the rtcDescription$RadEditor1 field. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2006-1239
Cross-site scripting XSS vulnerability in issue/createissue.aspx in Gemini 2.0 allows remote attackers to inject arbitrary web script or HTML via the rtcDescription$RadEditor1 field. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2006-1239
The CVE-2006-1239 entry describes a Cross-site scripting (XSS) vulnerability in Gemini 2.0, specifically in issue/createissue.aspx where an attacker can inject arbitrary script via the rtcDescription$RadEditor1 field. The issue is confirmed by NVD data with a CVSSv2 base score of 4.3 (MEDIUM) and...
CVE-2006-1239
Cross-site scripting XSS vulnerability in issue/createissue.aspx in Gemini 2.0 allows remote attackers to inject arbitrary web script or HTML via the rtcDescription$RadEditor1 field. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
[SA19049] Gemini "rtcDescription$RadEditor1" Script Insertion Vulnerability
TITLE: Gemini "rtcDescription$RadEditor1" Script Insertion Vulnerability SECUNIA ADVISORY ID: SA19049 VERIFY ADVISORY: http://secunia.com/advisories/19049/ CRITICAL: Moderately critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: Gemini 2.x http://secunia.com/product/8406/...