16 matches found
EUVD-2005-1495
Malware in sbrugna...
Gossamer Threads Links 2.x User.CGI Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/13484/info Gossamer Threads Links is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have...
Gossamer Threads DBMan 2.0.4 DBMan Information Leakage Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/1178/info Requesting an invalid database file from a web server implementing Gossamer Threads DBMan scripts will return a CGI error message containing environmental variables to a remote user without any authorization. Th...
dbmanDefault.txt
Tunis the 31/jan/2006 bug found by Fireboy [email protected] Product affected:DBMan for Windows and Unix Product vendor: http://www.gossamer-threads.com the problem with DBman is default passwords these are default pass : admin/admin,author/author,guest/guest if the admin not change the pas...
gossamerXSS.txt
Gossamer Threads Links SQL login XSS Vulnerability Class Input Validation XSS Remote Local Published / Updated Yes Yes 04th May 2005 Vulnerable Vulnerable: Gossamer Threads Links SQL v3.0 + Links SQL 2.x + Links SQL 2.2.x + Links SQL 3.0 Not Vulnerable - Discussion Links SQL is a perl/modperl/PHP...
Gossamer Threads Links user.cgi url Parameter XSS
The remote host is running Gossamer Links, a web links management tool from Gossamer Threads and written in Perl. The installed version of Gossamer Links fails to properly sanitize user-supplied input to the 'url' parameter of the 'user.cgi' script. By leveraging this flaw, an attacker may be abl...
[SA15319] Gossamer Threads Links Script Insertion Vulnerabilities
---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...
CVE-2005-1492
Cross-site scripting XSS vulnerability in user.cgi in Gossamer Threads Links SQL 2.x and 3.0 allows remote attackers to inject arbitrary web script or HTML via the url parameter...
CVE-2005-1492
Cross-site scripting XSS vulnerability in user.cgi in Gossamer Threads Links SQL 2.x and 3.0 allows remote attackers to inject arbitrary web script or HTML via the url parameter...
CVE-2005-1492
The vulnerability CVE-2005-1492 affects Gossamer Threads’ Gossamer Links web links manager (Links SQL 2.x and 3.0) where the url parameter of user.cgi is not properly sanitized. The underlying issue is a cross-site scripting (XSS) flaw that allows an attacker to inject arbitrary web script or HTM...
Gossamer Threads Links SQL login XSS Vulnerability
Gossamer Threads Links SQL login XSS Vulnerability Class Input Validation XSS Remote Local Published / Updated Yes Yes 04th May 2005 Vulnerable Vulnerable: Gossamer Threads Links SQL v3.0 + Links SQL 2.x + Links SQL 2.2.x + Links SQL 3.0 Not Vulnerable - Discussion Links SQL is a perl/modperl/PHP...
Gossamer Threads Links 2.x - 'User.cgi' Cross-Site Scripting
source: https://www.securityfocus.com/bid/13484/info Gossamer Threads Links is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in t...
CVE-2000-0381
The Gossamer Threads DBMan db.cgi CGI script allows remote attackers to view environmental variables and setup information by referencing a non-existing database in the db parameter...
CVE-2000-0381
CVE-2000-0381 affects the Gossamer Threads DBMan DBMan CGI script (db.cgi). The vulnerability arises when a non-existent database is referenced via the db parameter, allowing remote attackers to view environment variables and setup information (server information leakage). The OpenVAS NASL entrie...
CVE-2000-0381
The Gossamer Threads DBMan db.cgi CGI script allows remote attackers to view environmental variables and setup information by referencing a non-existing database in the db parameter...
PT-2000-1324 · Gossamer Threads · Gossamer Threads Dbman
Name of the Vulnerable Software and Affected Versions: Gossamer Threads DBMan version db.cgi Description: The issue allows remote attackers to view environmental variables and setup information. This is achieved by referencing a non-existing database in the db parameter. Recommendations: For...