17 matches found
timetrex-xss.txt
HSC TimeTrex Time and Attendance Cookie Theft TimeTrex allows companies to track and monitor employee attendance accurately in real-time from anywhere in the world. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the...
SchoolCenter URL Handling Cross Site Scripting Vulnerability
SchoolCenter URL Handling Cross Site Scripting Vulnerability A vulnerability has been identified in SchoolCenter Software, which could be exploited to conduct cross site scripting attacks. Attackers can run arbitrary code that can be executed by the user's browser in the security context of an...
schoolcenter-xss.txt
SchoolCenter URL Handling Cross Site Scripting Vulnerability A vulnerability has been identified in SchoolCenter Software, which could be exploited to conduct cross site scripting attacks. Attackers can run arbitrary code that can be executed by the user's browser in the security context of an...
XEROX DocuShare URL XSS Injection Vulnerabilities
XEROX DocuShare URL XSS Injection Vulnerabilities Xerox DocuShare is a flexible Web-based content management solution that brings greater productivity to every knowledge worker. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...
xerox-xss.txt
XEROX DocuShare URL XSS Injection Vulnerabilities Xerox DocuShare is a flexible Web-based content management solution that brings greater productivity to every knowledge worker. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...
Simple Machines Forum Cross-Site Scripting Vulnerabilities Vulnerabilities
HSC Simple Machines Forum Cross-Site Scripting Vulnerabilities Vulnerabilities Simple Machines Forum allows attackers to exploiting this vulnerability by cross-site scripting and they will be able to obtain detailed information. This may help the attacker steal cookie-based authentication...
simple-xss.txt
HSC Simple Machines Forum Cross-Site Scripting Vulnerabilities Vulnerabilities Simple Machines Forum allows attackers to exploiting this vulnerability by cross-site scripting and they will be able to obtain detailed information. This may help the attacker steal cookie-based authentication...
iportalx-xss.txt
HSC IPortalX Forums Cross-Site Scripting Vulnerability IPortalX is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...
MySpace Scripts - Poll Creator JavaScript Injection Vulnerability
HSCMySpace Scripts - Poll Creator JavaScript Injection Vulnerability Our MySpace Poll Creator script is the ultimate addition to your MySpace resource site. The script enables your user to quickly and easily create a poll that they can post to profile or bulletin to all their friends. Everyone...
omnistar-xss.txt
HSC Omnistar Live Software Cross-Site Scripting Vulrnability Omnistar Live is web based PHP help desk software used by webmasters that combines live chat and helpdesk software in one easy to use solution. Our customer service software combines ticketed support web and email based, live chat and a...
eGov Content Manager Cross Site Scripting Vulrnability
HSC eGov Content Manager Cross Site Scripting Vulrnability The eGov Manager was designed to simplify the efforts of government staffers who are responsible for posting public documents, news updates, events, managing staff directories and online services. This issue is due to a failure in the...
boinc-xss.txt
HSC Boinc Forum Cross Site Scripting Vulrnability This issue is due to a failure in the application to properly sanitize user-supplied input. Attackers may exploit this issue via a web client. An attacker may leverage this issue to have arbitrary script code execute in the browser of an...
Invision Power Board D22-Shoutbox HTML Injections
HSC Invision Power Board D22-Shoutbox HTML Injections D22-Shoutbox suffers from improper validation of HTMl tags filtration. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site. This may help the...
sitecatalyst-xss.txt
Hackers Center Security Group http://www.hackerscenter.com/ Doz's Security Advisory Desc: SiteCatalyst Web Login Cross Site Vulrnabilities Risk: Medium Omniture, Inc aims its aperture at your Web site. The company provides Internet analytic software and services to corporate customers such as AOL...
vis.pl.txt
Hackers Center Security Group http://www.hackerscenter.com/ spher3's Security Advisory Multiple transversal bug in vis.pl -------------------------------------------------------------------------- Description: Vis.pl is a perl script which manages files in order to show these; you can find it in...
cartWIZxss.txt
Hackers Center Security Group http://www.hackerscenter.com/ Zinho's Security Advisory Desc: XSS in CartWIZ Risk: Medium Cookie stealing store/viewCart.asp?message=%3Cplaintext%3E allows anyone to retrieve cookie and take control over the account. I noticed there are also some unchecked input when...
[HSC Security Group] MaxWebPortal - Multiple SQL injection/XSS
Hackers Center Security Group http://www.hackerscenter.com/ Zinho's Security Advisory Desc: Maxwebportal 1.3.5 and prior Risk: High MaxWebPortal is probably the most spread ASP based web portal script. I've found multiple XSS and Sql injection that could easily lead to password strealing or porta...