35 matches found
EUVD-2006-4287
Malware in sbrugna...
EUVD-2006-3146
Malware in sbrugna...
EUVD-2012-3737
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2012-3790
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cross-site scripting XSS vulnerability in index.php in Adiscon LogAnalyzer before 3.4.4 and 3.5.x before 3.5.5 allows remote attackers to inject arbitrary web...
CVE-2012-3790
Cross-site scripting XSS vulnerability in index.php in Adiscon LogAnalyzer before 3.4.4 and 3.5.x before 3.5.5 allows remote attackers to inject arbitrary web script or HTML via the highlight parameter in a Search action...
CVE-2002-1894
Cross-site scripting XSS vulnerability in viewtopic.php in phpBB 2.0.3 allows remote attackers to inject arbitrary web script or HTML via the highlight parameter...
GHSA-V3FG-X8JW-M974 Fork CMS XSS via Highlight Parameter
Cross-site scripting XSS vulnerability in backend/core/engine/base.php in Fork CMS 3.2.4 and possibly other versions before 3.2.5 allows remote attackers to inject arbitrary web script or HTML via the highlight parameter...
Fork CMS XSS via Highlight Parameter
Cross-site scripting XSS vulnerability in backend/core/engine/base.php in Fork CMS 3.2.4 and possibly other versions before 3.2.5 allows remote attackers to inject arbitrary web script or HTML via the highlight parameter...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Bitweaver 2.8.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the path info to 1 stats/index.php or 2 newsletters/edition.php or the 3 username parameter to users/remindpassword.php, 4 days parameter to...
CVE-2012-5193
Multiple cross-site scripting XSS vulnerabilities in Bitweaver 2.8.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the path info to 1 stats/index.php or 2 newsletters/edition.php or the 3 username parameter to users/remindpassword.php, 4 days parameter to...
VulnCheck KEV: CVE-2004-1315
viewtopic.php in phpBB 2.x before 2.0.11 improperly URL decodes the highlight parameter when extracting words and phrases to highlight, which allows remote attackers to execute arbitrary PHP code by double-encoding the highlight value so that special characters are inserted into the result, which...
phpBB viewtopic.php URL Decoding Code Execution - ver 2 (CVE-2004-1315)
A code injection and execution vulnerability has been reported in phpBB. The vulnerability is due to lack of input validation on the highlight parameter supplied to viewtopic.php. A remote attacker can exploit this issue by injecting malicious SQL code to the target server. Successful exploitatio...
UBUNTU-CVE-2012-3790
Cross-site scripting XSS vulnerability in index.php in Adiscon LogAnalyzer before 3.4.4 and 3.5.x before 3.5.5 allows remote attackers to inject arbitrary web script or HTML via the highlight parameter in a Search action...
CVE-2012-3790
Cross-site scripting XSS vulnerability in index.php in Adiscon LogAnalyzer before 3.4.4 and 3.5.x before 3.5.5 allows remote attackers to inject arbitrary web script or HTML via the highlight parameter in a Search action...
Cross site scripting
Cross-site scripting XSS vulnerability in index.php in Adiscon LogAnalyzer before 3.4.4 and 3.5.x before 3.5.5 allows remote attackers to inject arbitrary web script or HTML via the highlight parameter in a Search action...
CVE-2012-1209
Cross-site scripting XSS vulnerability in backend/core/engine/base.php in Fork CMS 3.2.4 and possibly other versions before 3.2.5 allows remote attackers to inject arbitrary web script or HTML via the highlight parameter...
Cross site scripting
Cross-site scripting XSS vulnerability in backend/core/engine/base.php in Fork CMS 3.2.4 and possibly other versions before 3.2.5 allows remote attackers to inject arbitrary web script or HTML via the highlight parameter...
CVE-2009-4780
Multiple cross-site scripting XSS vulnerabilities in index.php in phpMyFAQ before 2.5.5 allow remote attackers to inject arbitrary web script or HTML via 1 the lang parameter in a sitemap action, 2 the search parameter in a search action, 3 the taggingid parameter in a search action, 4 the...
phpBB viewtopic.php Arbitrary Code Execution
$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'phpBB...
Sql injection
Multiple SQL injection vulnerabilities in Bitweaver 2.0.0 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 sortmode parameter to wiki/listpages.php and the 2 highlight parameter to search/index.php. NOTE: the researcher also reported injection via JavaScript code in...