Joomla_1.6.0-Alpha2 XSS Vulnerabilities

No description provided by source. Title:Joomla1.6.0-Alpha2 XSS Vulnerabilities Date: 2010-05-02 Author: mega-itec.com Software Link: http://joomlacode.org/gf/download/frsrelease/11322/45252/Joomla1.6.0-Alpha2-Full-Package.zip Version: 1.6.0-alpha2 Tested on: relevant os CVE : Code :...

DoceboLMS 4.0.4 - Multiple Stored XSS Vulnerabilities

No description provided by source. !-- DoceboLMS 4.0.4 Multiple Stored XSS Vulnerabilities Vendor: Docebo Product web page: http://www.docebo.org Affected version: 4.0.4 CE Summary: DoceboLMS is a SCORM compliant Open Source e-Learning platform used in corporate, government and education markets...

OpenBB 1.0.x member.php Multiple Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/10214/info It has been reported that OpenBB is affected by multiple input validation vulnerabilities. These issues are due to a failure of the application to properly sanitize user supplied user input. The SQL issues may...

MTP Poll 1.0 - Multiple XSS Vulnerabilities

No description provided by source. ?!-- MTP Poll 1.0 Multiple Remote Script Insertion Vulnerabilities Vendor: MTP Scripts Product web page: http://www.morephp.net Affected version: 1.0 Summary: More than poll is a polling system with a powerful administration tool. It features: multiple pools,...

Basit 1.0 Submit Module Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7139/info A cross-site scripting vulnerability has been reported for Basit. This vulnerability occurs due to insufficient sanitization of some user-supplied input. As a result of this deficiency an attacker may exploit th...

Mango Blog 1.4.1 'archives.cfm/search' Cross Site Scripting Vulnerability

No description provided by source. !/usr/bin/env python coding: utf-8 from pocsuite.net import req from pocsuite.poc import POCBase, Output from pocsuite.utils import register class TestPOCPOCBase: vulID = 'SSV-87080' vul ID version = '1' author = 'fenghh' vulDate = '2010-03-03' createDate =...

KDE Konqueror <= 3.5.7 Assert Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/25170/info KDE Konqueror is prone to a remote denial-of-service vulnerability because it fails to handle improperly formated HTML code. An attacker may exploit this vulnerability to cause Konqueror to crash, resulting in...

Pluck CMS 4.7 - HTML Code Injection

No description provided by source. Exploit Title: Pluck CMS CSRF - Injecting malicious contents to pagess Date: 2013 4 August Exploit Author: Yashar shahinzadeh Credit goes for: http://y-shahinzadeh.ir & ha.cker.ir Vendor Homepage: http://www.pluck-cms.org/ Tested on: Linux & Windows, PHP 5.2.9...

AldWeb MiniPortail 1.9/2.x LNG Parameter Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8504/info cross-site scripting vulnerability has been reported for miniPortail. The vulnerability exists due to insufficient sanitization of some user-supplied values. Specifically, malicious HTML code is not sanitized fr...

Fastream NetFile 6.0.3 .588 Error Message Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8908/info It has been reported that a cross-site scripting vulnerability may exist in NetFile that may allow remote attackers to execute HTML or script code in a user's browser. The issue is reported to occur due to a 404...

Microsoft Internet Explorer 6.0 Search Pane URI Obfuscation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/11851/info A remote URI obfuscation vulnerability has been found in Internet Explorer's search pane functionality. This issue is due to a failure of the application to present the URI address of HTML and script code loade...

GuppY 2.4 Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8768/info GuppY is reported to be prone to a cross-site scripting vulnerability due to insufficient sanitization of user-supplied input. The problem exists in the postguest module of the software. This issue may allow a...

PHP ManualMaker 1.0 - Multiple Input Validation Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/18244/info PHP ManualMaker is prone to multiple input-validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these issues to...

GigPress 2.1.10 Wordpress Plugin Stored XSS Vulnerability

No description provided by source. Exploit Title: GigPress 2.1.10 wordpress plugin Stored XSS Date: 21-2-2011 Author: Saif El-Sherei Version: GigPress 2.1.10, WordPress 3.0.5 Tested on: FireFox 3.6.13, IE 8 Vendor Response: plugin Author released an update to fix this issue Info: GigPress is a...

Zwiki 0.10/0.36.2 Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/11745/info It is reported that Zwiki is susceptible to a cross-site scripting vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied URI input prior to including it in dynamic...

Basit 1.0 Search Module Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7142/info A cross-site scripting vulnerability has been reported for Basit. This vulnerability occurs due to insufficient sanitization of some user-supplied input. As a result of this deficiency an attacker may exploit th...

SimpleGallery 0.1.3 Index.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/26585/info SimpleGallery is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue allows attackers to execute arbitrary HTML or script code in a...

PHP-Nuke 6.x/7.x Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/12561/info It is reported that PHP-Nuke is affected by various cross-site scripting vulnerabilities. These issues are due to a failure of the application to properly sanitize user-supplied URI input. These issues could...

Bajie HTTP Server 0.95 Example Scripts And Servlets Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8841/info Demonstration scripts and servlets that are distributed as part of Bajie HTTP Server have been reported prone to multiple cross-site scripting vulnerabilities. It has been reported that a remote attacker may...

Microsoft Internet Explorer 6.0 IFRAME Status Bar URI Obfuscation Weakness

No description provided by source. source: http://www.securityfocus.com/bid/11590/info Microsoft Internet Explorer is reported prone to a URI obfuscation weakness. This issue may be leveraged by an attacker to display false information in the status bar of an unsuspecting user, allowing an attack...