1007 matches found
Miro Broadcast Machine 0.9.9 Login.PHP Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/26407/info Miro Broadcast Machine is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue allows attackers to execute arbitrary HTML or script...
PHP-Nuke 6.x/7.x Multiple Cross-Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/12561/info It is reported that PHP-Nuke is affected by various cross-site scripting vulnerabilities. These issues are due to a failure of the application to properly sanitize user-supplied URI input. These issues could...
Bajie HTTP Server 0.95 Example Scripts And Servlets Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8841/info Demonstration scripts and servlets that are distributed as part of Bajie HTTP Server have been reported prone to multiple cross-site scripting vulnerabilities. It has been reported that a remote attacker may...
Microsoft Internet Explorer 6.0 IFRAME Status Bar URI Obfuscation Weakness
No description provided by source. source: http://www.securityfocus.com/bid/11590/info Microsoft Internet Explorer is reported prone to a URI obfuscation weakness. This issue may be leveraged by an attacker to display false information in the status bar of an unsuspecting user, allowing an attack...
Gitweb <= 1.7.3.3 - Cross Site Scripting
No description provided by source. -8 Description 8- Cross-site scripting XSS vulnerability in Gitweb 1.7.3.3 and previous versions allows remote attackers to inject arbitrary web script or HTML code via f and fp variables. -8 Proof Of Concept 8-...
cPanel 5/6/7/8/9 dir Parameter Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/9853/info It has been reported that cPanel may be prone to a cross-site scripting vulnerability that may allow a remote attacker to execute HTML or script code in a user's browser. The issue presents itself due to...
Escapade 0.2.1 Beta Scripting Engine PAGE Parameter Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8573/info A cross-site scripting vulnerability has been reported for Escapade. The vulnerability exists due to insufficient sanitization of some user-supplied values. An attacker could exploit this issue to execute...
Digital Scribe 1.5 (register_form()) Multiple POST XSS Vulnerabilities
No description provided by source. !-- Digital Scribe 1.5 registerform Multiple POST XSS Vulnerabilities Vendor: Digital Scribe Product web page: http://www.digital-scribe.org Affected version: 1.5 Summary: The Digital Scribe is a free, intuitive system designed to help teachers put student work...
Micronet SP1910 Data Access Controller UI XSS & HTML Code Injection
Exploit: XSS & Html code injection in Micronet SP1910 data access controller UI Date: 27-11-2009 Author: K053 Vendor: http://www.micronet.info/modeldetail.aspx?seriesno=6&sno=472 Tested on : Private Networks ------------------------------------------------------------------------------------ Note...
Mambo Open Source 4.5 index.php Multiple Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/9890/info It has been reported that the Mambo 'index.php' script is prone to a cross-site scripting vulnerability. This issue is due to a failure of the application to properly validate user supplied URI input. This issue...
Centrinity FirstClass HTTP Server 5/7 TargetName Parameter Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/9950/info It has been reported that FirstClass HTTP Server may be prone to a cross-site scripting vulnerability that may allow a remote attacker to execute arbitrary HTML or script code in a user's browser. The issue...
OpenBB 1.0 .0 RC3 BBCode Cross Agent HTML Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/4819/info OpenBB is web forum software written in PHP. It will run on most Linux and Unix variants, in addition to Microsoft Windows operating systems. OpenBB is reportedly vulnerable to HTML injection attacks. The...
RSA ClearTrust 4.6/4.7 Login Page Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/7108/info A cross-site scripting vulnerability has been discovered in ClearTrust. Specifically, the login page for the management application is not properly sanitized of some user-supplied values. An attacker can exploit...
SHOUTcast DNAS 2.2.1 - Stored XSS Vulnerability
Exploit for php platform in category web applications Exploit Title: SHOUTcast DNAS v2.2.1 win32 XSS\HTML Injection in Song history other version may be also affected Date: 2014-06-11 Exploit Author: robercik101 Vendor Homepage: http://www.shoutcast.com/ ?t=373139 Software Link:...
SHOUTcast DNAS 2.2.1 Cross Site Scripting
Exploit Title: SHOUTcast DNAS v2.2.1 win32 XSS\HTML Injection in Song history other version may be also affected Date: 2014-06-11 Exploit Author: robercik101 Vendor Homepage: http://www.shoutcast.com/ ?t=373139 Software Link: http://forums.winamp.com/showthread.php?t=373139 Version: 2.2.1 for Win...
XSSYA - Cross Site Scripting Scanner & Vulnerability Confirmation
XSSYA work by execute the payload encoded to bypass Web Application Firewall which is the first method request and response if it respond 200 it turn to Method 2 which search that payload decoded in web page HTML code if it confirmed get the last step which is execute document.cookie to get the...
BarracudaDrive Multiple XSS Vulnerabilities -01 (Jun 2014)
BarracudaDrive is prone to multiple XSS vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Pixie CMS 1.04 Cross Site Scripting
Pixie CMS v1.04 Contact form POST XSS Vulnerabilities Vendor: Pixie CMS Product web page: http://www.getpixie.co.uk Affected version: 1.04 Severity: Medium CVE: CVE-2014-3786 Demo page: http://demo.getpixie.co.uk Discovered by: Filippos Mastrogiannis @filipposmastro & Simone Memoli @Simon90Italy...
Khan Academy: CRLF Injection
Is it possible for a remote attacker to inject custom HTTP headers. For example, an attacker can inject session cookies or HTML code. This may conduct to vulnerabilities like XSS cross-site scripting or session fixation. PoC...
Reflected Cross-Site Scripting (XSS) Vulnerability in Storesprite
High-Tech Bridge Security Research Lab discovered XSS vulnerability in Storesprite, which can be exploited to perform Cross-Site Scripting attacks. 1 Reflected Cross-Site Scripting XSS in Storesprite: CVE-2014-3737 The vulnerability exists due to insufficient sanitisation of user-supplied data in...