Fofou Forums Cross Site Scripting

Exploit Title: Permanent XSS and Html Code Injection in the Fofou Forums Google Dork: intext:Powered by fofou Date: 15.08.2011 Author: Sony Software Link: http://blog.kowalczyk.info/software/fofou/index.html Version: all version...

FreeBSD : bugzilla -- multiple vulnerabilities (dc8741b9-c5d5-11e0-8a8e-00151735203a)

A Bugzilla Security Advisory reports : The following security issues have been discovered in Bugzilla : - Internet Explorer 8 and older, and Safari before 5.0.6 do content sniffing when viewing a patch in 'Raw Unified' mode, which could trigger a cross-site scripting attack due to the execution o...

Safenet Sentinel and 7-T Input Sanitization Vulnerability

Overview ICS-CERT originally released advisory ICSA-11-314-01P on the US-CERT secure portal on November 14, 2011. This web page release was delayed to allow users time to download and install the update. Security researcher Carlos Mario Penagos Hollman of Synapse-labs has identified an input...

Digital Scribe Multiple Cross Site Scripting Vulnerabilities

Digital Scribe is prone to multiple cross site scripting vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Digital Scribe 1.5 Cross Site Scripting

25: 26: 27: Title:" SIZE=4 Mr., Mrs., etc 28: 29: Last Name:" 30: Password: 31: 32: Password Again: 33: 34: E-Mail:INPUT TYPE=TEXT NAME=e...

Digital Scribe 1.5 - register_form() Multiple POST Cross-Site Scripting Vulnerabilities

Digital Scribe 1.5 - registerform Multiple POST Cross-Site Scripting Vulnerabilities 25: 26: 27: Title:" SIZE=4 Mr., Mrs., etc 28: 29: Last Name:" 30: Password: 31: 32: Password Again: 33: 34: E-Mail:INP...

Digital Scribe 1.5 (register_form()) Multiple POST XSS Vulnerabilities

Summary The Digital Scribe is a free, intuitive system designed to help teachers put student work and homework assignments online. Description Digital Scribe suffers from multiple POST XSS vulnerabilities. Input thru the POST parameters 'title', 'last' and 'email' in register.php is not sanitized...

Digital Scribe 1.5 - register_form()' Multiple POST Cross-Site Scripting Vulnerabilities

25: 26: 27: Title:" SIZE=4 Mr., Mrs., etc 28: 29: Last Name:" 30: Password: 31: 32: Password Again: 33: 34: E-Mail:INPUT TYPE=TEXT NAME=email SIZE=34 VALUE=?php echo $POS...

GBook PHP Guestbook 1.7 Cross Site Scripting

Vulnerability ID: HTB23028 Reference: http://www.htbridge.ch/advisory/multiplexssingbookphpguestbook.html Product: GBook PHP guestbook Vendor: PHPJunkyar http://www.phpjunkyard.com Vulnerable Version: 1.7 and probably prior Tested on: 1.7 Vendor Notification: 06 July 2011 Vulnerability Type: XSS...

Joomla! CMS Multiple Cross Site Scripting Vulnerabilities - July 2011

This host is running Joomla and is prone to multiple cross site scripting vulnerabilities. OpenVAS Vulnerability Test $Id: secpodjoomlamultxssvulnjul11.nasl 5840 2017-04-03 12:02:24Z cfi $ Joomla! CMS Multiple Cross Site Scripting Vulnerabilities - July 2011 Authors: Sooraj KS Copyright: Copyrigh...

Cybozu Garoon 2.0.0 - 2.1.3 XSS Vulnerability

Cybozu Garoon is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:cybozu:garoon...

Cross-site Scripting (XSS) Vulnerability in Tiki Wiki CMS Groupware

High-Tech Bridge SA Security Research Lab has discovered vulnerability in Tiki Wiki CMS Groupware, which can be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in Tiki Wiki CMS Groupware Input passed via the GET "ajax" parameter to snarfajax.php is not...

OPEN IT OverLook 'title.php' Cross Site Scripting Vulnerability

OverLook is prone to a cross-site scripting vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:openit:overlook";...

Cross-site Scripting (XSS) Vulnerabilities in PHP Calendar Basic

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in PHP Calendar Basic which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerabilities in PHP Calendar Basic 1.1 The vulnerability exists due to input sanitation errors in...

Seo Panel Multiple Cross-site Scripting (XSS) Vulnerabilities

Seo Panel is prone to multiple Cross- site scripting vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ariadne 2.7.4 Cross Site Request Forgery

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 + Support e-mail :...

ZenPhoto 1.4.0.3 - x-forwarded-for HTTP Header Persistent Cross-Site Scripting

Exploit Title: ZenPhoto 1.4.0.3 patched 2011-4-19 x-forwarded-for HTTP Header presisitent XSS Date: 21-4-2011 Author: Saif El-Sherei Software Link: http://zenphoto.googlecode.com/files/zenphoto-1.4.0.3.zip Version: 1.4.0.3 latest updated 2011-4-19 Tested on:FF 3.0.15, IE 8 Info: Zenphoto is an...

Cross-site Scripting (XSS) Vulnerability in AJAX Calendar

High-Tech Bridge SA Security Research Lab has discovered vulnerability in AJAX Calendar which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in AJAX Calendar The vulnerability exists due to input sanitation error in the "y" parameter in...

Cross-site Scripting (XSS) Vulnerability in BackupPC

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in BackupPC which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerabilities in BackupPC The vulnerability exists due to input sanitation error in multiple parameters in...

AR Web Content Manager (AWCM) 'search.php' Cross Site Scripting Vulnerability

AR Web Content Manager AWCM is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...