Flock Browser Malformed Bookmark Cross site scripting Vulnerability

Flock browser is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Santafox XSS and CSRF Vulnerabilities

Santafox is prone to cross-site scripting XSS and cross-site request forgery CSRF vulnerabilities. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

SmarterTools SmarterTrack Cross-Site Scripting Vulnerabilities

This host is running SmarterTools SmarterTrack and is prone Cross-site scripting vulnerabilities. OpenVAS Vulnerability Test $Id: gbsmartertrackmultxssvuln.nasl 5347 2017-02-19 09:15:55Z cfi $ SmarterTools SmarterTrack Cross-Site Scripting Vulnerabilities Authors: Madhuri D Copyright: Copyright c...

Wiccle Web Builder 'post_text' XSS Vulnerability

Wiccle Web Builder is prone to a cross-site scripting XSS vulnerability. Copyright C 2010 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is fre...

IOS HTTP Server Command Injection Vulnerability

A vulnerability exists in the IOS HTTP server in which HTML code inserted into dynamically-generated output, such as the output from a show buffers command, will be passed to the browser requesting the page. This HTML code could be interpreted by the client browser and potentially execute malicio...

Cross-site Scripting (XSS) Vulnerability in MAXdev

High-Tech Bridge SA Security Research Lab has discovered vulnerability in MAXdev which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in MAXdev The vulnerability exists due to input sanitation error in the "sid" parameter in modules.php. A...

Akamai Download Manager arbitrary file download & execution

------------------------------------------------------------------------ Akamai Download Manager arbitrary file download & execution ------------------------------------------------------------------------ Yorick Koster, April 2009...

Multiple Vulnerabilities in CMSimple

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in CMSimple which could be exploited to perform cross-site scripting and cross-site request forgery attacks. 1 Cross-site scripting XSS vulnerabilities in CMSimple The vulnerability exists due to input sanitation...

Cross-site Scripting (XSS) Vulnerability in Prado Portal

High-Tech Bridge SA Security Research Lab has discovered vulnerability in Prado Portal which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in Prado Portal: CVE-2010-4958 The vulnerability exists due to input sanitation error in the "page"...

Adobe Flash Player ActiveX Control navigateToURL Cross-Site Scripting (CVE-2007-6244)

Adobe Flash Player is a multimedia and application player. Flash Player runs the Shockware Flash SWF files, which contains multimedia content including vector and raster graphics, video, audio, and scripts. Flash Player is made available as a plug-in for a wide range of web browser applications...

WordPress WP-UserOnline 2.6.2插件脚本注入漏洞

BUGTRAQ ID: 41335 WordPress是一款免费的论坛Blog系统。 WordPress所使用的WP-UserOnline插件没有正确地过滤附加给安装路径后的URL的输入便在wp-content/plugins /wp-useronline/wp-useronline.php中显示给了用户，当用户查看时就会导致执行所注入的HTML和脚本代码。 WordPress WP-UserOnline 2.6.2 厂商补丁： WordPress --------- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：...

Kryn.cms 6.0 - Cross-Site Request Forgery / HTML Injection

source: https://www.securityfocus.com/bid/41229/info Kryn.cms is prone to a cross-site request-forgery vulnerability and an HTML-injection vulnerability. Exploiting these issues may allow a remote attacker to perform certain administrative actions, gain unauthorized access to the affected...

Kryn.cms 6.0 - Cross-Site Request Forgery HTML Injection

Kryn.cms 6.0 - Cross-Site Request Forgery HTML Injection source: https://www.securityfocus.com/bid/41229/info Kryn.cms is prone to a cross-site request-forgery vulnerability and an HTML-injection vulnerability. Exploiting these issues may allow a remote attacker to perform certain administrative...

Cross-site Scripting (XSS) Vulnerability in CompactCMS

High-Tech Bridge SA Security Research Lab has discovered vulnerability in CompactCMS which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in CompactCMS The vulnerability exists due to input sanitation error in the "keywords" parameter in...

Cross-site Scripting (XSS) Vulnerabilities in CruxCMS

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in CruxCMS which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in CruxCMS: CVE-2008-0700 The vulnerability exists due to input sanitation error in the "search"...

Joomla! 1.6.0 Alpha2 - Cross-Site Scripting

Joomla! 1.6.0 Alpha2 - Cross-Site Scripting Title:Joomla1.6.0-Alpha2 XSS Vulnerabilities Date: 2010-05-02 Author: mega-itec.com Software Link: http://joomlacode.org/gf/download/frsrelease/11322/45252/Joomla1.6.0-Alpha2-Full-Package.zip Version: 1.6.0-alpha2 Tested on: relevant os CVE : Code :...

Profi Einzelgebots Auktions System Cross Site Scripting

x Author: Andrea Bocchetti x Homepage : www.geekit.it // Software Info Name : Profi Einzelgebots Auktions System Demo : http://hiweb-wiesbaden.de/hammerdealv3/ Price : 399.99 Exploit : http://www.site.com/hammerdealv3/suche.php This script is possibly vulnerable to Cross Site Scripting XSS attack...

leaftec cms multiple vulnerabilities

Exploit for php platform in category web applications ==================================== leaftec cms multiple vulnerabilities ==================================== Exploit Title: leaftec cms multiple vulnerabilities Date: 21.03.2010 Author: Valentin Version: Tested on: Debian etch CVE : Code : :...

leaftec CMS - Multiple Vulnerabilities

Exploit Title: leaftec cms multiple vulnerabilities Date: 21.03.2010 Author: Valentin Höbel Version: Tested on: Debian etch CVE : Code : :: General information :: leaftec cms multiple vulnerabilities discovered :: by Valentin Höbel :: [email protected] :: Product information :: Name = leafte...

Mozilla Firefox 3.6 (memory corruption) Denial Of Service

Exploit for unknown platform in category dos / poc ========================================================= Mozilla Firefox 3.6 memory corruption Denial Of Service ========================================================= - Discovered by: Crux - Exploit name: Mozilla Firefox 3.6 memory corruptio...