October CMS Cross Site Scripting

Exploit Title: October CMS Stored Code Injection Date: 16-02-2018 Exploit Author: Samrat Das Contact: http://twitter.com/SamratDas93 Website: https://securitywarrior9.blogspot.in/ Vendor Homepage: https://octobercms.com/ Version: All versions till date from 1.0.431 CVE : CVE- 2018-7198 Category:...

CVE-2005-1619

Multiple cross-site scripting XSS vulnerabilities in 1 startpage.css.php3 aka start-page.css.php3 or 2 style.css.php3 in PHPMyChat 0.14.5 allow remote attackers to inject arbitrary web script or HTML commands via the FontName parameter. NOTE: it was later reported that 0.14.5 is also affected...

Aladdin eSafe Gateway Script-filtering Bypass through HTML tags

29 May 2001 This is the second of 3 sequential advisories we are issuing regarding Aladdin eSafe Gateway. Product Background --------------------------- eSafe Gateway is an Internet Content Security product. You can configure eSafe Gateway to remove scripts VBScripts, JavaScripts and other...

icq.greeting-card.txt

Hi, I don't know if this has been reported before. ICQ's Greeting Card service allow you to send message with HTML commands so you can crash target computer or run script codes. If you write this in message box target computer should be crash in 3 seconds. Meliksah Ozoral [email protected]...