bitcomet-xss.txt

The program is vulnerable to attacks of the kind xss the parameter "about:" scripts without authorization in the example that I am presenting is a page that runs a while with a msgbox infinity. Create an html file and paste the following code while1alert"Juan Pablo Lopez Yacubian""...

Microsoft Internet Explorer page content spoofing

Crossite scripting in res://ieframe.dll/navcancl.htmhttp://www.site.com page allows to inject HTML code into page...

[Full-disclosure] DotNetNuke HTML Code Injection

Security Advisory: VULN20-09-2006 - http://www.secureshapes.com/advisories/vuln20-09-2006.htm Vendor Security Bulletin: http://dotnetnuke.com/About/WhatIsDotNetNuke/SecurityPolicy/SecurityBulletin no3/tabid/990/Default.aspx DotNetNuke - HTML Code Injection Vulnerability Date: 20/09/2006 Severity:...

FreeBSD : drupal -- multiple vulnerabilities (faca0843-6281-11da-8630-00123ffe8333)

Secunia reports : Some vulnerabilities have been reported in Drupal, which can be exploited by malicious people to bypass certain security restrictions, and conduct script insertion and HTTP response splitting attacks. 1 An input validation error in the filtering of HTML code can be exploited to...

[waraxe-2006-SA#044] - XSS in phpNuke 7.8 and older versions

================================================================================ waraxe-2006-SA044 ================================================================================ XSS in phpNuke 7.8 and older versions ===============================================================================...

MyBB-sig.txt

NightWarrior nightwarrior771athotmail.com MyBB Signature HTML Code Injection http://www.mybboard.com/ example: Contact :nightwarrior771athotmail.com NightWarrior...

ldu-inject.txt

NightWarrior nightwarrior771athotmail.com Land Down Under Signature HTML Code Injection http://www.neocrome.net example: BODY background-image: url'http://www.geocities.com/nightwarrior771/blank.jpeg'; Contact :nightwarrior771athotmail.com NightWarrior...

Land Down Under Signature HTML Code Injection

NightWarriorKurdish Hacker nightwarrior771athotmail.com Land Down Under Signature HTML Code Injection http://www.neocrome.net example: STYLE =text/cssBODY background-image: url'http://www.geocities.com/nightwarrior771/blank.jpeg'; /STYLE Contact :nightwarrior771athotmail.com NightWarriorKurdihs...

XMB Forum HTML Code Injection

NightWarriorKurdish Hacker nightwarrior771athotmail.com XMB Forum HTML Code Injection http://www.xmbforum.com/ Post This Code: img src=javascript:alert'XSS' Contact :nightwarrior771athotmail.com NightWarriorKurdihs Hacker...

MyBB Signature HTML Code Injection

NightWarriorKurdish Hacker nightwarrior771athotmail.com MyBB Signature HTML Code Injection http://www.mybboard.com/ example: img src=&106&97&118&97&115&99&114&105&112&116&58&97&108&101&114&116&40&39&88&83&83&39&41 Contact :nightwarrior771athotmail.com NightWarriorKurdihs Hacker...

bluecoat7111.txt

Blue Coat Reporter 7.1.1.1 - multiple remote vulnerabilities ============================================================ Blue Coat Reporter ================== "Blue Coat Reporter 7 provides identity-based reporting on Web communications enabling enterprises to evaluate Web policies and manage...

phpbb -- Insuffient check against HTML code in usercp_register.php

Neo Security Team reports: If we specify a variable in the html code any type: hidden, text, radio, check, etc with the name allowhtml, allowbbcode or allowsmilies, is going to be on the html, bbcode and smilies in our signature. This is a low risk vulnerability that allows users to bypass...

CVE-2004-2138

Cross-site scripting XSS vulnerability in AWSguest.php in AllWebScripts MySQLGuest allows remote attackers to inject arbitrary HTML and PHP code via the 1 Name, 2 Email, 3 Homepage or 4 Comments field...

PISG 0.54 - IRC Nick HTML Injection

PISG 0.54 - IRC Nick HTML Injection source: https://www.securityfocus.com/bid/10195/info pisg has been reported prone to an input validation vulnerability. The issue will only present itself when pisg is used to monitor an IRC server that does not place limitations on IRC Nick values that can be...

Virtual Programming VP-ASP 4/5 - 'shopdisplayproducts.asp' Cross-Site Scripting

source: https://www.securityfocus.com/bid/9164/info A vulnerability has been reported to exist in VP-ASP software that may allow a remote user to launch cross-site scripting attacks. A remote attacker may exploit this issue to potentially execute HTML or script code in the security context of the...

S21SEC-023 - Vignette multiple Cross Site Scripting vulnerabilities

ID: S21SEC-023-en Title: Multiple Cross Site Scripting vulnerabilities in Vignette Date: 03/04/2003 Status: Vendor contacted and solution available Scope: HTML code Execution in client browsers Platforms: All Author: rpinuaga Location: http://www.s21sec.com/es/avisos/s21sec-023-en.txt Release:...

RSA ClearTrust 4.64.7 - Login Page Cross-Site Scripting

RSA ClearTrust 4.64.7 - Login Page Cross-Site Scripting source: https://www.securityfocus.com/bid/7108/info A cross-site scripting vulnerability has been discovered in ClearTrust. Specifically, the login page for the management application is not properly sanitized of some user-supplied values. A...

DaCode 1.2 - News Message HTML Injection

DaCode 1.2 - News Message HTML Injection source: https://www.securityfocus.com/bid/5798/info Problems with DaCode could make it possible to execute arbitrary script code in a vulnerable client. DaCode does not sufficiently filter potentially malicious HTML code from news posts. As a result, when ...

PHP-Nuke 6.0 - News Message HTML Injection

source: https://www.securityfocus.com/bid/5796/info Problems with PHPNuke could make it possible to execute arbitrary script code in a vulnerable client. PHPNuke does not sufficiently filter potentially malicious HTML code from news posts. As a result, when a user views a news posting that contai...

XOOPS 1.0 RC3 - HTML Injection

source: https://www.securityfocus.com/bid/5785/info Problems with XOOPS could make it possible to execute arbitrary script code in a vulnerable client. XOOPS does not sufficiently filter potentially malicious HTML code from posted messages. As a result, when a user views a message posting that...