Endpoint Protector 4.0.4.2 - Multiple Persistent XSS

No description provided by source. Advisory Name: Multiple Persistent Cross-Site Scripting XSS in Endpoint Protector Internal Cybsec Advisory Id: 2012-1029-Multiple Persistent XSS in Endpoint Protector Vulnerability Class: Permanent Cross-Site Scripting XSS Release Date: 10/29/2012 Affected...

GuppY 2.4 Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8768/info GuppY is reported to be prone to a cross-site scripting vulnerability due to insufficient sanitization of user-supplied input. The problem exists in the postguest module of the software. This issue may allow a...

Joomla_1.6.0-Alpha2 XSS Vulnerabilities

No description provided by source. Title:Joomla1.6.0-Alpha2 XSS Vulnerabilities Date: 2010-05-02 Author: mega-itec.com Software Link: http://joomlacode.org/gf/download/frsrelease/11322/45252/Joomla1.6.0-Alpha2-Full-Package.zip Version: 1.6.0-alpha2 Tested on: relevant os CVE : Code :...

GigPress 2.1.10 Wordpress Plugin Stored XSS Vulnerability

No description provided by source. Exploit Title: GigPress 2.1.10 wordpress plugin Stored XSS Date: 21-2-2011 Author: Saif El-Sherei Version: GigPress 2.1.10, WordPress 3.0.5 Tested on: FireFox 3.6.13, IE 8 Vendor Response: plugin Author released an update to fix this issue Info: GigPress is a...

Mango Blog 1.4.1 'archives.cfm/search' Cross Site Scripting Vulnerability

No description provided by source. !/usr/bin/env python coding: utf-8 from pocsuite.net import req from pocsuite.poc import POCBase, Output from pocsuite.utils import register class TestPOCPOCBase: vulID = 'SSV-87080' vul ID version = '1' author = 'fenghh' vulDate = '2010-03-03' createDate =...

Microsoft Internet Explorer 6.0 Search Pane URI Obfuscation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/11851/info A remote URI obfuscation vulnerability has been found in Internet Explorer's search pane functionality. This issue is due to a failure of the application to present the URI address of HTML and script code loade...

DoceboLMS 4.0.4 - Multiple Stored XSS Vulnerabilities

No description provided by source. !-- DoceboLMS 4.0.4 Multiple Stored XSS Vulnerabilities Vendor: Docebo Product web page: http://www.docebo.org Affected version: 4.0.4 CE Summary: DoceboLMS is a SCORM compliant Open Source e-Learning platform used in corporate, government and education markets...

OpenBB 1.0.x member.php Multiple Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/10214/info It has been reported that OpenBB is affected by multiple input validation vulnerabilities. These issues are due to a failure of the application to properly sanitize user supplied user input. The SQL issues may...

MTP Poll 1.0 - Multiple XSS Vulnerabilities

No description provided by source. ?!-- MTP Poll 1.0 Multiple Remote Script Insertion Vulnerabilities Vendor: MTP Scripts Product web page: http://www.morephp.net Affected version: 1.0 Summary: More than poll is a polling system with a powerful administration tool. It features: multiple pools,...

Basit 1.0 Submit Module Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7139/info A cross-site scripting vulnerability has been reported for Basit. This vulnerability occurs due to insufficient sanitization of some user-supplied input. As a result of this deficiency an attacker may exploit th...

KDE Konqueror <= 3.5.7 Assert Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/25170/info KDE Konqueror is prone to a remote denial-of-service vulnerability because it fails to handle improperly formated HTML code. An attacker may exploit this vulnerability to cause Konqueror to crash, resulting in...

Pluck CMS 4.7 - HTML Code Injection

No description provided by source. Exploit Title: Pluck CMS CSRF - Injecting malicious contents to pagess Date: 2013 4 August Exploit Author: Yashar shahinzadeh Credit goes for: http://y-shahinzadeh.ir & ha.cker.ir Vendor Homepage: http://www.pluck-cms.org/ Tested on: Linux & Windows, PHP 5.2.9...

AldWeb MiniPortail 1.9/2.x LNG Parameter Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8504/info cross-site scripting vulnerability has been reported for miniPortail. The vulnerability exists due to insufficient sanitization of some user-supplied values. Specifically, malicious HTML code is not sanitized fr...

Fastream NetFile 6.0.3 .588 Error Message Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8908/info It has been reported that a cross-site scripting vulnerability may exist in NetFile that may allow remote attackers to execute HTML or script code in a user's browser. The issue is reported to occur due to a 404...

PHP iReport 1.0 - Remote Html Code injection

No description provided by source. !/usr/bin/perl Title = phpireport v1.0 = Remote Html Code injection Author = Or4nG.M4n Download = http://garr.dl.sourceforge.net/project/phpireport/phpireport%20v1.0%20alpha%20revision%2025.rar Thnks : +----------------------------------+ | xSs m4n i-Hmx h311 c0...

Zwiki 0.10/0.36.2 Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/11745/info It is reported that Zwiki is susceptible to a cross-site scripting vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied URI input prior to including it in dynamic...

Basit 1.0 Search Module Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7142/info A cross-site scripting vulnerability has been reported for Basit. This vulnerability occurs due to insufficient sanitization of some user-supplied input. As a result of this deficiency an attacker may exploit th...

Joomla! 1.5 & 1.6 - JFilterInput XSS Bypass

No description provided by source. Exploit Title: Joomla! JFilterInput XSS Bypass Date: 1 February 2011 Author: Jeff Channell Software Link: http://www.joomla.org Version: 1.5.22, 1.6.0 Tested on: PHP5, MySQL5 Joomla! 1.5 and 1.6 rely on the JFilterInput class to sanitize user-supplied html. This...

Invision Power Board 1.3 Pop Parameter Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9822/info It has been reported that Invision Power Board may be prone to a cross-site scripting vulnerability. This may allow a remote attacker to cause hostile HTML or script code to be rendered in a user's browser via a...

SimpleGallery 0.1.3 Index.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/26585/info SimpleGallery is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue allows attackers to execute arbitrary HTML or script code in a...