Cross-site Scripting (XSS) Vulnerabilities in Zimplit CMS

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Zimplit CMS which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerabilities in Zimplit CMS: CVE-2010-4513 1.1 The vulnerability exists due to input sanitation error in...

Multiple Vulnerabilities in CLANSPHERE

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in CLANSPHERE which could be exploited to perform cross-site scripting, script insertion and SQL injection attacks. 1 Cross-site scripting XSS vulnerability in CLANSPHERE The vulnerability exists due to input...

mycart 2.0 - Multiple Vulnerabilities

mycart 2.0 - Multiple Vulnerabilities MyCart 2.0 Multiple Remote Vulnerabilities Name MyCart Vendor http://open.appideas.com Versions Affected 2.0 Author Salvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact salvatorefresta at gmail dot com Date 2010-10-27 X. INDEX I. ABO...

Cross-site Request Forgery (CSRF) Vulnerabilities in BlogBird

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in BlogBird which could be exploited to perform cross-site request forgery attacks. 1 Cross-site request forgery CSRF in BlogBird 1.1 The vulnerability exists due to insufficient validation of the request origin in...

Cross-site Scripting (XSS) Vulnerability in NinkoBB

High-Tech Bridge SA Security Research Lab has discovered vulnerability in NinkoBB which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in NinkoBB: CVE-2010-4874 The vulnerability exists due to input sanitation error in parameters...

Netautor Professional 'login2.php' XSS Vulnerability

Netautor Professional is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

NetArt Media Car Portal Multiple Cross-site Scripting Vulnerabilities

NetArt Media Car Portal is prone to multiple cross-site scripting vulnerabilities. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...

Flock Browser Malformed Bookmark Cross site scripting Vulnerability

Flock browser is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Micro CMS v1.0 b1 Persistent XSS Vulnerability

Exploit for php platform in category web applications ============================================== Micro CMS v1.0 b1 Persistent XSS Vulnerability ============================================== Class: Persistent Cross-Site Scripting Severity: High Overview: --------- Micro CMS is prone to...

Flock Browser RSS Feed Cross site scripting Vulnerability

Flock browser is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Flock Browser Malformed Bookmark Cross site scripting Vulnerability

This host is installed with Flock browser and is prone to cross site scripting vulnerability. OpenVAS Vulnerability Test $Id: secpodflockxsswin.nasl 5394 2017-02-22 09:22:42Z teissa $ Flock Browser Malformed Bookmark Cross site scripting Vulnerability Authors: Madhuri D Copyright: Copyright c 201...

Santafox XSS and CSRF Vulnerabilities

Santafox is prone to cross-site scripting XSS and cross-site request forgery CSRF vulnerabilities. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

Wiccle Web Builder 'post_text' XSS Vulnerability

Wiccle Web Builder is prone to a cross-site scripting XSS vulnerability. Copyright C 2010 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is fre...

SmarterTools SmarterTrack Cross-Site Scripting Vulnerabilities

This host is running SmarterTools SmarterTrack and is prone Cross-site scripting vulnerabilities. OpenVAS Vulnerability Test $Id: gbsmartertrackmultxssvuln.nasl 5347 2017-02-19 09:15:55Z cfi $ SmarterTools SmarterTrack Cross-Site Scripting Vulnerabilities Authors: Madhuri D Copyright: Copyright c...

IOS HTTP Server Command Injection Vulnerability

A vulnerability exists in the IOS HTTP server in which HTML code inserted into dynamically-generated output, such as the output from a show buffers command, will be passed to the browser requesting the page. This HTML code could be interpreted by the client browser and potentially execute malicio...

Cross-site Scripting (XSS) Vulnerability in MAXdev

High-Tech Bridge SA Security Research Lab has discovered vulnerability in MAXdev which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in MAXdev The vulnerability exists due to input sanitation error in the "sid" parameter in modules.php. A...

Akamai Download Manager arbitrary file download & execution

------------------------------------------------------------------------ Akamai Download Manager arbitrary file download & execution ------------------------------------------------------------------------ Yorick Koster, April 2009...

Multiple Vulnerabilities in CMSimple

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in CMSimple which could be exploited to perform cross-site scripting and cross-site request forgery attacks. 1 Cross-site scripting XSS vulnerabilities in CMSimple The vulnerability exists due to input sanitation...

Cross-site Scripting (XSS) Vulnerability in Prado Portal

High-Tech Bridge SA Security Research Lab has discovered vulnerability in Prado Portal which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in Prado Portal: CVE-2010-4958 The vulnerability exists due to input sanitation error in the "page"...

Adobe Flash Player ActiveX Control navigateToURL Cross-Site Scripting (CVE-2007-6244)

Adobe Flash Player is a multimedia and application player. Flash Player runs the Shockware Flash SWF files, which contains multimedia content including vector and raster graphics, video, audio, and scripts. Flash Player is made available as a plug-in for a wide range of web browser applications...