122 matches found
html_comments
This plugin greps every page for HTML comments, special comments like the ones containing the words "password" or "user" are specially reported. Plugin type Grep Options This plugin doesnt have any user configured options. Source For more information about this plugin and the associated tests,...
ESHOP network operators treasure Mall 1.0 GetWebshell-vulnerability warning-the black bar safety net
A day Wake up late, get up found on the ground a flyer. See is an online shop. So want to see with what program, find out where to see the html comments,css comments, and file name. Find is ESHOP network operators treasure Mall. google under exploits, found eshop exploits, test the next, not. But...
Design/Logic Flaw
WordPress 2.7.1 places the username of a post's author in an HTML comment, which allows remote attackers to obtain sensitive information by reading the HTML source...
Mandrake Linux Security Advisory : kdelibs (MDKSA-2007:157)
The KDE HTML library kdelibs, as used by Konqueror 3.5.5, does not properly parse HTML comments, which allows remote attackers to conduct cross-site scripting XSS attacks and bypass some XSS protection schemes by embedding certain HTML tags within a comment in a title tag, a related issue to...
Copyright Information Within HTML Comments
Binary data 4709.prm...
PR06-08: BEA Plumtree portal internal hostname disclosure vulnerability
PR06-08: BEA Plumtree portal internal hostname disclosure vulnerability Description: BEA Plumtree portal is vulnerable to a internal hostname disclosure vulnerability. The internal hostname of the server hosting BEA Plumtree portal is always included at the bottom of every requested HTML page...
PR06-09: BEA Plumtree portal full version disclosure vulnerability
PR06-09: BEA Plumtree portal full version disclosure vulnerability Description: BEA Plumtree portal 6.0 is vulnerable to a full version disclosure vulnerability. The exact version along with the build date is always included at the bottom of every requested HTML page within HTML comments. Date...
konqueror XSS
The KDE HTML library kdelibs, as used by Konqueror 3.5.5, does not properly parse HTML comments, which allows remote attackers to conduct cross-site scripting XSS attacks and bypass some XSS protection schemes by embedding certain HTML tags within a comment in a title tag, a related issue to...
CVE-2007-4072
Webbler CMS before 3.1.6 provides the full installation path within HTML comments in certain documents, which allows remote attackers to obtain sensitive information by viewing the HTML source, as demonstrated by viewing the source generated from index.php...
Design/Logic Flaw
Webbler CMS before 3.1.6 provides the full installation path within HTML comments in certain documents, which allows remote attackers to obtain sensitive information by viewing the HTML source, as demonstrated by viewing the source generated from index.php...
CVE-2007-4072
Webbler CMS before 3.1.6 provides the full installation path within HTML comments in certain documents, which allows remote attackers to obtain sensitive information by viewing the HTML source, as demonstrated by viewing the source generated from index.php...
Mandrake Linux Security Advisory : kdelibs (MDKSA-2007:031)
Konqueror 3.5.5 does not properly parse HTML comments in title tags, which allows remote attackers to conduct cross-site scripting XSS attacks and bypass some XSS protection schemes by embedding certain HTML tags within a comment, a related issue to CVE-2007-0478. Updated packages have been patch...
CVE-2007-0537
The KDE HTML library kdelibs, as used by Konqueror 3.5.5, does not properly parse HTML comments, which allows remote attackers to conduct cross-site scripting XSS attacks and bypass some XSS protection schemes by embedding certain HTML tags within a comment in a title tag, a related issue to...
CVE-2007-0537
The KDE HTML library kdelibs, as used by Konqueror 3.5.5, does not properly parse HTML comments, which allows remote attackers to conduct cross-site scripting XSS attacks and bypass some XSS protection schemes by embedding certain HTML tags within a comment in a title tag, a related issue to...
Cross site scripting
The KDE HTML library kdelibs, as used by Konqueror 3.5.5, does not properly parse HTML comments, which allows remote attackers to conduct cross-site scripting XSS attacks and bypass some XSS protection schemes by embedding certain HTML tags within a comment in a title tag, a related issue to...
CVE-2007-0537
The KDE HTML library kdelibs, as used by Konqueror 3.5.5, does not properly parse HTML comments, which allows remote attackers to conduct cross-site scripting XSS attacks and bypass some XSS protection schemes by embedding certain HTML tags within a comment in a title tag, a related issue to...
Cross site scripting
WebCore on Apple Mac OS X 10.3.9 and 10.4.10, as used in Safari, does not properly parse HTML comments in TITLE elements, which allows remote attackers to conduct cross-site scripting XSS attacks and bypass some XSS protection schemes by embedding certain HTML tags within an HTML comment...
vBulletin <= 3.0.6 (Template) Command Execution Exploit (metasploit)
Exploit for unknown platform in category web applications ==================================================================== vBulletin 'vBulletin '$Revision: 1.0 $', 'Authors' = 'str0ke' , 'Arch' = , 'OS' = , 'Priv' = 0, 'UserOpts' = 'RHOST' = 1, 'ADDR', 'The target address', 'RPORT' = 1, 'PORT...
CVE-2001-1419
AOL Instant Messenger AIM 4.7.2480 and earlier allows remote attackers to cause a denial of service application crash via an instant message that contains a large amount of "!--" HTML comments...
HTML Comment 'href' Link Obfuscation
Binary data 2303.prm...