Lucene search
+L

285 matches found

exploitpack
exploitpack
added 2003/09/01 12:0 a.m.13 views

TSguestbook 2.1 - Message HTML Injection

TSguestbook 2.1 - Message HTML Injection source: https://www.securityfocus.com/bid/8520/info It has been reported that TSguestbook may be prone to HTML injection attacks. The problem is said to occur due to insufficient sanitization of user-supplied input within the 'message' field. As a result, ...

0.1AI score
Exploits0
Exploit DB
Exploit DB
added 2003/05/09 12:0 a.m.21 views

Phorum 3.4.x - 'Message Form' HTML Injection

source: https://www.securityfocus.com/bid/7545/info An HTML injection issue has been reported which may lead to unauthorized code execution. It has been reported that it is possible to inject HTML or script code into the subject and other fields of a message in Phorum. This may be done by includi...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2002/08/29 12:0 a.m.31 views

omnihttpd.txt

A vulnerability exists in the test.php script of OmniHTTPd. The script makes a classic coding error -- trusting unsanitized user input. The query string and cookie values are returned unfiltered. Of most concern, of course, is the query string:...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2002/08/26 12:0 a.m.46 views

More OmniHTTPd Problems

I've discovered another vulnerability in one of the OmniHTTPd sample apps. This time, the culprit is "/cgi-bin/redir.exe". This app is vulnerable to a newline injection issue. The vulnerability occurs because the "URL" query parameter case sensitive is decoded and placed directly into the respons...

Exploits0
securityvulns
securityvulns
added 2001/11/09 12:0 a.m.48 views

Security Bulletin MS01-055

---------------------------------------------------------------------- Title: Cookie Data in IE Can Be Exposed or Altered Through Script Injection Date: 08 November 2001 Software: Internet Explorer Impact: Exposure and altering of data in cookies Max Risk: High Bulletin: MS01-055 Microsoft...

Exploits0
Rows per page
Query Builder