1921 matches found
[SA15206] BirdBlog BB Code Script Insertion Vulnerability
---------------------------------------------------------------------- Want a new IT Security job? Vacant positions at Secunia: http://secunia.com/secuniavacancies/ ---------------------------------------------------------------------- TITLE: BirdBlog BB Code Script Insertion Vulnerability SECUNI...
[SA14701] XMB Script Insertion Vulnerabilities
---------------------------------------------------------------------- Want a new IT Security job? Vacant positions at Secunia: http://secunia.com/secuniavacancies/ ---------------------------------------------------------------------- TITLE: XMB Script Insertion Vulnerabilities SECUNIA ADVISORY...
[SA14752] MaxWebPortal SQL Injection and Script Insertion Vulnerabilities
---------------------------------------------------------------------- Want a new IT Security job? Vacant positions at Secunia: http://secunia.com/secuniavacancies/ ---------------------------------------------------------------------- TITLE: MaxWebPortal SQL Injection and Script Insertion...
Code insertion in Blogger comments
Having notified Blogger of this twice over the course of a number of months, and not seeing them take any action beyond saying that they'll look at it or warn their users, I think it's time to warn people. Under the following conditions, Blogger weblogs are vulnerable to executable code insertion...
[SA14679] MercuryBoard "title" Script Insertion Vulnerability
---------------------------------------------------------------------- Want a new IT Security job? Vacant positions at Secunia: http://secunia.com/secuniavacancies/ ---------------------------------------------------------------------- TITLE: MercuryBoard "title" Script Insertion Vulnerability...
[SA14131] Claroline Add Course Script Insertion Vulnerability
TITLE: Claroline Add Course Script Insertion Vulnerability SECUNIA ADVISORY ID: SA14131 VERIFY ADVISORY: http://secunia.com/advisories/14131/ CRITICAL: Less critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: Claroline 1.x http://secunia.com/product/4607/ DESCRIPTION: Yiannis Girod...
[SA14080] SmarterMail Attachment Upload Vulnerability
TITLE: SmarterMail Attachment Upload Vulnerability SECUNIA ADVISORY ID: SA14080 VERIFY ADVISORY: http://secunia.com/advisories/14080/ CRITICAL: Less critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: SmarterMail http://secunia.com/product/3154/ DESCRIPTION: Soroush Dalili has...
siteman.pl.txt
Siteman User Database Line Insertion Vulnerability Vulnerable Systems: Siteman version 1.1.10 and prior Discovered By amironline452 [email protected] By Alpha Hackers Digital Security Team www.alphahackers.com www.amironline452.tk Exploit: !/usr/bin/perl -w Exploit by shoaliesefid7 -...
[SA13795] Guestserver "message" Script Insertion Vulnerability
TITLE: Guestserver "message" Script Insertion Vulnerability SECUNIA ADVISORY ID: SA13795 VERIFY ADVISORY: http://secunia.com/advisories/13795/ CRITICAL: Moderately critical IMPACT: Cross Site Scripting, Exposure of system information WHERE: From remote SOFTWARE: Guestserver 5.x...
[SA13794] Dokeos Course Script Insertion Vulnerability
TITLE: Dokeos Course Script Insertion Vulnerability SECUNIA ADVISORY ID: SA13794 VERIFY ADVISORY: http://secunia.com/advisories/13794/ CRITICAL: Moderately critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: Dokeos 1.x http://secunia.com/product/4508/ DESCRIPTION: bratax has report...
CVE-2004-0875
Multiple cross-site scripting XSS vulnerabilities in Phpgroupware aka webdistro 0.9.16.002 and earlier allow remote attackers to insert arbitrary HTML or web script, as demonstrated with a request to the wiki module...
[SA13497] Sun Java Messaging Server Webmail Script Insertion Vulnerability
TITLE: Sun Java Messaging Server Webmail Script Insertion Vulnerability SECUNIA ADVISORY ID: SA13497 VERIFY ADVISORY: http://secunia.com/advisories/13497/ CRITICAL: Moderately critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: Sun Java System Messaging Server 6.x...
[SA12856] Ansel "image" SQL Injection and Script Insertion Vulnerabilities
TITLE: Ansel "image" SQL Injection and Script Insertion Vulnerabilities SECUNIA ADVISORY ID: SA12856 VERIFY ADVISORY: http://secunia.com/advisories/12856/ CRITICAL: Moderately critical IMPACT: Cross Site Scripting, Manipulation of data WHERE: From remote SOFTWARE: Ansel 2.x...
[SA13329] Nuked-Klan "Links" Module Script Insertion Vulnerability
TITLE: Nuked-Klan "Links" Module Script Insertion Vulnerability SECUNIA ADVISORY ID: SA13329 VERIFY ADVISORY: http://secunia.com/advisories/13329/ CRITICAL: Moderately critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: Nuked-Klan 1.x http://secunia.com/product/1015/ DESCRIPTION:...
[SA13071] Gallery Unspecified Script Insertion Vulnerability
---------------------------------------------------------------------- Monitor, Filter, and Manage Security Information - Filtering and Management of Secunia advisories - Overview, documentation, and detailed reports - Alerting via email and SMS Request Trial: https://ca.secunia.com/?f=l...
[SA12955] dadaIMC "Post An Article" Script Insertion Vulnerability
TITLE: dadaIMC "Post An Article" Script Insertion Vulnerability SECUNIA ADVISORY ID: SA12955 VERIFY ADVISORY: http://secunia.com/advisories/12955/ CRITICAL: Moderately critical IMPACT: Cross Site Scripting, Manipulation of data WHERE: From remote SOFTWARE: dadaIMC 0.x...
[SA12732] AWS MySQLguest Script Insertion Vulnerability
TITLE: AWS MySQLguest Script Insertion Vulnerability SECUNIA ADVISORY ID: SA12732 VERIFY ADVISORY: http://secunia.com/advisories/12732/ CRITICAL: Moderately critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: MySQLguest http://secunia.com/product/4008/ DESCRIPTION: BliZZard has...
[SA12662] PHP-Fusion "homepage address" Script Insertion Vulnerability
TITLE: PHP-Fusion "homepage address" Script Insertion Vulnerability SECUNIA ADVISORY ID: SA12662 VERIFY ADVISORY: http://secunia.com/advisories/12662/ CRITICAL: Moderately critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: PHP-Fusion 4.x http://secunia.com/product/3803/ DESCRIPTIO...
CVE-2002-1497
Cross-site scripting XSS vulnerability in Null HTTP Server 0.5.0 and earlier allows remote attackers to insert arbitrary HTML into a "404 Not Found" response...
gallery-php.txt
!/usr/bin/php 17-August-2004 ++ Vulnerability description ++ Gallery http://gallery.sf.net/ is a PHP image gallery script. Having permission to upload photos in some album and the temporal directory is in the webtree, then it is possible to create a file with any extension and content. Tested in ...