Unfixed XSS vulnerability at suche.info

Security researcher InSiDe, has submitted on 21/05/2007 a cross-site-scripting XSS vulnerability affecting suche.info, which at the time of submission ranked 457329 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 22/05/2007. It is currently...

CVE-2007-1487

Directory traversal in Sascha Schroeder (CyberT Teddy) WebLog: index.php showsArticles action vulnerable to reading arbitrary files via .. in the file parameter. Root cause is improper input handling allowing path traversal. Impact stated as read access to arbitrary files; no exploit specifics or...

Cisco CallManager Administration and User Options Web Interfaces Cross-Site Scripting Vulnerability

Cisco CallManager versions prior to 4.31, 4.23, 4.13SR4 and 3.35SR3 contain a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary script in the user's browser session. The vulnerability exists due to improper input sanitization in the CallManager Administration...