5006 matches found
yourownbux40-sql.txt
.. \ \ | | | | \ / \ / // / \ | | | \ | \ | \ /\ \ | / /| /| / \ \ / || / / / / . . | | \ | | | \ \ | \ / / | | / | \ \ \ | / / / / / / ---------------==---------------==---------------==---------------==---------------==---------------= -----============ Yourownbux v4.0 Blind...
phpcal-xss.txt
============================================================== PHP Calendar Script Remote XSS Permanent Vulnerabilities ============================================================== ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH Underground Hacking Team...
fuzzylime302-xss.txt
Cross Site Scripting XSS Vulnerabilitiy in fuzzylime cms =3.02, CVE-2008-3098 References http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3098 http://cms.fuzzylime.co.uk Description Fuzzylime cms is a way to run websites and keep it up-to-date. Once installed, you can update from any...
CVE-2008-3622
Cross-site scripting XSS vulnerability in Wiki Server in Apple Mac OS X 10.5 through 10.5.4 allows remote attackers to inject arbitrary web script or HTML via an e-mail message that reaches a mailing-list archive, aka "persistent JavaScript injection."...
Cross site scripting
Cross-site scripting XSS vulnerability in Wiki Server in Apple Mac OS X 10.5 through 10.5.4 allows remote attackers to inject arbitrary web script or HTML via an e-mail message that reaches a mailing-list archive, aka "persistent JavaScript injection."...
XSS in RSS feed creation
URL http://localhost:8080/dashboard/doconfigurerssfeed.action The RSS feed creation process is vulnerable to XSS attacks. It is possible to inject javascript code into the page by changing the types field to: types="alertdocument.cookie complete example from the testenvironment:...
afurlxss-08_005.txt
Portcullis Security Advisory - 08-005 Vulnerable System: Affinium Campaign Vulnerability Title: The web application's parameters are vulnerable to reflected JavaScript injection. Vulnerability Discovery And Development: Portcullis Security Testing Services. Credit For Discovery: Tim Brown -...
afbookmarkxss-08_001.txt
Portcullis Security Advisory - 08-001 Vulnerable System: Affinium Campaign Vulnerability Title: The web application's bookmarks web page is vulnerable to a JavaScript injection. Vulnerability Discovery And Development: Portcullis Security Testing Services. Credit For Discovery: Tim Brown -...
Firefox arbitrary signed JAR code execution
Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly implement JAR signing, which allows remote attackers to execute arbitrary code via 1 injection of JavaScript into documents within a JAR archive or 2 a JAR archive that uses relative URLs to JavaScript files...
Code injection
Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly implement JAR signing, which allows remote attackers to execute arbitrary code via 1 injection of JavaScript into documents within a JAR archive or 2 a JAR archive that uses relative URLs to JavaScript files...
Firefox arbitrary signed JAR code execution
Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly implement JAR signing, which allows remote attackers to execute arbitrary code via 1 injection of JavaScript into documents within a JAR archive or 2 a JAR archive that uses relative URLs to JavaScript files...
Firefox arbitrary signed JAR code execution
Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly implement JAR signing, which allows remote attackers to execute arbitrary code via 1 injection of JavaScript into documents within a JAR archive or 2 a JAR archive that uses relative URLs to JavaScript files...
Firefox arbitrary signed JAR code execution
Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly implement JAR signing, which allows remote attackers to execute arbitrary code via 1 injection of JavaScript into documents within a JAR archive or 2 a JAR archive that uses relative URLs to JavaScript files...
Signed JAR tampering — Mozilla
Security researchers Collin Jackson and Adam Barth reported a series of vulnerabilities which allow JavaScript to be injected into the context of signed JARs and executed under the context of the JAR's signer. This could allow an attacker to run JavaScript in a victim's browser with the privilege...
S21SEC-042-en:Cezanne SW Cross-Site Scripting (login required)
S21Sec Advisory - Title: Cezanne SW Cross-Site Scripting login required ID: S21SEC-042-en Severity: Medium History: 02.Jan.2008 Vulnerability discovered Authors: Juan de la Fuente Costa [email protected] Fco Javier Puerta Rubio [email protected] URL:...
S21SEC-041-en:Cezanne SW Cross-Site Scripting
S21Sec Advisory - Title: Cezanne SW Cross-Site Scripting ID: S21SEC-041-en Severity: Medium History: 02.Jan.2008 Vulnerability discovered Authors: Juan de la Fuente Costa [email protected] Fco Javier Puerta Rubio [email protected] URL: http://www.s21sec.com/avisos/s21sec-41-en.txt SUMMARY...
Hardcoded credentials
Help Viewer in Apple Mac OS X 10.4.11 and 10.5.2 allows remote attackers to execute arbitrary Applescript via a help:topiclist URL that injects HTML or JavaScript into a topic list page, as demonstrated using a help:runscript link...
CVE-2008-0060
Help Viewer in Apple Mac OS X 10.4.11 and 10.5.2 allows remote attackers to execute arbitrary Applescript via a help:topiclist URL that injects HTML or JavaScript into a topic list page, as demonstrated using a help:runscript link...
Search Unleashed 0.2.10 JavaScript injection (Wordpress plugin)
Hello all, There is a bug in "Log" function of Search Unleashed by John Godley, version 0.2.10. This plug-in stores search queries but does not validates stored data and put them back "raw" to browser. HTML and Java Script can be injected with search request:...
Debian: Security Advisory (DSA-775-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...