CVE-2004-2174

Cross-site scripting XSS vulnerability in Custva.asp in EarlyImpact ProductCart allows remote attackers to inject arbitrary Javascript via the redirectUrl parameter...

CVE-2004-1043

Internet Explorer 6.0 on Windows XP SP2 allows remote attackers to execute arbitrary code by using the "Related Topics" command in the Help ActiveX Control hhctrl.ocx to open a Help popup window containing the PCHealth tools.htm file in the local zone and injecting Javascript to be executed, as...

CVE-2004-1043

Internet Explorer 6.0 on Windows XP SP2 allows remote attackers to execute arbitrary code by using the "Related Topics" command in the Help ActiveX Control hhctrl.ocx to open a Help popup window containing the PCHealth tools.htm file in the local zone and injecting Javascript to be executed, as...

YaBB Shadow BBCode Tag XSS

The remote host is using the YaBB web forum software. According to its version number, the remote version of this software is vulnerable to JavaScript injection issues using shadow or glow tags. This may allow an attacker to inject hostile JavaScript into the forum system, to steal cookie...

Google Toolbar 1.1.x - About.HTML HTML Injection

source: https://www.securityfocus.com/bid/11210/info Google Toolbar is reported prone to a HTML injection vulnerability. It is reported that the Google Toolbar 'ABOUT.HTML' page allows the injection of HTML and JavaScript code. This vulnerability may allow an attacker to inject malicious HTML and...

Mozilla Firefox < 2.0.0.15 Multiple Vulnerabilities

Binary data 4567.prm...

SeaMonkey < 1.1.10 Multiple Vulnerabilities

Binary data 4568.prm...

CVE-2004-1712

Cross-site scripting XSS vulnerability in TypePad allows remote attackers to inject arbitrary Javascript via the name parameter...

Microsoft Internet Explorer - Overly Trusted Location Cache

Microsoft Internet Explorer - Overly Trusted Location Cache Overly Trusted Location Variant Method Cache Vulnerability GO! This vulnerability seems to be unstable. For some reason, it crashes my internet explorer unless the exploit is executed onlo +ad and even then it crashes sometimes. var...

MS Internet Explorer Remote Application.Shell Exploit

Exploit for unknown platform in category remote exploits ===================================================== MS Internet Explorer Remote Application.Shell Exploit ===================================================== function InjectedDuringRedirection...

ArbitroWeb v0.6 Javascript injection vulnerability

vendor: ArbitroWeb about: An anonymous web surfing proxy written in PHP. ArbitroWeb will redirect all web requests thru it's set of scripts, all URL's contained will be adjusted/mangled to it's own scripts. date: june 22nd, 2004 vendor status: ? problem: javascript can be injected into the...

[Full-Disclosure] Blogger XSS Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------ BLOGGER XSS VULNERABILITY - ------------------------------------------------------ Online URL : http://ferruh.mavituna.com/article/?470 Severity : Moderately Critical for Members Permanent Accou...

Sandblad #12: Inject javascript url in history list &#40;revisited&#41;

Sandblad advisory 12 - /--------------------------------------------------------------/ Title: Inject javascript url in history list revisited Date: 2004-02-03 Software: Internet Explorer Vendor: http://www.microsoft.com/ Status: Patched by MS04-004 Type: Cross site/zone scripting Impact: Reading...

JSinject.txt

Sandblad advisory 12 - /--------------------------------------------------------------/ Title: Inject javascript url in history list revisited Date: 2004-02-03 Software: Internet Explorer Vendor: http://www.microsoft.com/ Status: Patched by MS04-004 Type: Cross site/zone scripting Impact: Reading...

Yahoo messanger crossite scripting

By using ymsgr: it's possible to inject javascript...

Yahoo Messenger Flaw allows injection of JavaScript into IM Windows

Title: Yahoo Messenger Flaw allows injection of JavaScript into IM Windows Author: Chet Simpson [email protected] Date: December 5th, 2003 Host Platforms tested: WindowsME and WindowsXP sp1a Target Applications tested: Yahoo Messenger 5.5 Build 1249 Yahoo Messenger 5.6 Build 1355 Target...

jchat box advisory

Продукт: jChatBox Версия: 2.5 Разработчик: JavaZOOM Адрес: http://www.javazoom.net Уязвимость: Внедрение HTML code и JavaScript code, чтение приватов, флуд. Найдено: Navy, Xboy. Итак, взлом чата происходит через ник. В случае если отключен фильтр на "" и "" работает вариант номер 1. Способ №1:...

SPAIZ-NUKE v1.1 XSS bug

Привет. Вот описание уязвимости в SPAIZ-NUKE 1.1 Advisory9 RusH security team | http://www.rsteam.net Product: SPAIZ-NUKE v1.1 Author: sPaiZ-Nuke Group http://www.spaiz-nuke.net/ [email protected] Vuln: XSS Bug found: 14.09.2003 by 1dt.w0lf Уязвимость: Spaiz-Nuke это движек для сайта постр...

XSS Exploit In phpBB viewtopic.php

XSS Exploit In phpBB viewtopic.php A: BACKGROUND from phpbb.com phpBB is a high powered, fully scalable, and highly customisable open- source bulletin board package. phpBB has a user-friendly interface, simple and straightforward administration panel, and helpful FAQ. Based on the powerful PHP...

Windows Indexing Services Crossite Scripting

It's possible to compromise client by inserting javascript into query URL...