11 matches found
Ubuntu 8.10 : squid vulnerability (USN-724-1)
Joshua Morin, Mikko Varpiola and Jukka Taimisto discovered that Squid did not properly validate the HTTP version when processing requests. A remote attacker could exploit this to cause a denial of service assertion failure. Note that Tenable Network Security has extracted the preceding descriptio...
Debian DSA-1732-1 : squid3 - denial of service
Joshua Morin, Mikko Varpiola and Jukka Taimisto discovered an assertion error in squid3, a full featured Web Proxy cache, which could lead to a denial of service attack. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...
Naymz multiple XSS
Naymz is a online profile system with positive and accurate information that you want others to find when they search for you online. Community Search fails to sanitize: 1."scriptalert'xss'/script...
naymz-xss.txt
Naymz is a online profile system with positive and accurate information that you want others to find when they search for you online. Community Search fails to sanitize: 1."alert'xss'...
SocialURL Login Page Cross-Site Scripting
Overview: SocialURL is a social community platform enabling you to organize your online identities. Connnect to all your social network sites with one URL. SocialURL fails to sufficiently sanitize user-supplied input data via login box. Class: Input Validation Error Example:...
socialurl-xss.txt
Overview: SocialURL is a social community platform enabling you to organize your online identities. Connnect to all your social network sites with one URL. SocialURL fails to sufficiently sanitize user-supplied input data via login box. Class: Input Validation Error Example: 1.alert'xss' 2...
Liferay Enterprise Portal multiple XSS
Vendor Site: Liferay.net Version affected: Liferay Enterprise Portal 4.3.1 Demo:http://www.liferay.net/c/portal/login?tabs1=forgot-password Class: Input Validation Error Overview: Liferay fails to sufficiently sanitize user-supplied input data in "email address" text box by pressing the "Send New...
liferay-xss.txt
Vendor Site: Liferay.net Version affected: Liferay Enterprise Portal 4.3.1 Demo:http://www.liferay.net/c/portal/login?tabs1=forgot-password Class: Input Validation Error Overview: Liferay fails to sufficiently sanitize user-supplied input data in "email address" text box by pressing the "Send New...
phpslideshow0992-xss.txt
Vendor Site: http://www.zinkwazi.com/wp/scripts/ Version affected: 0.9.9.2 URL:http://www.example.com/scripts/demo/phpslideshow.php?directory=photos BID ref: 26576 By Jose Luis Góngora Fernández PHPSlideShow is also susceptible the following inputs:...
genealogy-xss.txt
Vendor Site: http://www.phpgedview.net Version: 4.1 Common Path: yoursite.com/genealogy/login.php Overview: Genealogy program which allows you to view and edit your genealogy on your website. It fails to sufficiently sanitize user-supplied input data in "User Name" text box leaving password blank...
PhpGedView login page multiple XSS
Vendor Site: http://www.phpgedview.net Version: 4.1 Common Path: yoursite.com/genealogy/login.php Overview: Genealogy program which allows you to view and edit your genealogy on your website. It fails to sufficiently sanitize user-supplied input data in "User Name" text box leaving password blank...