9 matches found
EUVD-2006-1203
Malware in sbrugna...
Link Bank Iframe.PHP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/17001/info Link Bank is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before including it in dynamically generated HTML content. ...
CVE-2006-1199
Cross-site scripting XSS vulnerability in iframe.php in daverave Link Bank allows remote attackers to inject arbitrary web script or HTML via the site parameter...
CVE-2006-1200
Direct static code injection vulnerability in addlink.txt in daverave Link Bank allows remote attackers to execute arbitrary PHP code via the urlname parameter, which is not sanitized before being stored in links.txt, which is later used in an include statement...
CVE-2006-1199
Cross-site scripting XSS vulnerability in iframe.php in daverave Link Bank allows remote attackers to inject arbitrary web script or HTML via the site parameter...
CVE-2006-1199
Technical details such as affected products/versions, root cause, and fixes are not publicly available in the provided documents. Monitor for updates from vendors and security advisories.
CVE-2006-1200
CVE-2006-1200 describes a direct static code injection in the add_link.txt component of the daverave Link Bank, where the url_name parameter is stored in links.txt without sanitization and later used in an include statement. This enables remote attackers to execute arbitrary PHP code and potentia...
CVE-2006-1200
Direct static code injection vulnerability in addlink.txt in daverave Link Bank allows remote attackers to execute arbitrary PHP code via the urlname parameter, which is not sanitized before being stored in links.txt, which is later used in an include statement...
link bank code execution and xss
——– summary software: Link Bank vendors website: http://daverave.64digits.com/index.php?page=linkbank versions: n/a class: remote status: unpatched exploit: available solution: not available discovered by: retard risk level: high ——– description Link Bank does not sanatise post sumbited to it...