2732 matches found
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in XWiki Watch 1.0 allow remote attackers to inject arbitrary web script or HTML via the rev parameter to 1 bin/viewrev/Main/WebHome and 2 bin/view/Blog, and the 3 registerfirstname and 4 registerlastname parameters to bin/register/XWiki/Register...
CVE-2010-4215
Foswiki 1.1.0 and 1.1.1 are affected by CVE-2010-4215. The flaw resides in UI/Manage.pm, allowing remote authenticated users to escalate privileges by altering the GROUP and ALLOWTOPICCHANGE settings in Main.AdminGroup topic preferences. Evidence from multiple scanners/advisories confirms remote ...
Format string
Red Hat libvirt, possibly 0.6.1 through 0.8.2, looks up disk backing stores without referring to the user-defined main disk format, which might allow guest OS users to read arbitrary files on the host OS, and possibly have unspecified other impact, via unknown vectors...
CentOS 5 : NetworkManager / dbus-glib (CESA-2010:0616)
Updated dbus-glib packages that fix one security issue are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
CVE-2010-2933
SQL injection vulnerability in AV Scripts AV Arcade 3 allows remote attackers to execute arbitrary SQL commands via the avacode cookie to the "main page," related to index.php and the login task...
Sql injection
SQL injection vulnerability in AV Scripts AV Arcade 3 allows remote attackers to execute arbitrary SQL commands via the avacode cookie to the "main page," related to index.php and the login task...
CVE-2010-2933
SQL injection vulnerability in AV Scripts AV Arcade 3 allows remote attackers to execute arbitrary SQL commands via the avacode cookie to the "main page," related to index.php and the login task...
Freelancers Marketplace Script Cross Site Scripting
Name : Freelancers Marketplace Script Persistent XSS Vulnerability Date : july 17,2010 Critical Level : HIGH vendor URL :http://www.guruscript.com/ google dork:Powered by Guruscript.com Author : Sid3^effects aKa HaRi special thanks to : r0073r inj3ct0r.com,L0rd...
Webit CMS - SQL Injection
Webit CMS - SQL Injection ------------------------------------------------------------------------------------------- Webit Cms SQL Injection Vulnerability ------------------------------------------------------------------------------------------- Author: CoBRa21 Script Home: http://www.webitcms....
CVE-2009-4839
Multiple cross-site scripting XSS vulnerabilities in Basic Analysis and Security Engine BASE, possibly 1.4.4 and earlier, allow remote attackers to inject arbitrary web script or HTML via unspecified parameters to 1 admin/baseroleadmin.php, 2 admin/baseuseradmin.php, 3 baseconfcontents.php, 4...
CVE-2009-4839
Multiple cross-site scripting XSS vulnerabilities in Basic Analysis and Security Engine BASE, possibly 1.4.4 and earlier, allow remote attackers to inject arbitrary web script or HTML via unspecified parameters to 1 admin/baseroleadmin.php, 2 admin/baseuseradmin.php, 3 baseconfcontents.php, 4...
Police Municipale Open Main Courante 1.01beta Local File Inclusion / Remote File Inclusion
=========================================================================================== Police Municipale Open Main Courante 1.01beta RFI/LFI Multiple File Include Vulnerability =========================================================================================== + Police Municipale Ope...
Police Municipale Open Main Courante 1.01beta (RFI/LFI) Multiple File Include Vulnerability
=========================================================================================== Police Municipale Open Main Courante 1.01beta RFI/LFI Multiple File Include Vulnerability =========================================================================================== + Police Municipale Ope...
Police Municipale Open Main Courante 1.01beta - Local File Inclusion / Remote File Inclusion
=========================================================================================== Police Municipale Open Main Courante 1.01beta RFI/LFI Multiple File Include Vulnerability =========================================================================================== + Police Municipale Ope...
Police Municipale Open Main Courante 1.01beta - Local File Inclusion Remote File Inclusion
Police Municipale Open Main Courante 1.01beta - Local File Inclusion Remote File Inclusion =========================================================================================== Police Municipale Open Main Courante 1.01beta RFI/LFI Multiple File Include Vulnerability...
Police Municipale Open Main Courante 1.01beta (RFI/LFI) File Inc Vuln
Exploit for php platform in category web applications =========================================================================================== Police Municipale Open Main Courante 1.01beta RFI/LFI Multiple File Include Vulnerability...
Jevon CMS Local File Inclusion / Remote File Inclusion
jevoncms LFI/RFI Multiple Vulnerabilities +Title : jevoncms libdir Multiple Vulnerability +Version: - +Download: http://sourceforge.net/projects/jevoncms/files/ +Author: eidelweiss +Contact: eidelweissatcyberservicesdotcom !Thanks To: all friends -= Vuln C0de =- - jevoncms/php/main/jevoncms.php...
68KB Knowledge Base 1.0.0rc3 - Cross-Site Request Forgery (Edit Main Settings)
68KB Knowledge Base 1.0.0rc3 - Cross-Site Request Forgery Edit Main Settings Exploit Title: 68kb Knowledge Base v1.0.0rc3 edit main settings CSRF Date: 2010-04-02 Author: Jelmer de Hen Software Link: http://68kb.googlecode.com/files/68kb-v1.0.0rc3.zip Version: v1.0.0rc3 escapable'...
68kb Knowledge Base v1.0.0rc3 edit main settings CSRF
Exploit for php platform in category web applications ===================================================== 68kb Knowledge Base v1.0.0rc3 edit main settings CSRF ===================================================== Exploit Title: 68kb Knowledge Base v1.0.0rc3 edit main settings CSRF Date:...
openSUSE Security Update : compiz-fusion-plugins-main (compiz-fusion-plugins-main-1990)
The expo plugin in Compiz Fusion allowed local users with physical access to bypass the screen-saver by just dragging it aside. CVE-2008-6514: CVSS v2 Base Score: 6.2 %NASLMINLEVEL 70300 if !definedfunc"nasllevel" || nasllevel = 70000 && nasllevel = 70200 && nasllevel = 80000 && nasllevel 80502...