Lucene search
K

178 matches found

Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/12/01 5:59 a.m.3 views

Cross-site Scripting Vulnerability in JP1/Operations Analytics

Overview A cross-site scripting vulnerability was found in JP1/Operations Analytics. Impact Remote users can exploit this vulnerability to execute malicious scripts. Solution Please refer to the 'Vendor Information' section for the official countermeasure and take appropriate action...

4.1CVSS6.3AI score
Exploits0References2
exploitpack
exploitpack
added 2006/06/16 12:0 a.m.19 views

Ji-takz - Remote File Inclusion

Ji-takz - Remote File Inclusion source: https://www.securityfocus.com/bid/18474/info Ji-takz is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input to the application. An attacker may leverage this issue to have an arbitrary remote file containin...

Exploits0
Exploit DB
Exploit DB
added 2006/06/16 12:0 a.m.24 views

Ji-takz - Remote File Inclusion

source: https://www.securityfocus.com/bid/18474/info Ji-takz is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input to the application. An attacker may leverage this issue to have an arbitrary remote file containing malicious script code execute ...

7AI score
Exploits0
exploitpack
exploitpack
added 2004/09/01 12:0 a.m.14 views

Newtelligence DasBlog 1.x - Request Log HTML Injection

Newtelligence DasBlog 1.x - Request Log HTML Injection source: https://www.securityfocus.com/bid/11086/info DasBlog is reportedly susceptible to an HTML injection vulnerability in its request log. This vulnerability is due to a failure of the application to properly sanitize user-supplied input...

7.6AI score
Exploits0
exploitpack
exploitpack
added 2004/07/17 12:0 a.m.16 views

Gallery 1.4.4 - Remote Server-Side Script Execution

Gallery 1.4.4 - Remote Server-Side Script Execution source: https://www.securityfocus.com/bid/10968/info A vulnerability is reported to exist in Gallery that may allow a remote attacker to execute malicious scripts on a vulnerable system. This issue is a design error that occurs due to the...

0.1AI score
Exploits0
Exploit DB
Exploit DB
added 2004/04/19 12:0 a.m.244 views

phpBB 2.0.x - 'album_portal.php' Remote File Inclusion

source: https://www.securityfocus.com/bid/10177/info It has been reported that phpBB may be prone to a file include vulnerability that may allow remote attackers to include a remote malicious script to be executed on a vulnerable system...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2003/10/27 12:0 a.m.26 views

Chi Kien Uong Guestbook 1.51 - Cross-Site Scripting

source: https://www.securityfocus.com/bid/8896/info It has been reported that Chi Kien Uong Guestbook may be prone to a cross-site scripting vulnerability that may allow a remote attacker to execute HTML or script code in a user's browser. The problem is reported to present itself due to...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2003/09/01 12:0 a.m.24 views

TSguestbook 2.1 - 'Message' HTML Injection

source: https://www.securityfocus.com/bid/8520/info It has been reported that TSguestbook may be prone to HTML injection attacks. The problem is said to occur due to insufficient sanitization of user-supplied input within the 'message' field. As a result, an attacker may post a guestbook entry...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2003/08/08 12:0 a.m.23 views

PostNuke 0.6/0.7 Downloads Module - TTitle Cross-Site Scripting

source: https://www.securityfocus.com/bid/8374/info It has been reported that a cross site scripting vulnerability exists in the Downlaods and WebLinks modules of PostNuke. It is possible that an attacker may construct a link containing malicious script code that could be executed in a browser of...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2003/07/15 12:0 a.m.13 views

Splatt Forum 34 - Post Icon HTML Injection

Splatt Forum 34 - Post Icon HTML Injection source: https://www.securityfocus.com/bid/8198/info Splatt Forum has been reported prone to a HTML injection vulnerability. An attacker may save a Splatt Forum post form, and modify it so that the post icon value contains arbitrary attacker supplied HTML...

7.6AI score
Exploits0
CERT
CERT
added 2002/12/09 12:0 a.m.17 views

Netscape and iPlanet Enterprise Servers fail to sanitize log files before they are displayed using the administration client

Overview IPlanet Enterprise Server and Netscape Enterprise Server versions prior to 4.1. SP12 have a vulnerability involving the rendering of tags embedded in the web logs when viewed through the administration client. Description Requests made to web servers are routinely logged by the web serve...

7.2AI score
Exploits0References2
Cvelist
Cvelist
added 2002/11/21 5:0 a.m.17 views

CVE-2002-1210

Qualcomm Eudora 5.1.1, 5.2, and possibly other versions stores email attachments in a predictable location, which allows remote attackers to read arbitrary files via a link that loads an attachment with malicious script into a frame, which then executes the script in the local browser context...

6.6AI score0.00811EPSS
Exploits0References2
Exploit DB
Exploit DB
added 2002/11/08 12:0 a.m.34 views

Ultimate PHP Board Board 1.0 final Beta - 'viewtopic.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/6335/info Ultimate PHP Board UPB is a freely available, open source PHP Bulletin Board. It is available for the Unix and Linux operating systems. By passing a malicious script code to the viewtopic.php script, UPB may return the script code to the browser...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2002/10/10 12:0 a.m.10 views

PHPRank 1.8 - add.php Cross-Site Scripting

PHPRank 1.8 - add.php Cross-Site Scripting source: https://www.securityfocus.com/bid/5945/info phpRank is a freely available web site link sharing script. It is available for Unix, Linux, and Microsoft operating systems. It has been reported that phpRank is vulnerable to cross-site scripting...

6.8AI score
Exploits0
exploitpack
exploitpack
added 2002/09/23 12:0 a.m.19 views

HP Compaq Insight Manager - Web Interface Cross-Site Scripting

HP Compaq Insight Manager - Web Interface Cross-Site Scripting source: https://www.securityfocus.com/bid/5780/info It has been reported that the Compaq Insight Manager web interface is prone to cross-site scripting attacks. It is possible to construct a malicious link to a Compaq Insight Manager...

6.8AI score
Exploits0
exploitpack
exploitpack
added 2002/01/09 12:0 a.m.17 views

Ultimate Bulletin Board 5.46.06.2 - Cross-Agent Scripting

Ultimate Bulletin Board 5.46.06.2 - Cross-Agent Scripting source: https://www.securityfocus.com/bid/3829/info UBB Ultimate Bulletin Board is commercial web forums/community software that is written in Perl. It runs on various Unix/Linux variants, as well as Microsoft Windows NT/2000. UBB is prone...

7AI score
Exploits0
Cvelist
Cvelist
added 2001/09/18 4:0 a.m.24 views

CVE-2001-0340

An interaction between the Outlook Web Access OWA service in Microsoft Exchange 2000 Server and Internet Explorer allows attackers to execute malicious script code against a user's mailbox via a message attachment that contains HTML code, which is executed automatically...

6.6AI score0.06252EPSS
Exploits0References3
exploitpack
exploitpack
added 2001/06/30 12:0 a.m.22 views

PHP 4.x - SafeMode Arbitrary File Execution

PHP 4.x - SafeMode Arbitrary File Execution source: https://www.securityfocus.com/bid/2954/info PHP is the Personal HomePage development toolkit, distributed by the PHP.net, and maintained by the PHP Development Team in public domain. A problem with the toolkit could allow elevated privileges, an...

Exploits0
Rows per page
Query Builder