Winn Guestbook 2.4.8c - Persistent Cross-Site Scripting

Exploit Title: Winn Guestbook v2.4.8c Stored XSS Date: 12/29/11 Author: G13 Software Link: http://code.google.com/p/winn-guestbook/, http://www.winn.ws Version: 2.4.8c Category: webapps php CVE: 2011-5026 Vulnerability There is no sanitation on the input of the name variable. This allows maliciou...

Ubuntu Update for thunderbird USN-1254-1

Ubuntu Update for Linux kernel vulnerabilities USN-1254-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN12541.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for thunderbird USN-1254-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net...

Ubuntu: Security Advisory (USN-1251-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 10.04 LTS / 10.10 : firefox, xulrunner-1.9.2 vulnerabilities (USN-1251-1)

It was discovered that CVE-2011-3004, which addressed possible privilege escalation in addons, also affected Firefox 3.6. An attacker could potentially exploit Firefox when an add-on was installed that used loadSubscript in vulnerable ways. CVE-2011-3647 Yosuke Hasegawa discovered that the Mozill...

Barracuda Archiver 650 - Input Validation Vulnerability

Document Title: =============== Barracuda Archiver 650 - Input Validation Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=34 Release Date: ============= 2011-11-03 Vulnerability Laboratory ID VL-ID: ==================================== 34...

Debian: Security Advisory (DSA-2291-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Seeker Advisory Sep11: Reflected Cross Site Scripting in Microsoft SharePoint Portal

Seeker Research Center Security Advisory This vulnerability was discovered by Seeker® Automatic Run-Time Application Security Testing Solution Disclosed By Irene Abezgauz, September 13th, 2011 ========= I. Overview ========= A Cross Site Scripting vulnerability has been identified in Microsoft...

Open Classifieds 1.7.2 Cross Site Scripting

-------------------------------------------------------------------- + Title : Open classifieds 1.7.2 Xss Vulnerability + Name : Open classifieds + Affected Version : v1.7.2 + Software Link : http://open-classifieds.com/ + Tested on : Vista & Windows Xp and Windows 7 + Date : 23/08/2011 + Dork :...

Microsoft Patches Hotmail Security Vulnerability !

Microsoft recently patched a Hotmail security flaw that enabled attackers to access a user's e-mails and contacts. "The vulnerability was actively being exploited using emails that contained malicious scripts, Trend Micro researcher Karl Dominguez said Monday," writesThe Register's Dan Goodin...

Seo Panel Multiple Cross-site Scripting (XSS) Vulnerabilities

Seo Panel is prone to multiple Cross- site scripting vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MS KB2501696: Vulnerability in MHTML Could Allow Information Disclosure

A flaw exists in the way MHTML interprets MIME-formatted requests for content blocks within a document. An attacker, exploiting this flaw, could cause a victim to run malicious scripts when visiting various websites, resulting in information disclosure. %NASLMINLEVEL 999999 C Tenable Network...

Inout Webmail Script Persistent XSS Vulnerability

Exploit for php platform in category web applications Name :inoutwebmail Persistent Xss Vulnerability Date : Dec,20 2010 Vendor Url :http://www.inoutscripts.com/ Author : Sid3^effects aKa HaRi Big hugs : Th3 RDX,Hananbutt, special thanks to : r0073r inj3ct0r.com,L0rd...

Inout Webmail Script - Persistent Cross-Site Scripting

Name :inoutwebmail Persistent Xss Vulnerability Date : Dec,20 2010 Vendor Url :http://www.inoutscripts.com/ Author : Sid3^effects aKa HaRi Big hugs : Th3 RDX,Hananbutt, special thanks to : r0073r inj3ct0r.com,L0rd...

XSS vulnerability in Confluence Space Names

We have identified and fixed a cross-site scripting XSS vulnerability in Confluence Space Names. An attacker might take advantage of the vulnerability to steal other users' session cookies or other credentials, by sending the credentials back to such an attacker's own web server. An attacker's te...

WebsiteKit Gbplus - 'Name' / 'Body' HTML Injection

source: https://www.securityfocus.com/bid/42842/info Gbplus is prone to multiple HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content. Successful exploits will allow attacker-supplied HTML and script code to run ...

Open Realty 2.x and 3.x Persistent XSS Vulnerability

Exploit for php platform in category web applications ==================================================== Open Realty 2.x and 3.x Persistent XSS Vulnerability ==================================================== Author: K053 Date: 2010-7-24 Hompage: http://open-realty.org Download Link:...

Joomla Component com_mls_teams Persistent XSS Vulnerability

Exploit for php platform in category web applications =========================================================== Joomla Component commlsteams Persistent XSS Vulnerability ===========================================================...

Firefox + NoScript

NoScript for Firefox is an open-source add-on that pre-emptively blocks malicious scripts and allows JavaScript, Java and other potentially dangerous content only from sites you trust. Because Firefox does not have easily-configured security zones like Internet Explorer, NoScript is needed to...

Joomla AWD Song Cross Site Scripting

================================================ Joomla comawdsong persistent xss Vulnerability ================================================ 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /...

Joomla Component com_jesectionfinder Upload Vulnerability

Exploit for php platform in category web applications ======================================================== Joomla JE Property Finder Component Upload Vulnerability ========================================================...