EUVD-2007-4059

Malware in sbrugna...

Reddit: XSS via Mod Log Removed Posts

Summary: I have discovered an XSS vulnerability regarding the mod notes feature. Specifically, the XSS payload executes when the victim removes a post in a subreddit and opens up the mod notes of the attacker. Steps To Reproduce: 1. The attacker creates a new post with the title containing the XS...

Sql injection

Multiple SQL injection vulnerabilities in index.asp in Alisveris Sitesi Scripti allow remote attackers to execute arbitrary SQL commands via the 1 productid or 2 catid parameter in a product mod action. NOTE: the provenance of this information is unknown; the details are obtained solely from thir...

CVE-2007-4075

Cross-site scripting XSS vulnerability in index.asp in Alisveris Sitesi Scripti allows remote attackers to inject arbitrary web script or HTML via the q parameter in a search mod action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party...

CVE-2007-4076

Multiple SQL injection vulnerabilities in index.asp in Alisveris Sitesi Scripti allow remote attackers to execute arbitrary SQL commands via the 1 productid or 2 catid parameter in a product mod action. NOTE: the provenance of this information is unknown; the details are obtained solely from thir...