EUVD-2000-0893

Malware in sbrugna...

moreover.com XSS vulnerability

Vulnerable URL: http://moreover.com/blog/?s=%22%3E%3C/script%3E%3Csvg%20onload=alert%28%27XSSPOSED%27%29;%3E Details: Description| Value ---|--- Patched:| Yes, at 10.03.2017 Latest check for patch:| 10.03.2017 14:52 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank...

Moreover CGI script 0 File Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1762/info The 'cachedfeed' CGI script supplied by newsfeed vendor Moreover.com contains a file-disclosure vulnerability. The script's 'obtainfile' function, designed to return the contents of a specified file for display ...

CVE-2000-0906

Directory traversal vulnerability in Moreover.com cachedfeed.cgi script version 4.July.00 allows remote attackers to read arbitrary files via a .. dot dot attack on the category or format parameters...

CVE-2000-0906

The CVE-2000-0906 entry concerns Moreover.com’s cached_feed.cgi script (version 4.July.00). The vulnerability is a directory traversal flaw that allows remote attackers to read arbitrary files by supplying a .. (dot dot) payload in the category or format parameters. The available sources (NVD/NVD...

cached_feed.cgi.txt

----------------------------------------------------------- Arbitrary File Disclosure in Moreover.com's CachedFeed.cgi Application: cachedfeed.cgi Vendor: Moreover.com Version: 1.0, Last Updated 4.July.00 Note, the version is implied. They never actually put a version number in the file, just a...