261 matches found
Jira Enterprise 4.0.1 - Multiple Low Risk Vulnerabilities
Jira - Multiple Low Risk Vulnerabilities Versions Affected: 4.0.1 other versions were not checked. Info: JIRA provides issue tracking and project tracking for software development teams to improve code quality and the speed of development. and so forth. External Links:...
Jira 4.0.1 Cross Site Scripting
Jira - Multiple Low Risk Vulnerabilities Versions Affected: 4.0.1 other versions were not checked. Info: JIRA provides issue tracking and project tracking for software development teams to improve code quality and the speed of development. and so forth. External Links:...
DBHcms 1.1.4 - Persistent Cross-Site Scripting
DBHcms 1.1.4 - Persistent Cross-Site Scripting Title: DBHcms 1.1.4 Stored XSS Vendor: http://www.drbenhur.com Dork: "powered by DBHcms" AUTHOR: ITSecTeam Email: [email protected] Website: http://www.itsecteam.com Forum : http://forum.ITSecTeam.com Original Advisory:...
DBHcms 1.1.4 - Persistent Cross-Site Scripting
Title: DBHcms 1.1.4 Stored XSS Vendor: http://www.drbenhur.com Dork: "powered by DBHcms" AUTHOR: ITSecTeam Email: [email protected] Website: http://www.itsecteam.com Forum : http://forum.ITSecTeam.com Original Advisory: www.ITSecTeam.com/en/vulnerabilities/vulnerability50.htm Thanks: r3dm0v3...
Chilly CMS <= 1.03 Non Persistent XSS Vulnerabilities
Exploit for unknown platform in category web applications ===================================================== Chilly CMS 'alert"EgoPL says: I'm a XSS" http://localhost:80/chillyCMS/admin/login.site.php?user='alert"EgoPL says: I'm a XSS" 0day.today 2018-04-14...
BitWeaver <= 2.7 Non Persistent XSS Vulnerability
Exploit for unknown platform in category web applications ================================================= BitWeaver "alert"EgoPL says: I'm a XSS" There are more XSS fo...
Alkakon OpenCms 7.5.2 and below non persistent XSS
Exploit for unknown platform in category web applications ================================================== Alkakon OpenCms 7.5.2 and below non persistent XSS ================================================== Exploit Title: Alkakon OpenCms 7.5.2 and below non persistent XSS. Author: EgoPL...
ProCheckUp Security Advisory 2009.19
PR09-19: Cross-Site Scripting XSS on CommonSpot server Vulnerability found: 17th December 2009 Vendor informed: 18th December 2009 Severity: Medium Successfully tested on: Commonspot server http://www.paperthin.com/ Description: Commonspot server is vulnerable to a vanilla XSS Vulnerable...
CGI Generic XSS (quick test)
The remote web server hosts CGI scripts that fail to adequately sanitize request strings with malicious JavaScript. By leveraging this issue, an attacker may be able to cause arbitrary HTML and script code to be executed in a user's browser within the security context of the affected site. These...
NovaBoard <= 1.0.1 / XSS Vulnerability
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= NovaBoard = 1.0.1 / XSS Vulnerability -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= $ Program: NovaBoard $ Version: = 1.0.1 $ File affected: index.php $ Download: http://www.novaboard.net/ Found by Pepelux pepeluxatenye-sec.org eNYe-Sec - www.enye-sec.org -- About...
Novaboard 1.0.1 - Cross-Site Scripting
Novaboard 1.0.1 - Cross-Site Scripting -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= NovaBoard eNYe-Sec - www.enye-sec.org -- About the program by the author's page -- NovaBoard is a free, feature rich community message board software written in PHP & MySQL that allows you to set up your own forum withi...
metrica-xss.txt
Metrica Service Assurance Multiple Cross Site Scripting Author: Francesco Bianchino Email: [email protected] Title: Metrica Service Assurance Multiple Cross Site Scripting Vendor: IBM Summary Metrica Service Assurance Framework implements a distributed, object-oriented, J2EE-based architectur...
PR07-44: XSS on RSA Authentication Agent login page
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 PR07-44: XSS on RSA Authentication Agent login page Vulnerability found: 5th December 2007 Vendor informed: 13th December 2007 Severity: Medium-high Successfully tested on: RSA Authentication Agent 5.3.0.258 for Web for Internet Information Services...
eforum-xss.txt
eForum v0.4 - NON-PERSISTENT XSS by Omni 1 Infos --------- Date : 2008-03-05 Product : eForum Version : v 0.4 Vendor : http://www.phpbrasil.com/scripts/script.php/id/169 Vendor Status : 2008-03-18 Not Informed! 2008-03-18 Published! Description : eForum is an easy-to-install discussion board that...
Two XSS on Blue Coat ProxySG Management Console
PR07-29: Two XSS on Blue Coat ProxySG Management Console Vulnerability found: 23 July 2007 Vendor informed: 20 August 2007 Vulnerability fixed: 29 October 2007 Advisory publicly released: 1 November 2007 Severity: Medium Description: Blue Coat SG400 is vulnerable to a couple of XSS holes...
eqdkp-xss.txt
In listmembers.php, $show fails to properly sanitize user-supplied input. It's non persistent XSS :-/ Example: $path-to-eqdkp/listmembers.php?show=%22%3E%3Cplaintext%3E kefka kefka at kevinbeardsucks.com...
sinecms-xss.txt
. . . . | . .| . .;/ || Infos --------- Date : 2007-04-26 ISO 8601 Product : SineCms Version : 2.3.4 last, prior versions may also be affected Vendor : http://sourceforge.net/projects/sine - http://www.sinecms.net Vendor Status : 2007-04-26 - Informed! Description : SineCms is a management...
SineCMS
. . . . | . .| . .;/ || .| .net | .| "SineCms Version 2.3.4 - Non-Persistent XSS Vulnerability" by Nexus 1 Infos --------- Date : 2007-04-26 ISO 8601 Product : SineCms Version : 2.3.4 last, prior versions may also be affected Vendor : http://sourceforge.net/projects/sine - http://www.sinecms.net...
FreeBSD : pubcookie-login-server -- XSS vulnerability (855cd9fa-c452-11da-8bff-000ae42e9b93)
"Nathan Dors of the Pubcookie Project reports : Multiple non-persistent XSS vulnerabilities were found in the Pubcookie login server's compiled binary 'index.cgi' CGI program. The CGI program mishandles untrusted data when printing responses to the browser. This makes the program vulnerable to...
aklink-sa-2006-001-jsboard-xss.txt
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================ ||| Security Advisory AKLINK-SA-2006-001 ||| ||| CAN-2006-2109 CVE candidate ||| ============================================ JSBoard - Cross Site Scripting Attack ===================================== Date...