Lucene search
K

9 matches found

seebug.org
seebug.org
added 2014/07/01 12:0 a.m.11 views

NooMS 1.1 - smileys.php page_id Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/31131/info NooMS is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the browse...

7.1AI score
Exploits0
NVD
NVD
added 2008/09/23 3:25 p.m.13 views

CVE-2008-4179

Multiple cross-site scripting XSS vulnerabilities in NooMS 1.1 allow remote attackers to inject arbitrary web script or HTML via the 1 pageid parameter to smileys.php and the 2 q parameter to search.php...

4.3CVSS5.8AI score0.01535EPSS
Exploits0References5
Prion
Prion
added 2008/09/23 3:25 p.m.15 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in NooMS 1.1 allow remote attackers to inject arbitrary web script or HTML via the 1 pageid parameter to smileys.php and the 2 q parameter to search.php...

4.3CVSS6.1AI score0.01535EPSS
Exploits0References5Affected Software1
Prion
Prion
added 2008/09/23 3:25 p.m.17 views

Remote file inclusion

Unspecified vulnerability in db.php in NooMS 1.1 allows remote attackers to conduct brute force attacks against passwords via a username in the gdbuser parameter and a password in the gdbpwd parameter, and possibly a "localhost" gdbhost parameter value, related to a "Mysql Remote Brute Force...

5CVSS7.5AI score0.01213EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2008/09/23 3:0 p.m.40 views

CVE-2008-4180

The CVE-2008-4180 entry concerns NooMS 1.1, where a vulnerability in db.php could allow remote brute-force attempts against database passwords using g_dbuser and g_dbpwd parameters, and possibly a localhost value for g_dbhost. The connected sources corroborate an unspecified vulnerability enablin...

5CVSS7AI score0.01213EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2008/09/23 3:0 p.m.21 views

CVE-2008-4179

Multiple cross-site scripting XSS vulnerabilities in NooMS 1.1 allow remote attackers to inject arbitrary web script or HTML via the 1 pageid parameter to smileys.php and the 2 q parameter to search.php...

5.8AI score0.01535EPSS
Exploits0References5
Prion
Prion
added 2008/09/22 6:52 p.m.10 views

Open redirect

Open redirect vulnerability in admin/auth.php in NooMS 1.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the gsiteurl parameter...

4.3CVSS7.1AI score0.0106EPSS
Exploits0References3Affected Software1
Packet Storm
Packet Storm
added 2008/09/11 12:0 a.m.25 views

nooms-xss.txt

---------------------------------------------------------------- Script : Nooms 1.1 Type : Multiple Vulnerabilities Cross Site Scripting/Redirect/Mysql Brute Force Local Access Risk : Medium ---------------------------------------------------------------- Download From :...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2008/09/11 12:0 a.m.22 views

Nooms 1.1 - 'smileys.php?page_id' Cross-Site Scripting

source: https://www.securityfocus.com/bid/31131/info NooMS is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...

7.4AI score
Exploits0
Rows per page
Query Builder