28 matches found
EUVD-2014-2076
Malware in sbrugna...
EUVD-2009-2775
Malware in sbrugna...
EUVD-2010-3425
Malware in sbrugna...
CVE-2010-3427
Multiple cross-site scripting XSS vulnerabilities in Open Classifieds 1.7.0.2 allow remote attackers to inject arbitrary web script or HTML via the 1 desc, 2 price, 3 title, and 4 place parameters to index.php and the 5 subject parameter to contact.htm, related to content/contact.php...
Cross-Site Scripting (XSS) in Open Classifieds
Advisory ID: HTB23204 Product: Open Classifieds Vendor: Open Classifieds Team Vulnerable Versions: 2-2.1.2 and probably prior Tested Version: 2-2.1.2 Advisory Publication: February 19, 2014 without technical details Vendor Notification: February 19, 2014 Vendor Patch: February 20, 2014 Public...
CVE-2014-2024
Cross-site scripting XSS vulnerability in classes/controller/error.php in Open Classifieds 2 before 2.1.3 allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to shared-apartments-rooms/...
CVE-2014-2024
Cross-site scripting XSS vulnerability in classes/controller/error.php in Open Classifieds 2 before 2.1.3 allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to shared-apartments-rooms/...
Cross site scripting
Cross-site scripting XSS vulnerability in classes/controller/error.php in Open Classifieds 2 before 2.1.3 allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to shared-apartments-rooms/...
CVE-2014-2024
Cross-site scripting XSS vulnerability in classes/controller/error.php in Open Classifieds 2 before 2.1.3 allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to shared-apartments-rooms/...
CVE-2014-2024
The CVE-2014-2024 issue is a real XSS in Open Classifieds 2.x (pre-2.1.3), caused by insufficient sanitisation of user data in the URI to /shared-apartments-rooms/. Open Classifieds 2-2.1.2 (and prior) are affected; a crafted link can execute arbitrary HTML/script in the context of a logged-in us...
Open Classifieds跨站脚本漏洞
CVE ID:CVE-2014-2024 Open Classifieds可以用来创建分类和目录。 由于没有充分过滤通过URI传递到"/shared-apartments-rooms/" URL的用户提供的数据,远程攻击者可以利用漏洞欺骗登录用户访问恶意链接,并在受影响网站上下文的浏览器中执行任意HTML和脚本代码。 0 Open Classifieds 2-2.1.2 厂商补丁: Open Classifieds ----- Open Classifieds 2-2.1.3版本以修复此漏洞,建议用户下载使用:...
Open Classifieds 2-2.1.2 Cross Site Scripting Vulnerability
Open Classifieds version 2-2.1.2 suffers from a cross site scripting vulnerability. Product: Open Classifieds Vendor: Open Classifieds Team Vulnerable Versions: 2-2.1.2 and probably prior Tested Version: 2-2.1.2 Advisory Publication: February 19, 2014 without technical details Vendor Notification...
Open Classifieds 2-2.1.2 Cross Site Scripting
Advisory ID: HTB23204 Product: Open Classifieds Vendor: Open Classifieds Team Vulnerable Versions: 2-2.1.2 and probably prior Tested Version: 2-2.1.2 Advisory Publication: February 19, 2014 without technical details Vendor Notification: February 19, 2014 Vendor Patch: February 20, 2014 Public...
Cross-Site Scripting (XSS) in Open Classifieds
High-Tech Bridge Security Research Lab discovered vulnerability in Open Classifieds, which can be exploited to perform Cross-Site Scripting XSS attacks. 1 Cross-Site Scripting XSS in Open Classifieds: CVE-2014-2024 The vulnerability exists due to insufficient sanitisation of user-supplied data...
Open Classifieds 1.7.2 Cross Site Scripting
-------------------------------------------------------------------- + Title : Open classifieds 1.7.2 Xss Vulnerability + Name : Open classifieds + Affected Version : v1.7.2 + Software Link : http://open-classifieds.com/ + Tested on : Vista & Windows Xp and Windows 7 + Date : 23/08/2011 + Dork :...
Open Classifieds 1.7.2 - Multiple Cross-Site Scripting Vulnerabilities
Open Classifieds 1.7.2 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/49292/info Open Classifieds is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues t...
Open Classifieds 1.7.2 - Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/49292/info Open Classifieds is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary HTML and script code in the browser of an...
HTB22980: XSRF (CSRF) in Open Classifieds
Vulnerability ID: HTB22980 Reference: http://www.htbridge.ch/advisory/xsrfcsrfinopenclassifieds.html Product: Open Classifieds Vendor: Open Classifieds Team http://www.open-classifieds.com/ Vulnerable Version: 1.7.1.1 and probably prior versions Vendor Notification: 28 April 2011 Vulnerability...
Open Classifieds 1.7.1.1 Cross Site Request Forgery
Vulnerability ID: HTB22980 Reference: http://www.htbridge.ch/advisory/xsrfcsrfinopenclassifieds.html Product: Open Classifieds Vendor: Open Classifieds Team http://www.open-classifieds.com/ Vulnerable Version: 1.7.1.1 and probably prior versions Vendor Notification: 28 April 2011 Vulnerability...
Cross-site Request Forgery (CSRF) in Open Classifieds
High-Tech Bridge SA Security Research Lab has discovered vulnerability in Open Classifieds which could be exploited to perform cross-site request forgery attacks. 1 Cross-site request forgery CSRF in Open Classifieds The vulnerability exists due to insufficient validation of the request origin in...