12 matches found
EUVD-2011-1671
Malware in sbrugna...
EUVD-2011-4848
Malware in sbrugna...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Ariadne 2.7.6 allow remote attackers to inject arbitrary web script or HTML via the PATHINFO parameter to 1 index.php and 2 loader.php...
CVE-2011-4938
CVE-2011-4938 affects Ariadne 2.7.6, with multiple XSS vulnerabilities that allow remote injection of arbitrary web script or HTML via PATH_INFO to index.php and loader.php. The vulnerability is caused by improper handling of PATH_INFO inputs, leading to script execution under the context of the ...
Cross-Site Scripting (XSS)
geronimo is vulnerable to cross-site scripting XSS. A remote attacker is able to inject arbitrary Javascript into a victim's browser via the name, ip, username or description parameters in console/portal/Server/Monitoring, and PATHINFO parameter to the default URI under console/portal/...
myBloggie 2.1.5 index.php PATH_INFO Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/22097/info MyBloggie is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code...
ObieWebsite Mini Web Shop 2 sendmail.php PATH_INFO Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/23847/info Mini Web Shop is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied input. An attacker can exploit these issues to steal cookie-based...
Tyger Bug Tracking System 1.1.3 Login.php PATH_INFO Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/22799/info Tyger Bug Tracking System is prone to multiple input-validation vulnerabilities, including one SQL-injection issue and two cross-site scripting issues, because the application fails to sufficiently sanitize...
myBloggie 2.1.5 login.php PATH_INFO Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/22097/info MyBloggie is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code...
CVE-2011-5190
Multiple cross-site scripting XSS vulnerabilities in Social Book Facebook Clone 2010 allow remote attackers to inject arbitrary web script or HTML via the PATHINFO parameter to 1 signup.php, 2 lostpass.php, 3 login.php, 4 index.php, 5 helptos.php, 6 helpcontact.php, or 7 help.php...
CVE-2011-5190
Multiple cross-site scripting XSS vulnerabilities in Social Book Facebook Clone 2010 allow remote attackers to inject arbitrary web script or HTML via the PATHINFO parameter to 1 signup.php, 2 lostpass.php, 3 login.php, 4 index.php, 5 helptos.php, 6 helpcontact.php, or 7 help.php...
CVE-2012-2903
Multiple cross-site scripting XSS vulnerabilities in PHP Address Book 7.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 PATHINFO to group.php, or the 2 targetlanguage or 3 targetflag parameter to translate.php...