14 matches found
EUVD-2002-0947
Malware in sbrugna...
EUVD-2002-2402
Malware in sbrugna...
EUVD-2006-3976
Malware in sbrugna...
CVE-2002-2424
Cross-site scripting XSS vulnerability in PHPReactor 1.2.7 pl1 allows remote attackers to inject arbitrary web script or HTML via Javascript in the style attribute of an HTML tag...
PHPReactor 1.2.7 pl1 Browse.PHP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/5939/info phpReactor is prone to cross-site scripting attacks. An attacker may create a malicious link to a phpReactor site which contains malicious HTML and script code. If this link is visited by a web user, the...
CVE-2002-2424
The CVE-2002-2424 entry describes a Cross-site scripting (XSS) vulnerability in PHP(Reactor) 1.2.7 pl1, where remote attackers can inject arbitrary web script or HTML through Javascript placed in the style attribute of an HTML tag. The available details identify the affected product and version a...
CVE-2007-3066
CVE-2007-3066 involves multiple PHP remote file inclusion flaws in php(Reactor) versions up to and including 1.2.7, where remote attackers can trigger arbitrary PHP code execution by supplying a URL for pathtohomedir to files in inc/ (notably view.inc.php, users.inc.php, updatecms.inc.php, and po...
CVE-2006-3983
PHP remote file inclusion vulnerability in editprofile.php in phpReactor 1.27pl1 allows remote attackers to execute arbitrary PHP code via a URL in the pathtohomedir parameter...
CVE-2002-0958
Cross-site scripting vulnerability in browse.php for PHPReactor 1.2.7 allows remote attackers to execute script as other users via the go parameter in the comments section...
CVE-2002-0958
Technical details about CVE-2002-0958 are not publicly provided in the connected documents. No additional information on affected products, versions, root cause, exploit status, or fixes is available here. Monitor for updates from official sources.
CVE-2002-2424
Cross-site scripting XSS vulnerability in PHPReactor 1.2.7 pl1 allows remote attackers to inject arbitrary web script or HTML via Javascript in the style attribute of an HTML tag...
XSS bug in php(Reactor)
Vulnerable systems: 1.2.7pl1 Exploit: forums/browse.php?fid=3&tid=46&go=scriptJavaScript:alert 'Hi';/script with out "" Solution: i thought this but i am not sure open browse.php and add this code in line 52: $go = HTMLSpecialChars$go; $go = PREGReplace"/A-Z&.;:!@$^''//i", "", $go;...
CVE-2002-0958
Cross-site scripting vulnerability in browse.php for PHPReactor 1.2.7 allows remote attackers to execute script as other users via the go parameter in the comments section...
[ARL02-A12] PHP(Reactor) Cross Site Scripting Vulnerability
+/---------------- ALPER Research Labs ------/--------/+ +/---------------- Security Advisory -----/---------/+ +/---------------- ID: ARL02-A12 ----/----------/+ +/---------------- [email protected] ---/-----------/+ Advisory Information -------------------- Name : phpReactor Cross Site Scripti...