EUVD-2008-6407

Malware in sbrugna...

phpFreeForum 1.0 rc2 - error.php message Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/29337/info phpFreeForum is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the...

phpFreeForum 1.0 rc2 - part/menu.php Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/29337/info phpFreeForum is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in PHPFreeForum 1.0 RC2 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 message parameter to error.php, and the 2 nickname and 3 randomid parameters to part/menu.php...

CVE-2008-6437

Multiple cross-site scripting XSS vulnerabilities in PHPFreeForum 1.0 RC2 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 message parameter to error.php, and the 2 nickname and 3 randomid parameters to part/menu.php...

CVE-2008-6437

Multiple cross-site scripting XSS vulnerabilities in PHPFreeForum 1.0 RC2 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 message parameter to error.php, and the 2 nickname and 3 randomid parameters to part/menu.php...

CVE-2008-6437

CVE-2008-6437 concerns multiple cross-site scripting (XSS) vulnerabilities in PHPFreeForum 1.0 RC2 and earlier. The issues allow remote attackers to inject arbitrary web script or HTML via the message parameter to error.php, and via the nickname and randomid parameters to part/menu.php. Affected ...

PHPFreeForum <= 1.0 RC2 Remote XSS Vulnerability

========================================================== PHPFreeForum = 1.0 RC2 Remote XSS Vulnerability ========================================================== AUTHOR : CWH Underground DATE : 21 May 2008 SITE : www.citec.us APPLICATION : PHPFreeForum VERSION : 1.0 RC2 VENDOR :...

PHPFreeForum 1.0 rc2 - error.php?message Cross-Site Scripting

PHPFreeForum 1.0 rc2 - error.php?message Cross-Site Scripting source: https://www.securityfocus.com/bid/29337/info phpFreeForum is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute...

PHPFreeForum 1.0 rc2 - 'error.php?message' Cross-Site Scripting

source: https://www.securityfocus.com/bid/29337/info phpFreeForum is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user i...

PHPFreeForum 1.0 rc2 - partmenu.php Multiple Cross-Site Scripting Vulnerabilities

PHPFreeForum 1.0 rc2 - partmenu.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/29337/info phpFreeForum is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage thes...

phpfreeforum-xss.txt

========================================================== PHPFreeForum - http://target/phpfreeforumpath/html/part/menu.php?nickname= - http://target/phpfreeforumpath/html/part/menu.php?randomid= Example for XSS : alert123; . Greetz: ZeQ3uL,BAD $ectors, Snapter, Conan, Win7dos, JabAv0C...

PHPFreeForum 1.0 rc2 - '/part/menu.php' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/29337/info phpFreeForum is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user i...