EUVD-2007-6104

Malware in sbrugna...

PHPSlideShow 0.9.9 Directory Parameter Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/26575/info PHPSlideShow is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue allows attackers to execute arbitrary HTML or script code in a...

Zinkwazi PHPSlideShow Multiple Vulnerability

Exploit for php platform in category web applications ============================================ Zinkwazi PHPSlideShow Multiple Vulnerability ============================================ 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, ...

New Cross-Site Scripting vulnerability in PHPSlideshow

Здравствуйте 3APA3A! Сообщаю вам о найденной мною новой Cross-Site Scripting уязвимости в PHPSlideshow. XSS: http://site/phpslideshow.php?directory=3Cscript3Ealertdocument.cookie3C/script3E: Уязвимы PHPSlideshow 0.9.9.3 и предыдущие версии. Дополнительная информация о данной уязвимости у меня на...

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. PHPSlideshow: crossite scripting...

Cross-Site Scripting vulnerability in PHPSlideshow

Здравствуйте 3APA3A! Сообщаю вам о найденной мною Cross-Site Scripting уязвимости в PHPSlideshow. XSS: Уязвимость в index.php в параметре directory. http://site/slideshow/index.php?directory='3E3Cscript3Ealertdocument.cookie3C/script3E Потенциально уязвимы все версии PHPSlideshow. Дополнительная...

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. PHPSlideshow: crossite scripting...

PHPSlideShow XSS Update

Vendor Site: http://www.zinkwazi.com/wp/scripts/ Version affected: 0.9.9.2 URL:http://www.example.com/scripts/demo/phpslideshow.php?directory=photos BID ref: 26576 By Jose Luis Gуngora Fernбndez PHPSlideShow is also susceptible the following inputs:...

Cross site scripting

Cross-site scripting XSS vulnerability in phpslideshow.php in PHPSlideShow 0.9.9.2, and possibly earlier, allows remote attackers to inject arbitrary web script or HTML via the directory parameter. NOTE: this issue was originally reported for toonchapter8.php, but this is probably a site-specific...

CVE-2007-6135

Cross-site scripting XSS vulnerability in phpslideshow.php in PHPSlideShow 0.9.9.2, and possibly earlier, allows remote attackers to inject arbitrary web script or HTML via the directory parameter. NOTE: this issue was originally reported for toonchapter8.php, but this is probably a site-specific...

CVE-2007-6135

Cross-site scripting XSS vulnerability in phpslideshow.php in PHPSlideShow 0.9.9.2, and possibly earlier, allows remote attackers to inject arbitrary web script or HTML via the directory parameter. NOTE: this issue was originally reported for toonchapter8.php, but this is probably a site-specific...

CVE-2007-6135

PHPSlideShow 0.9.9.2 contains a Cross-site Scripting (XSS) vulnerability in phpslideshow.php, exploitable via the directory parameter. The issue, originally noted for toonchapter8.php, allows remote attackers to inject arbitrary web script or HTML. The available data describe the vulnerable compo...

phpslideshow-xss.txt

PHPSlideShow toonchapter8.php Cross-Site Scripting Vulnerability Download: http://fmdeluxe.com/ Bug found by Jose Luis Góngora Fernández / JosS Contact: sys-projectathotmail.com Spanish Hackers Team www.spanish-hackers.com /server irc.freenode.net /join fullsecure d0rk: "Powered by PHPSlideShow"...

PHPSlideShow (toonchapter8.php) Cross-Site Scripting Vulnerability

PHPSlideShow toonchapter8.php Cross-Site Scripting Vulnerability Download: http://fmdeluxe.com/ Bug found by Jose Luis Gуngora Fernбndez / JosS Contact: sys-projectathotmail.com Spanish Hackers Team www.spanish-hackers.com /server irc.freenode.net /join fullsecure d0rk: "Powered by PHPSlideShow"...

PHPSlideShow 0.9.9 - 'Directory' Cross-Site Scripting

source: https://www.securityfocus.com/bid/26575/info PHPSlideShow is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue allows attackers to execute arbitrary HTML or script code in a user's browser session in the conte...

PHPSlideShow 0.9.9 - Directory Cross-Site Scripting

PHPSlideShow 0.9.9 - Directory Cross-Site Scripting source: https://www.securityfocus.com/bid/26575/info PHPSlideShow is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue allows attackers to execute arbitrary HTML or...