CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4 matches found

securityvulns•added 2006/05/27 12:0 a.m.•43 views

PHP AGTC-Membership system <= v1.1a XSS

PHP AGTC-Membership system = v1.1a XSS Discovered by: Nomenumbra Date: 23/5/2006 impact:moderate privilege escalation,possible defacement Ordinary users can add users to the user management system as well, or change their own email address, which isn't properly sanitized, thus allowing XSS as...

3AI score

Exploits0

securityvulns•added 2006/05/25 12:0 a.m.•29 views

Chatty improper input sanitizing

Chatty improper input sanitizing Discovered by: Nomenumbra Date: 21/5/2006 impact:moderate possible defacement Chatty is a PHP-based chatscript allowing users to chat over the web. Subscribing with a username like this: scriptalert22xss22/script would cause major xss in the chatroom. Nomenumbra...

3.2AI score

Exploits0

securityvulns•added 2006/05/07 12:0 a.m.•20 views

VisionSource CMS <= 0.6 XSS vectors

VisionSource CMS = 0.6 XSS vectors Discovered by: Nomenumbra Date: 5/4/2006 impact:moderate privilege escalation,possible defacement No data inside the user's profile is filtered thus allowing them to embed malicious XSS vectors to potentially steal cookies. Nomenumbra/0x4F4C...

5.6AI score

Exploits0

securityvulns•added 2006/05/03 12:0 a.m.•27 views

SF-Users V1.0 XSS injection

SF-Users V1.0 XSS injection Discovered by: Nomenumbra Date: 5/2/2006 impact:moderate privilege escalation,possible defacement The username with which you sign up isn't properly sanitized so it's possible to insert some javascript there. The single quote is filtered so we'll have to use ' or 27. A...

2.4AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by