7808 matches found
Microsoft IIS ASP Stack Based Buffer Overflow Vulnerability
The host is running Microsoft IIS Webserver and is prone to stack based buffer overflow vulnerability. OpenVAS Vulnerability Test $Id: gbmsiisbofvuln.nasl 5323 2017-02-17 08:49:23Z teissa $ Microsoft IIS ASP Stack Based Buffer Overflow Vulnerability Authors: Antu Sanadi Copyright: Copyright c 201...
Microsoft IIS ASP Stack Based Buffer Overflow Vulnerability (MS10-065) - Active Check
Microsoft IIS Webserver is prone to a stack based buffer overflow vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
XMB 1.9.11 Cross Site Request Forgery
...
phpcrs <= 3.Za / Local File Inclusion Vulnerability
Exploit for php platform in category web applications =================================================== phpcrs Software Link: http://sourceforge.net/projects/phpcrs/ Version: eNYe-Sec - www.enye-sec.org --Bug -- 123. elseif isset$POST'btnStartImport' 124...
Cross-site Scripting (XSS) Vulnerability in AChecker
High-Tech Bridge SA Security Research Lab has discovered vulnerability in AChecker which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in AChecker: CVE-2010-3455 The vulnerability exists due to input sanitation error in the "uri" parameter in...
Cross-site Scripting (XSS) Vulnerabilities in ATutor
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in ATutor which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in ATutor The vulnerability exists due to input sanitation error in the "cid" parameter in...
DEBIAN-CVE-2010-3055
The configuration setup script aka scripts/setup.php in phpMyAdmin 2.11.x before 2.11.10.1 does not properly restrict key names in its output file, which allows remote attackers to execute arbitrary PHP code via a crafted POST request...
CVE-2010-3055
The configuration setup script aka scripts/setup.php in phpMyAdmin 2.11.x before 2.11.10.1 does not properly restrict key names in its output file, which allows remote attackers to execute arbitrary PHP code via a crafted POST request...
Cross site request forgery (csrf)
The configuration setup script aka scripts/setup.php in phpMyAdmin 2.11.x before 2.11.10.1 does not properly restrict key names in its output file, which allows remote attackers to execute arbitrary PHP code via a crafted POST request...
CVE-2010-3055
CVE-2010-3055 affects phpMyAdmin 2.11.x before 2.11.10.1. The configuration setup script (scripts/setup.php) does not properly restrict key names in its output file, enabling a remote attacker to execute arbitrary PHP code via a crafted POST request. The issue, with a CVSS v2 base score of 7.5 (H...
CVE-2010-3055
The configuration setup script aka scripts/setup.php in phpMyAdmin 2.11.x before 2.11.10.1 does not properly restrict key names in its output file, which allows remote attackers to execute arbitrary PHP code via a crafted POST request...
CVE-2010-3055
The configuration setup script aka scripts/setup.php in phpMyAdmin 2.11.x before 2.11.10.1 does not properly restrict key names in its output file, which allows remote attackers to execute arbitrary PHP code via a crafted POST request...
Multiple Vulnerabilities in SantaFox
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in SantaFox which could be exploited to perform cross-site scripting and cross-site request forgery attacks. 1 Cross-site scripting XSS vulnerability in SantaFox: CVE-2010-3463 The vulnerability exists due to input...
Open-Realty index.php select_users_lang Parameter Traversal Local File Inclusion
The web server hosts Open-Realty, a web-based real estate listing management application written in PHP. At least one install of Open-Realty on the remote host fails to sanitize user-supplied input to the 'selectuserslang' parameter in POST requests to the 'index.php' script before using it to...
Novell iManager Class Name Remote Buffer Overflow (CVE-2010-1929)
Novell iManager is a web-based administration console that provides management of many other Novell products. The iManager service itself is a Java web application running on top of the Tomcat application container. A buffer overflow vulnerability exists in Novell iManager. The vulnerability is d...
chillyCMS 1.1.3 Cross Site Request Forgery
input type="hidden...
dotDefender 3.8-5 - Remote Code Execution (via Cross-Site Scripting)
dotDefender 3.8-5 - Remote Code Execution via Cross-Site Scripting / DotDefender = 3.8-5 No Authentication Remote Code Execution Through XSS Tested on DotDefender 3.8-5 On Ubuntu Server 9.10 64-bit with Firefox 3.6.3 Paul Hand aka rAWjAW AT offsec.com Original Post-Authentication Remote Command...
Multiple Cross-site Scripting (XSS) Vulnerabilities in Spitfire
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Spitfire which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerabilities in Spitfire 1.1 The vulnerability exists due to input sanitation error in the "cmsid" and...
Star outside the virtual host management system brush money vulnerability+injection vulnerability-vulnerability warning-the black bar safety net
Test station: http://www.. com/ Register for an account, for example: test Visit: http://www.. com/netpay/ips/ Enter your username and amount of recharge. For example: test 1 $ 0 Point the next step will be to generate you an order number. Such as 7 2 2 9 7 8 Remember it Parameter structure:...
Multiple Vulnerabilities in Pixie
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Pixie which could be exploited to perform cross-site scripting, script insertions and cross-site request forgery attacks. 1 Cross-site scripting XSS vulnerability in Pixie The vulnerability exists due to input...