PT-2026-31398

A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of multiple parameters in the /web post.asp endpoint. An attacker can exploit this vulnerability by sending a crafted HTTP GET request in parameters such as name, en, user id, log, and time...

EUVD-2004-2138

Malware in sbrugna...

MaxWebPortal 1.3x post.asp Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/13601/info MaxWebPortal is affected by multiple remote vulnerabilities. These issues may allow an attacker to carry out cross-site scripting, SQL injection and HTML injection attacks. MaxWebPortal 1.3.5 and prior versions...

ASP-Nuke RC2 存在跨站脚本(CSS/XSS)执行漏洞

BugCVE: CAN-2002-0521 BUGTRAQ: 4477 ASP-Nuke是一款基于WEB的系统架构程序，运行在多种Unix和Linux系统下，也可运行于Windows平台下。 ASP-Nuke对用户输入过滤上存在漏洞，可使远程攻击者利用在论坛上发贴对其他浏览用户进行跨站脚本执行攻击。 ASP-Nuke中的downloads.asp和post.asp在处理用户提供的输入没有过滤相关的脚本代码，攻击者可以构建包含恶意脚本代码的内容提交给连接，当其他用户浏览相关此连接的时候，脚本将在用户的浏览器中执行。攻击者可能借此得到用户基于Cookie的认证信 ASP-Nuke RC2...

CVE-2005-2048

Multiple SQL injection vulnerabilities in DUware DUforum 3.1, and possibly other versions, allow remote attackers to execute arbitrary SQL commands via the 1 iMsg parameter to messages.asp, iFor parameter to 2 post.asp or 3 forums.asp, or 4 id parameter to userEdit.asp. NOTE: vectors 1 and 3 were...

CVE-2005-1561

CVE-2005-1561 affects MaxWebPortal

CVE-2002-0524

The CVE-2002-0524 entry affects ASP-Nuke RC2 and earlier . The vulnerability arises from error messages that disclose the server’s absolute path when attackers trigger two conditions: (1) calling database-inc.asp with incorrect cookies, or (2) calling Post.asp with certain arguments. This results...