Lucene search
K

484 matches found

NVD
NVD
added 2006/02/04 2:2 a.m.17 views

CVE-2006-0541

Multiple cross-site scripting XSS vulnerabilities in Tachyon Vanilla Guestbook 1.0 beta allow remote attackers to inject arbitrary web script or HTML via unknown vectors related to "posting new messages."...

4.3CVSS5.7AI score0.0118EPSS
Exploits0References5
Cvelist
Cvelist
added 2006/02/04 2:0 a.m.20 views

CVE-2006-0541

Multiple cross-site scripting XSS vulnerabilities in Tachyon Vanilla Guestbook 1.0 beta allow remote attackers to inject arbitrary web script or HTML via unknown vectors related to "posting new messages."...

5.7AI score0.0118EPSS
Exploits0References5
Cvelist
Cvelist
added 2005/09/06 4:0 a.m.19 views

CVE-2005-2805

forumpost.php in e107 0.6 allows remote attackers to post to non-existent forums by modifying the forum number...

6.7AI score0.01336EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2005/07/05 4:0 a.m.29 views

CVE-2005-2106

Unknown vulnerability in Drupal 4.5.0 through 4.5.3, 4.6.0, and 4.6.1 allows remote attackers to execute arbitrary PHP code via a public comment or posting...

5CVSS6.2AI score0.03203EPSS
Exploits0References1
NVD
NVD
added 2005/06/09 4:0 a.m.18 views

CVE-2005-1886

Cross-site scripting XSS vulnerability in view.php in YaPiG 0.92b, 0.93u and 0.94u allows remote attackers to inject arbitrary web script or HTML via 1 the phid parameter or 2 unknown parameters when posting a new comment...

4.3CVSS5.6AI score0.01911EPSS
Exploits1References6
NVD
NVD
added 2005/03/30 5:0 a.m.9 views

CVE-2005-0476

Cross-site scripting XSS vulnerability in hpmguestbook.cgi allows remote attackers to inject arbitrary web script or HTML by posting a message...

4.3CVSS5.7AI score0.00963EPSS
Exploits0References2
securityvulns
securityvulns
added 2005/03/14 12:0 a.m.37 views

[Full-disclosure] 3 XSS Vulnerabilities in Phorum <= 5.0.14

Author: Jon Oberheide [email protected] Date: Sat, March 12th, 2005 Summary ======= Application: Phorum Vendor Website: http://www.phorum.org Affected Versions: = 5.0.14 Type of Vulnerability: Cross Site Scripting XSS About Phorum ============ Phorum is a web based message board written in PHP...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2005/02/23 12:0 a.m.123 views

News Server (NNTP) Anonymous Read / Write Access

The remote server seems open to remote users. Some people prefer open public NNTP servers to be able to read or post articles anonymously. Unwanted connections could waste your bandwidth or put you into legal trouble if a malicious person were to use your server to post abusive articles. Keep in...

5.7AI score
Exploits0
FreeBSD
FreeBSD
added 2005/01/18 12:0 a.m.16 views

newsgrab -- insecure file and directory creation

The newsgrab script uses insecure permissions during the creation of the local output directory and downloaded files. After a file is created, permissions on it are set using the mode value of the newsgroup posting. This can potentially be a problem when the mode is not restrictive enough. In...

0.9AI score
Exploits2References2
securityvulns
securityvulns
added 2004/09/08 12:0 a.m.46 views

[XSS] PHP-Nuke 7.4 AddMsg Bug

CODEBUG Labs Advisory 4 Title: Addmsg Bug Author: Pierquinto 'Mantra' Manco Product: PHP-Nuke 7.4 Type: XSS Web: http://www.mantralab.org Add Message Bug - Description PHP-Nuke is a very bugged web CMS, version 7.4 has critical XSS bug that permit to an attacker to post gloabal home-page messages...

Exploits0
Exploit DB
Exploit DB
added 2004/07/21 12:0 a.m.19 views

Mensajeitor Tag Board 1.x - Authentication Bypass

source: https://www.securityfocus.com/bid/10774/info It has been reported that Mensajeitor Tag Board is affected by an authentication bypass vulnerability. This issue is due to a failure of the application to properly handle authentication controls. Successful exploitation of this issue will allo...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2004/07/21 12:0 a.m.16 views

Mensajeitor Tag Board 1.x - Authentication Bypass

Mensajeitor Tag Board 1.x - Authentication Bypass source: https://www.securityfocus.com/bid/10774/info It has been reported that Mensajeitor Tag Board is affected by an authentication bypass vulnerability. This issue is due to a failure of the application to properly handle authentication control...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2004/03/29 12:0 a.m.32 views

WebCT Campus Edition 3.8/4.x - HTML Injection

source: https://www.securityfocus.com/bid/9999/info It has been reported that WebCT Campus Edition may be prone to an HTML injection vulnerability that may allow a remote attacker to execute arbitrary HTML or script code in the browser of an unsuspecting user. A malicious user could supply...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2003/08/14 12:0 a.m.30 views

ZH2003-24SA (security advisory): ChitChat.NET XSS Vulnerability

ZH2003-24SA security advisory: ChitChat.NET XSS Vulnerability Published: 13 august 2003 Released: 13 august 2003 Name: ChitChat.NET Affected Systems: 2.0 Issue: Remote attackers can inject XSS script Author: [email protected] Vendor: http://clickcess.com/ Description Zone-h Security Team has...

Exploits0
Packet Storm
Packet Storm
added 2003/05/15 12:0 a.m.34 views

posterv2.txt

Hi Guys, This is my first time posting a vulnerability since most of my private research has been done on very small projects, many of which were never released. Anyways, down to the vulnerability: Poster version.two privilege escalation: ======================================== Poster version.tw...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2003/03/03 12:0 a.m.20 views

[SCSA-008] Cross Site Scripting & Script Injection Vulnerability in PY-Livredor

Security Corporation Security Advisory SCSA-008 PROGRAM: PY-Livredor HOMEPAGE: http://www.py-scripts.com http://www.scripts-php.com VULNERABLE VERSIONS: v1.0 DESCRIPTION PY-Livredor is an easy guestbook script using Php4 and MySql with an administration which allow messages deletion. DETAILS A...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2003/02/15 12:0 a.m.50 views

FW: Re[2]: SECURITY.NNOV: Kaspersky Antivirus DoS

Dear Symantec - I will rely on the Bugtraq moderator to help steer this process appropriately in the public forum delay post, etc since I am inexperienced in these matters. There appears to possibly be three DoS vulnerabilities in at least one Symantec AntiVirus product. Initial report from Zaraz...

Exploits0
NVD
NVD
added 2002/12/31 5:0 a.m.14 views

CVE-2002-2398

The new thread posting page in APBoard 2.02 and 2.03 allows remote attackers to post messages to protected forums by modifying the insertinto parameter...

5CVSS6.7AI score0.01232EPSS
Exploits1References4
securityvulns
securityvulns
added 2002/04/16 12:0 a.m.18 views

wbboard 1.1.1 Cross Site Scripting Vulnerability

wbboard 1.1.1 Cross Site Scripting Vulnerability - ------------------------- Affected program : wbboard 1.1.1 is a phpBB-like PHP forum Vendor : http://www.woltlab.de/ Vulnerability-Class : Cross Site Scripting CSS OS specific : No Problem-Type : Joke severity : No risk SUMMARY 1.WBBoard allowed ...

6.6AI score
Exploits0
Cvelist
Cvelist
added 2002/01/10 5:0 a.m.20 views

CVE-2002-0008

Bugzilla before 2.14.1 allows remote attackers to 1 spoof a user comment via an HTTP request to processbug.cgi using the "who" parameter, instead of the Bugzillalogin cookie, or 2 post a bug as another user by modifying the reporter parameter to enterbug.cgi, which is passed to postbug.cgi...

6.7AI score0.01855EPSS
Exploits0References9
Rows per page
Query Builder