18 matches found
EUVD-2007-5410
Malware in sbrugna...
EUVD-2008-0219
Malware in sbrugna...
PRO-Search 0.17 Index.PHP Multiple Cross-Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/27126/info PRO-Search is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the...
CVE-2008-0199
PRO-Search 0.17 and earlier allows remote attackers to cause a denial of service via certain values of the showpage and time parameters to the default URI...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in PRO-Search 0.17 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 prot, 2 host, 3 path, 4 name, 5 ext, 6 size, 7 searchdays, or 8 showpage parameter to the default URI...
Default credentials
PRO-Search 0.17 and earlier allows remote attackers to cause a denial of service via certain values of the showpage and time parameters to the default URI...
CVE-2008-0207
Multiple cross-site scripting XSS vulnerabilities in PRO-Search 0.17 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 prot, 2 host, 3 path, 4 name, 5 ext, 6 size, 7 searchdays, or 8 showpage parameter to the default URI...
CVE-2008-0199
PRO-Search 0.17 and earlier allows remote attackers to cause a denial of service via certain values of the showpage and time parameters to the default URI...
CVE-2008-0207
CVE-2008-0207 affects PRO-Search 0.17 and earlier, which contains multiple reflected XSS vulnerabilities in the default URI. The payloads can be injected through the query parameters: prot, host, path, name, ext, size, search_days, and show_page, enabling remote script or HTML execution in a user...
CVE-2008-0199
PRO-Search 0.17 and earlier is affected. The vulnerability is triggered by certain values of the show_page and time parameters in the default URI, allowing remote attackers to cause a denial of service. The reported impact is partial availability disruption; no exploits, vectors, fixes, or affect...
CVE-2008-0207
Multiple cross-site scripting XSS vulnerabilities in PRO-Search 0.17 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 prot, 2 host, 3 path, 4 name, 5 ext, 6 size, 7 searchdays, or 8 showpage parameter to the default URI...
PRO-Search 0.17 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/27126/info PRO-Search is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...
PRO-Search 0.17 - index.php Multiple Cross-Site Scripting Vulnerabilities
PRO-Search 0.17 - index.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/27126/info PRO-Search is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to...
Vulnerabilities in PRO-search
Здравствуйте 3APA3A! Сообщаю вам о найденной мною Cross-Site Scripting и Denial of Service уязвимостях в PRO-search. XSS: Уязвимости на главной странице в параметрах prot, host, path, name, ext, size, searchdays, showpage. http://site/?prot=223E3Cscript3Ealertdocument.cookie3C/script3E...
Cross site scripting
Cross-site scripting XSS vulnerability in PRO-search 0.17.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the q parameter to the default URI...
CVE-2007-5434
The CVE-2007-5434 entry describes a cross-site scripting (XSS) vulnerability in PRO-search versions up to 0.17.1, where an attacker can inject arbitrary script or HTML via the q parameter to the default URI. The issue stems from unsanitized user input in the query parameter, enabling remote scrip...
CVE-2007-5434
Cross-site scripting XSS vulnerability in PRO-search 0.17.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the q parameter to the default URI...
Vulnerability in PRO-search
Здравствуйте 3APA3A! Сообщаю вам о найденной мною Cross-Site Scripting уязвимости в PRO-search. XSS: Уязвимость на главной странице в параметре q. http://site/?q=223E3Cscript3Ealertdocument.cookie3C/script3E Дополнительная информация о данной уязвимости у меня на сайте:...