26 matches found
EUVD-2005-4331
Malware in sbrugna...
EUVD-2011-4219
Malware in sbrugna...
EUVD-2005-4330
Malware in sbrugna...
CVE-2011-4277
Cross-site scripting XSS vulnerability in CourseForum ProjectForum 7.0.1.3038 allows remote attackers to inject arbitrary web script or HTML via a crafted name of an object within a more object on a wiki page...
CourseForum Technologies ProjectForum 4.7 - Multiple Cross-Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/15850/info ProjectForum is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to ha...
ProjectForum 8.4.2 .1 find Request Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/9271/info It has been reported that ProjectForum may be prone to a denial of service vulnerability that may allow an attacker to cause the server to crash by sending an excessively long string via the 'find' request to th...
CVE-2011-4277
Cross-site scripting XSS vulnerability in CourseForum ProjectForum 7.0.1.3038 allows remote attackers to inject arbitrary web script or HTML via a crafted name of an object within a more object on a wiki page...
CVE-2011-4277
CVE-2011-4277 describes a cross‑site scripting (XSS) vulnerability in CourseForum ProjectForum 7.0.1.3038 . The issue allows remote attackers to inject arbitrary web script or HTML via a crafted name of an object within a wiki page. The available documentation provides the impact as user‑level sc...
CVE-2011-4277
Cross-site scripting XSS vulnerability in CourseForum ProjectForum 7.0.1.3038 allows remote attackers to inject arbitrary web script or HTML via a crafted name of an object within a more object on a wiki page...
ProjectForum XSS vulnerability
Overview ProjectForum 7.0.1.3038 and possibly previous versions, are vulnerable to cross site scripting XSS. Description CourseForum's ProjectForum software fails to sanitize all input fields. As a result, cross site scripting XSS attacks can be conducted. By default, a non-credentialed user can...
ProjectForum 7.0.1 3038 - more Object HTML Injection
ProjectForum 7.0.1 3038 - more Object HTML Injection source: https://www.securityfocus.com/bid/49895/info ProjectForum is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...
ProjectForum 7.0.1 3038 - 'more' Object HTML Injection
source: https://www.securityfocus.com/bid/49895/info ProjectForum is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of th...
Project Forum 6.5.2.2978 Cross Site Request Forgery / Cross Site Scripting
!--========================================================================================================= //\ /\ /\ /\ /\ /\ ///\ //\ /\ /\///\ // \ // //\ \ / //\ \ / // //\ \ /\\ \ \ \ / / / / // \ \ // // // // \ // //\ \\ \ // /// \ \ / \ / // / // / / / / / \ \ / / / ...
CVE-2005-4335
ProjectForum 4.7.0 and earlier allows remote attackers to cause a denial of service crash via a crafted pageid parameter to admin/versions.html...
CVE-2005-4336
Cross-site scripting XSS vulnerability in ProjectForum 4.7.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the 1 fwd parameter in admin/adminsignin.html and 2 originalpageid parameter in admin/newpage.html associated with a group...
CVE-2005-4335
ProjectForum 4.7.0 and earlier is affected by a denial-of-service vulnerability triggered by a crafted pageid parameter in admin/versions.html. The entry states remote attackers can crash the application, with CVSS v2 base score 7.8 (HIGH) and network-based vector (AV:N/AC:L/Au:N/C:N/I:N/A:C). Th...
CVE-2005-4336
CVE-2005-4336 describes a Cross-site scripting (XSS) vulnerability in ProjectForum 4.7.0 and earlier. The issue allows remote attackers to inject arbitrary web script or HTML via the parameters (1) fwd in admin/adminsignin.html and (2) originalpageid in admin/newpage.html, associated with a group...
CVE-2005-4335
ProjectForum 4.7.0 and earlier allows remote attackers to cause a denial of service crash via a crafted pageid parameter to admin/versions.html...
CourseForum Technologies ProjectForum 4.7 - Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/15850/info ProjectForum is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code executed ...
CourseForum Technologies ProjectForum 4.7 - Multiple Cross-Site Scripting Vulnerabilities
CourseForum Technologies ProjectForum 4.7 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/15850/info ProjectForum is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize...