799 matches found
Unfixed XSS vulnerability at www.oceanario.pt
Security researcher iNs4n3.PT, has submitted on 16/10/2008 a cross-site-scripting XSS vulnerability affecting www.oceanario.pt, which at the time of submission ranked 553003 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 13/09/2009. It is...
Unfixed XSS vulnerability at classificados.iol.pt
Security researcher iNs4n3.PT, has submitted on 16/10/2008 a cross-site-scripting XSS vulnerability affecting classificados.iol.pt, which at the time of submission ranked 2407 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 13/09/2009. It is...
Unfixed XSS vulnerability at pai.pt
Security researcher iNs4n3.PT, has submitted on 16/10/2008 a cross-site-scripting XSS vulnerability affecting pai.pt, which at the time of submission ranked 14740 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 13/09/2009. It is currently...
Unfixed XSS vulnerability at www.chip7.pt
Security researcher 14house, has submitted on 23/08/2007 a cross-site-scripting XSS vulnerability affecting www.chip7.pt, which at the time of submission ranked 25130 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 24/08/2007. It is currently...
AllMyLinks 0.5.0 - index.php Remote File Inclusion
AllMyLinks 0.5.0 - index.php Remote File Inclusion /\ AllMyLinks 0.5.0 ========================================================= Published : 2007-01-07 Remote: Yes Site: http://download.php-resource.net/AllMyLinks/AllMyLinks0.5.0.zip Author: GolDM Contact: [email protected]...
AllMyLinks 0.5.0 - 'index.php' Remote File Inclusion
/\ AllMyLinks 0.5.0 ========================================================= Published : 2007-01-07 Remote: Yes Site: http://download.php-resource.net/AllMyLinks/AllMyLinks0.5.0.zip Author: GolDM Contact: [email protected] ===================================================== ThanX = All My Friends &...
CVE-2006-4917
Cross-site scripting XSS vulnerability in search.php in PT News 1.7.8 allows remote attackers to inject arbitrary web script or HTML via the pgname parameter...
CVE-2006-4917
CVE-2006-4917 describes a cross-site scripting (XSS) vulnerability in PT News 1.7.8. The issue exists in the search.php component and is exploitable via the pgname parameter, allowing remote attackers to inject arbitrary web script or HTML. Affected software: PT News 1.7.8; vulnerable functionali...
CVE-2006-4917
Cross-site scripting XSS vulnerability in search.php in PT News 1.7.8 allows remote attackers to inject arbitrary web script or HTML via the pgname parameter...
PT News 1.7.8 (Search.php) XSS Vulnerability
PT News 1.7.8 Search.php XSS Vulnerability ----------------------------------------------------------- PT News Version: 1.7.8 Website URL:http://www.openbg.net/ptsite/ ----------------------------------------------------------- Discoved by Snake Unkn0wn Security Researcher The original article ca...
CVE-2006-3929
Cross-site scripting XSS vulnerability in the Forms/rpSysAdmin script on the Zyxel Prestige 660H-61 ADSL Router running firmware 3.40PT.0b32 allows remote attackers to inject arbitrary web script or HTML via hex-encoded values in the a parameter...
CVE-2006-3929
Affected product: Zyxel Prestige 660H-61 ADSL Router, firmware 3.40(PT.0)b32. Vulnerable component: Forms/rpSysAdmin script. Root cause: XSS via hex-encoded values in parameter a due to improper sanitization. Impact: remote attacker can execute arbitrary script in the victim’s browser (cross-site...
PT-2006-3529 · Nucleus · Nucleus
Name of the Vulnerable Software and Affected Versions: Nucleus versions 3.22 and earlier Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALSDIR LIBS parameter in the nucleus/libs/PLUGINADMIN.php file. Recommendations: For versions 3.22 and earlier...
PT-2006-2224 · Sergey Korostel · Sergey Korostel Php Upload Center
Name of the Vulnerable Software and Affected Versions: Sergey Korostel PHP Upload Center affected versions not specified Description: The issue allows remote attackers to execute arbitrary PHP code by uploading a file with a name that ends in a .php.li extension. This file can then be accessed fr...
PT News Unauthorized Administrative Access
The remote host is using the PT News management system. There is a flaw in this version which allows anyone to execute arbitrary admnistrative PTnews command on this host such as deleting news or editing a news without having to know the administrator password. An attacker may use this flaw to ed...
CVE-2000-0275
CRYPTOCard CryptoAdmin for PalmOS uses weak encryption to store a user PIN in the .PDB. An attacker with access to the .PDB can crack the PIN and generate valid PT-1 tokens. Affected product: CryptoAdmin for PalmOS. Root cause: weak PIN storage encryption. Impact: local attacker could access toke...
PT-1999-1174
Name of the Vulnerable Software and Affected Versions No specific software or versions are mentioned. Description The issue is related to Anonymous FTP being enabled. Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability...
PT-1999-1208 · Undefined · Undefined
Name of the Vulnerable Software and Affected Versions: No specific software or versions mentioned Description: A filter in a router or firewall allows unusual fragmented packets. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerabili...
PT-2004-3668 · Debian +1 · Debian +1
Name of the Vulnerable Software and Affected Versions: Debian GNU/Linux kernel-image-2.4.27-4-itanium version 2.4.27-4 Debian GNU/Linux kernel-pcmcia-modules-2.4.27-4-686 version 2.4.27-4 Debian GNU/Linux kernel-pcmcia-modules-2.4.27-4-586tsc version 2.4.27-4 Debian GNU/Linux...