23 matches found
EUVD-2006-2877
Malware in sbrugna...
EUVD-2006-0714
Malware in sbrugna...
PyBlosxom 1.6.3 Atom Flavor Multiple XML Injection Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/33676/info PyBlosxom is prone to multiple XML-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied XML and...
FreeBSD : pyblosxom -- atom flavor multiple XML injection vulnerabilities (b07f3254-f83a-11dd-85a4-ea653f0746ab)
Security Focus reports : PyBlosxom is prone to multiple XML-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied XML and script code would run in the context of the affected browser,...
FreeBSD Ports: pyblosxom
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
FreeBSD Ports: pyblosxom
The remote host is missing an update to the system as announced in the referenced advisory. VID b07f3254-f83a-11dd-85a4-ea653f0746ab OpenVAS Vulnerability Test $ Description: Auto generated from VID b07f3254-f83a-11dd-85a4-ea653f0746ab Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...
[BMSA-2009-02] XML injection in PyBlosxom
BLUE MOON SECURITY ADVISORY 2009-02 =================================== :Title: XML Injection in PyBlosxom :Severity: Low :Reporter: Blue Moon Consulting :Products: PyBlosxom v1.4.3 :Fixed in: -- Description ----------- PyBlosxom is a lightweight file-based weblog system. The project started as a...
pyblosxom -- atom flavor multiple XML injection vulnerabilities
Security Focus reports: PyBlosxom is prone to multiple XML-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied XML and script code would run in the context of the affected browser,...
PyBlosxom 1.6.3 Atom Flavor - Multiple XML Injection Vulnerabilities
source: https://www.securityfocus.com/bid/33676/info PyBlosxom is prone to multiple XML-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied XML and script code would run in the context...
PyBlosxom 1.6.3 Atom Flavor - Multiple XML Injection Vulnerabilities
PyBlosxom 1.6.3 Atom Flavor - Multiple XML Injection Vulnerabilities source: https://www.securityfocus.com/bid/33676/info PyBlosxom is prone to multiple XML-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in dynamically generated...
Cross site scripting
Cross-site scripting XSS vulnerability in the Contributed Packages for PyBlosxom 1.2.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the Comments plugin in the 1 url and 2 author fields...
CVE-2006-2880
Cross-site scripting XSS vulnerability in the Contributed Packages for PyBlosxom 1.2.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the Comments plugin in the 1 url and 2 author fields...
CVE-2006-2880
CVE-2006-2880 describes a Cross-site scripting (XSS) vulnerability in the PyBlosxom Contributed Packages, affecting version 1.2.2 and earlier. The flaw resides in the Comments plugin, where user-supplied input in the url and author fields can be interpreted as HTML/script by the web application, ...
CVE-2006-2880
Cross-site scripting XSS vulnerability in the Contributed Packages for PyBlosxom 1.2.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the Comments plugin in the 1 url and 2 author fields...
[SA20436] PyBlosxom Contributed Packages Cross-Site Scripting Vulnerability
---------------------------------------------------------------------- Want to join the Secunia Security Team? Secunia offers a position as a security specialist, where your daily work involves reverse engineering of software and exploit code, auditing of source code, and analysis of vulnerabilit...
Design/Logic Flaw
PyBlosxom before 1.3.2, when running on certain webservers, allows remote attackers to read arbitrary files via an HTTP request with multiple leading / slash characters, which is accessed using the PATHINFO variable...
CVE-2006-0707
PyBlosxom before 1.3.2, when running on certain webservers, allows remote attackers to read arbitrary files via an HTTP request with multiple leading / slash characters, which is accessed using the PATHINFO variable...
CVE-2006-0707
PyBlosxom before 1.3.2, when running on certain webservers, allows remote attackers to read arbitrary files via an HTTP request with multiple leading / slash characters, which is accessed using the PATHINFO variable...
CVE-2006-0707
PyBlosxom before 1.3.2, when running on certain webservers, allows remote attackers to read arbitrary files via an HTTP request with multiple leading / slash characters, which is accessed using the PATHINFO variable...
CVE-2006-0707
CVE-2006-0707 affects PyBlosxom before 1.3.2. On certain web servers, a crafted HTTP request with multiple leading slashes (PATH_INFO) allows remote attackers to read arbitrary files. The vulnerability stems from how PATH_INFO is interpreted by the application, enabling a path traversal-like acce...