CVE-2011-2919

Cross-site scripting XSS vulnerability in Spacewalk 1.6, as used in Red Hat Network RHN Satellite, allows remote attackers to inject arbitrary web script or HTML via the QueryString to the SystemGroupList.do page...

Cross site scripting

Cross-site scripting XSS vulnerability in Spacewalk 1.6, as used in Red Hat Network RHN Satellite, allows remote attackers to inject arbitrary web script or HTML via the QueryString to the SystemGroupList.do page...

CVE-2011-2919

CVE-2011-2919 is a cross-site scripting (XSS) vulnerability in Spacewalk 1.6 as used with Red Hat Network Satellite. The issue allows a remote attacker to inject arbitrary web script or HTML via the QueryString to the SystemGroupList.do page. Connected documents corroborate the vulnerability in R...

CVE-2011-2919

Cross-site scripting XSS vulnerability in Spacewalk 1.6, as used in Red Hat Network RHN Satellite, allows remote attackers to inject arbitrary web script or HTML via the QueryString to the SystemGroupList.do page...

ShopXP admin/pinglun.asp SQL注入漏洞

http://bbs.anquan.org/forum.php?mod=viewthread&tid=22021&page=1pid55222漏洞存在于/admin/pinglun.asp 文件 --用户评论 首先看到 引用了xp.asp文件， 这个文件的作用是获取数据库连接对象，继续回到/admin/pinglun.asp 文件， pinglunid=request.QuerySt...

phpcms 2 0 0 7 onunload. inc. php page to an update-type implant is attached using the EXP-bug warning-the black bar safety net

Download a set of phpcms 2 0 0 7 analysis, in the module\movie\onunload. inc. php found a update type of injection. query"UPDATE ". TABLEMOVIESERVER." SET num = num-1 WHERE serverid = $serverid AND num 0 "; ? $serverid is not any filtering and also not enclosed in single quotation marks, so ignor...

Joomla! Component Spider Catalog 1.1 - Product_ID SQL Injection

Joomla! Component Spider Catalog 1.1 - ProductID SQL Injection 1 1 0 I'm D4NB4R member from Inj3ct0r Team 1 1 0 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1 Exploit Title: Joomla comspidercatalog SQL injection Vulnerability Dork: inurl:index.php?option=comspidercatalog...

Comm100 Forums Arbitrary Redirect

Date: 8.10.2011 Author: Sony Software Link: http://comm100.com/ Google Dorks: Forum Powered by Comm100 Blog : http://st2tea.blogspot.com .................................................................. Demo: http://hosted.comm100.com/Forum/Default.aspx?siteid=10000 Before:...

freediscussionforums 1.0 - Multiple Vulnerabilities

freediscussionforums 1.0 - Multiple Vulnerabilities ''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | | | | | || / \ || | | | || ||// \/|/ http://www.exploit-db.com/moaub-14-freediscussionforums-multiple-remote-vulnerabilities/ ''' Abysssec Inc Public Advisory...

Ding peaks of the smart forms system across the directory to delete the file vulnerability-vulnerability warning-the black bar safety net

The impact of the system:peak peak smart form systemASP V1. 0 Mini Defective part: elseif Request. QueryString"action"="del" then 'QueryString transmission, not much to say f=Request. QueryString"f" ‘is the QueryString, get“f”variable if f"" then 'determine f whether the null character Set...

EasyPhotoStore Xss / Sql Injection Vulnerability

Exploit for php platform in category web applications ================================================ EasyPhotoStore Xss / Sql Injection Vulnerability ================================================ 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\...

NCT Jobs Portal Script SQL Injection / Cross Site Scripting

Exploit Title: XSS and Authentication bypass in NCT Jobs Portal Script Date: 24-apr-2010 Author: Sid3^effects Software Link: N/a CVE : Code : XSS and Authentication bypass in NCT Jobs Portal Script Vendor:http://www.ncrypted.net/ Author:Sid3^effects Description : NCT Jobs Portal script is a web...

NCT Jobs Portal Script - Cross-Site Scripting / Authentication Bypass

Exploit Title: XSS and Authentication bypass in NCT Jobs Portal Script Date: 24-apr-2010 Author: Sid3^effects Software Link: N/a CVE : Code : XSS and Authentication bypass in NCT Jobs Portal Script Vendor:http://www.ncrypted.net/ Author:Sid3^effects Description : NCT Jobs Portal script is a web...

NCT Jobs Portal Script - Cross-Site Scripting Authentication Bypass

NCT Jobs Portal Script - Cross-Site Scripting Authentication Bypass Exploit Title: XSS and Authentication bypass in NCT Jobs Portal Script Date: 24-apr-2010 Author: Sid3^effects Software Link: N/a CVE : Code : XSS and Authentication bypass in NCT Jobs Portal Script Vendor:http://www.ncrypted.net/...

Old Y article management system of the injection 0day-vulnerability warning-the black bar safety net

Magic springsB. S. N. hacking Defense Vulnerability rating: moderate Vulnerability description: The vulnerability appears in the js. asp, we first look at the source code. Code: If CheckStrRequest"ClassNo" "" then ClassNo = splitCheckStrRequest"ClassNo","|" 'Here is to get the variable using...

The legend of the ASP Backdoor-vulnerability warning-the black bar safety net

If Request"pwd"=Userpwd or Request"pwd"="hxhack" then Session"mgler"=Userpwd Today saw the ASP to see their collection of a little basic and the code knows it is to see so the sentence there should be excess Look at the code I've never seen such a written Request"pwd"="hxhack” might be too dish u...

CVE-2008-6733

Cross-site scripting XSS vulnerability in the error handling page in DotNetNuke 4.6.2 through 4.8.3 allows remote attackers to inject arbitrary web script or HTML via the querystring parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in the error handling page in DotNetNuke 4.6.2 through 4.8.3 allows remote attackers to inject arbitrary web script or HTML via the querystring parameter...

CVE-2008-6733

Cross-site scripting XSS vulnerability in the error handling page in DotNetNuke 4.6.2 through 4.8.3 allows remote attackers to inject arbitrary web script or HTML via the querystring parameter...

CVE-2005-3579

ts.exe aka ts.cgi in Walla TeleSite 3.0 and earlier allows remote attackers to access arbitrary local files via the querystring...