PHP-Nuke 8.0 SQL Injection

PHP Nuke v.8.0 referer SQL Injection Author: Gerendi Sandor Attila Original advisory: http://gsasec.blogspot.com/2009/05/php-nuke-v80-referer-sql-injection.html Date: May 14, 2009 Package: PHP-Nuke Product homepage: http://phpnuke.org/ Versions Affected: v.8.0 Other versions may also be affected...

Claroline 1.8.11 Cross Site Scripting

Author: Gerendi Sandor Attila Original Advisory: http://gsasec.blogspot.com/2009/05/claroline-v1811-cross-site-scripting.html Date: May 05, 2009 Package: Claroline 1.8.11 Product Homepage: http://www.claroline.net/ Versions Affected: v.1.8.11 Other versions may also be affected Severity: Medium...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in QuickerSite 1.8.5 allow remote attackers to inject arbitrary web script or HTML via 1 the close parameter to showThumb.aspx; 2 SBredirect and 3 SBfeedback parameters in processsend.asp, as reachable through default.asp; 4 paramCode and 5 cColor...

PT-2009-3647 · Pixie · Pixie Cms

Name of the Vulnerable Software and Affected Versions: Pixie CMS version 1.01a Description: The issue allows remote attackers to execute arbitrary SQL commands via the Referer HTTP header in a request, specifically in the referral function in admin/lib/lib logs.php. Recommendations: For Pixie CMS...

Ubuntu Update for firefox vulnerabilities USN-546-1

Ubuntu Update for Linux kernel vulnerabilities USN-546-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN5461.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for firefox vulnerabilities USN-546-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...

CVE-2007-2952

Multiple stack-based buffer overflows in the filter service aka k9filter.exe in Blue Coat K9 Web Protection 3.2.44 with Filter 3.2.32 allow 1 remote attackers to execute arbitrary code via a long HTTP Referer header to the K9 Web Protection Administration interface and 2 man-in-the-middle attacke...

Stack overflow

Multiple stack-based buffer overflows in the filter service aka k9filter.exe in Blue Coat K9 Web Protection 3.2.44 with Filter 3.2.32 allow 1 remote attackers to execute arbitrary code via a long HTTP Referer header to the K9 Web Protection Administration interface and 2 man-in-the-middle attacke...

CVE-2007-2952

Multiple stack-based buffer overflows in the filter service aka k9filter.exe in Blue Coat K9 Web Protection 3.2.44 with Filter 3.2.32 allow 1 remote attackers to execute arbitrary code via a long HTTP Referer header to the K9 Web Protection Administration interface and 2 man-in-the-middle attacke...

Blue Coat K9 Web Protection buffer overflow

Buffer overflow on Referer header parsing. Buffer overflow on control server response parsing...

CVE-2003-1560

Netscape 4 sends Referer headers containing https:// URLs in requests for http:// URLs, allowing remote attackers to read Referer log data and obtain potentially sensitive information. The provided documents do not specify broader impact, affected versions beyond Netscape 4, or concrete remediati...

httpd cross-site scripting flaw in mod_imap

Cross-site scripting XSS vulnerability in the modimap module of Apache httpd before 1.3.35-dev and Apache httpd 2.0.x before 2.0.56-dev allows remote attackers to inject arbitrary web script or HTML via the Referer when using image maps...

Cross site request forgery (csrf)

The management interface in Akamai Client formerly Red Swoosh 3322 and earlier allows remote attackers to bypass authentication via an HTTP request that contains 1 no Referer header, or 2 a spoofed Referer header that matches an approved domain, which allows remote attackers to conduct cross-site...

CVE-2008-1106

The management interface in Akamai Client formerly Red Swoosh 3322 and earlier allows remote attackers to bypass authentication via an HTTP request that contains 1 no Referer header, or 2 a spoofed Referer header that matches an approved domain, which allows remote attackers to conduct cross-site...

Secunia Research: Akamai Red Swoosh Cross-Site Request Forgery

====================================================================== Secunia Research 06/06/2008 - Akamai Red Swoosh Cross-Site Request Forgery Vulnerabilities - ====================================================================== Table of Contents Affected...

Sun Java System Web Server cross-site scripting vulnerability

Overview Sun Java System Web Server originally called Sun ONE Web Server contains a cross-site scripting vulnerability. A vulnerable web server does not adequately validate the HTTP REFERER header before using the contents in the default error page. Impact A malicious script may be executed on th...

Problem with referer header handling on mobile phone web browsers

Overview We have confirmed that web browser products from Openwave Systems Inc. used for the Internet connection service for mobile phones have a problem in its function of sending referer information under certain circumstances. This problem has been reported for KDDI's au mobile phones. KDDI,...

Cross site scripting

Cross-site scripting XSS vulnerability in ZyXEL ZyWALL 100 allows remote attackers to inject arbitrary web script or HTML via the Referer header, which is not properly handled in a 404 Error page...

CVE-2008-2167

Cross-site scripting XSS vulnerability in ZyXEL ZyWALL 100 allows remote attackers to inject arbitrary web script or HTML via the Referer header, which is not properly handled in a 404 Error page...

CVE-2008-2167

Cross-site scripting XSS vulnerability in ZyXEL ZyWALL 100 allows remote attackers to inject arbitrary web script or HTML via the Referer header, which is not properly handled in a 404 Error page...

CVE-2008-2167

ZyXEL ZyWALL 100 is affected by a cross-site scripting (XSS) vulnerability where a crafted Referer header is not properly handled on the 404 error page, allowing remote attackers to inject arbitrary web script or HTML. The available documents identify the affected product and the vulnerability cl...