DEBIAN-CVE-2006-3810

Cross-site scripting XSS vulnerability in Mozilla Firefox 1.5 before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to inject arbitrary web script or HTML via the XPCNativeWrapperwindow.Function construct...

security flaw

Cross-site scripting XSS vulnerability in Mozilla Firefox 1.5 before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to inject arbitrary web script or HTML via the XPCNativeWrapperwindow.Function construct...

mospray.txt

Kurdish Security MoSpray Remote File Include Vulnerability Original Advisory : http://kurdishsecurity.blogspot.com/2006/07/kurdish-security-14-mospray-basedir.html Freedom For Ocalan Contact : irc.gigachat.net kurdhack & www.PatrioticHackers.com Rish : High Class : Remote Script : MoSpray Site :...

CVE-2006-3681

Multiple cross-site scripting XSS vulnerabilities in awstats.pl in AWStats 6.5 build 1.857 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 refererpagesfilter, 2 refererpagesfilterex, 3 urlfilterex, 4 urlfilter, 5 hostfilter, or 6 hostfilterex parameters, a...

CVE-2006-3624

CVE-2006-3624 documents multiple cross-site scripting (XSS) vulnerabilities in FLV Players 8 . The issue is triggered by the url parameter to either player.php or popup.php , allowing remote injection of arbitrary script/HTML. NVD reports a CVSSv2 base score of 4.3 (MEDIUM) with network attack ve...

EUVD-2006-3566

Multiple cross-site scripting XSS vulnerabilities in interna/hilfe.php in Papoo 3 RC3 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 titel or 2 ausgabe parameters...

PT-2006-4443 · Unknown · Fantastic Guestbook

Name of the Vulnerable Software and Affected Versions: Fantastic Guestbook versions 2.0.1 and earlier Description: The issue allows remote attackers to inject arbitrary web script or HTML via the first name, last name, or nickname parameters in the guestbook.php file. Recommendations: For Fantast...

PT-2006-4289 · Taskjitsu · Taskjitsu

Name of the Vulnerable Software and Affected Versions: Taskjitsu versions prior to 2.0.1 Description: The issue allows remote attackers to inject arbitrary web script or HTML via multiple unspecified parameters, including the title and description parameters when creating a task. Recommendations:...

cpanel10.txt

A new vulnerability was found in Cpanel V.10; It happen cause the variable &File of the select.html file in the edit-zone just filter the 's labels and the possibility can by open to other labels like Server Side Include, HMTL labels... including Javascript expressed in other ways An attacker can...

mybloggie221.txt

Milli-Harekat Advisory www.milli-harekat.org MyBloggie = 2.1.1 version - Remote File Include Vulnerabilities Risk : meduim Class: Remote Script : MyBloggie 2.1.1 version Msn : erne at ernealizm.com Credits : ERNE Thanks : DjReMix,Eskobar,Blackened,TRIP,ßy KorsaN,OsL3m7,Poizonbox,Dilejyoner and Al...

PHP-Nuke 7.9 Final - 'phpbb_root_path' Remote File Inclusions

Milli-Harekat Advisory www.milli-harekat.org PHP-Nuke = All version - Remote File Include Vulnerabilities Risk : High Class: Remote Script : PHP NUKE ALL VERSION Credits : ERNE Thanks : DjReMix,Eskobar,TRIP,ßy KorsaN,OsL3m7,Poizonbox,Dilejyoner and All MHG USERS Vulnerable :...

CVE-2006-2418

Cross-site scripting XSS vulnerabilities in certain versions of phpMyAdmin before 2.8.0.4 allow remote attackers to inject arbitrary web script or HTML via the db parameter in unknown scripts...

CVE-2006-2396

Cross-site scripting XSS vulnerability in phpODP 1.5h allows remote attackers to inject arbitrary web script via the browse parameter...

ICQ Client Cross-Application Scripting (XAS)

ICQ Client Cross-Application Scripting XAS by [email protected] Severity: Low Potential Impact: Remote script execution ICQ client in some condition is vulnerable to remote script injection into used Internet Explorer in My Computer Security Zone. Detailed description quote...

DEBIAN-CVE-2006-2031

Cross-site scripting XSS vulnerability in index.php in phpMyAdmin 2.8.0.3, 2.8.0.2, 2.8.1-dev, and 2.9.0-dev allows remote attackers to inject arbitrary web script or HTML via the lang parameter...

CVE-2006-2031

Cross-site scripting XSS vulnerability in index.php in phpMyAdmin 2.8.0.3, 2.8.0.2, 2.8.1-dev, and 2.9.0-dev allows remote attackers to inject arbitrary web script or HTML via the lang parameter...

security flaw

Cross-site scripting XSS vulnerability in phpinfo info.c in PHP 5.1.2 and 4.4.2 allows remote attackers to inject arbitrary web script or HTML via long array variables, including 1 a large number of dimensions or 2 long values, which prevents HTML tags from being removed...

PT-2006-2844 · Bluepay · Bluepay Manager

Name of the Vulnerable Software and Affected Versions: BluePay Manager versions 2.0 and earlier Description: The issue allows remote attackers to inject arbitrary web script or HTML during a login action via the Account Name and Username fields. The vendor has disputed this issue, stating it does...

Cross site scripting

Cross-site scripting XSS vulnerability in index.php in ModX 0.9.1 allows remote attackers to inject arbitrary web script or HTML via the id parameter. NOTE: this might be resultant from the directory traversal vulnerability...

CVE-2006-1796

Cross-site scripting XSS vulnerability in the paging links functionality in template-functions-links.php in Wordpress 1.5.2, and possibly other versions before 2.0.1, allows remote attackers to inject arbitrary web script or HTML to Internet Explorer users via the request URI $SERVER'REQUESTURI'...