Lucene search
K

3392 matches found

securityvulns
securityvulns
added 2005/12/06 12:0 a.m.33 views

PluggedOut Blog SQL vuln.

PluggedOut Blog SQL vuln. Vuln. dicovered by : r0t Date: 5 dec. 2005 orginal advisory:http://pridels.blogspot.com/2005/12/pluggedout-blog-sql-vuln.html vendor:www.pluggedout.com/index.php?pk=devblog affected version:1.9.4 , 1.9.5 and prior Product Description: Blog is an open source script you ca...

Exploits0
Packet Storm
Packet Storm
added 2005/11/30 12:0 a.m.46 views

Hardened-PHP Project Security Advisory 2005-23.105

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hardened PHP Project www.hardened-php.net -= Security Advisory =- Advisory: Multiple vulnerabilities in vTiger CRM Release Date: 2005/11/24 Last Modified: 2005/11/24 Author: Christopher Kunz Application: vTiger 4.2 and prior Severity: Cross-Site...

10CVSS0.6AI score0.04155EPSS
Exploits2
NVD
NVD
added 2005/11/26 2:3 a.m.18 views

CVE-2005-3818

Multiple cross-site scripting XSS vulnerabilities in vTiger CRM 4.2 and earlier allow remote attackers to inject arbitrary web script or HTML via 1 various input fields, including the contact, lead, and first or last name fields, 2 the record parameter in a DetailView action in the Leads module f...

4.3CVSS5.8AI score0.05084EPSS
Exploits1References12
securityvulns
securityvulns
added 2005/11/24 12:0 a.m.35 views

[SA17693] vtiger CRM Multiple Vulnerabilities

TITLE: vtiger CRM Multiple Vulnerabilities SECUNIA ADVISORY ID: SA17693 VERIFY ADVISORY: http://secunia.com/advisories/17693/ CRITICAL: Highly critical IMPACT: Security Bypass, Cross Site Scripting, Manipulation of data, Exposure of sensitive information, System access WHERE: From remote SOFTWARE...

0.5AI score
Exploits0
exploitpack
exploitpack
added 2005/11/24 12:0 a.m.19 views

vTiger CRM 4.2 RSS Aggregation Module - Feed Cross-Site Scripting

vTiger CRM 4.2 RSS Aggregation Module - Feed Cross-Site Scripting source: https://www.securityfocus.com/bid/15562/info vtiger CRM is prone to multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. vTiger CRM is pro...

6.8AI score
Exploits0
NVD
NVD
added 2005/09/27 8:3 p.m.16 views

CVE-2005-3085

Multiple cross-site scripting XSS vulnerabilities in rss.php in Riverdark Studios RSS Syndicator module 2.1.7 allow remote attackers to inject arbitrary web script or HTML via the 1 forum or 2 topic parameters...

4.3CVSS5.8AI score0.00998EPSS
Exploits1References1
Cvelist
Cvelist
added 2005/09/27 4:0 a.m.17 views

CVE-2005-3085

Multiple cross-site scripting XSS vulnerabilities in rss.php in Riverdark Studios RSS Syndicator module 2.1.7 allow remote attackers to inject arbitrary web script or HTML via the 1 forum or 2 topic parameters...

5.8AI score0.00998EPSS
Exploits1References1
CVE
CVE
added 2005/09/27 4:0 a.m.36 views

CVE-2005-3085

The CVE-2005-3085 entry describes multiple cross-site scripting (XSS) vulnerabilities in Riverdark Studios’ RSS Syndicator module 2.1.7 (rss.php), allowing remote attackers to inject arbitrary web script or HTML via the forum or topic parameters. Affected component is rss.php within the RSS Syndi...

4.3CVSS6AI score0.00998EPSS
Exploits1References1Affected Software1
securityvulns
securityvulns
added 2005/09/27 12:0 a.m.30 views

[SA16934] IPB Riverdark RSS Syndicator Module Cross-Site Scripting

---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...

1.3AI score
Exploits0
Packet Storm
Packet Storm
added 2005/09/24 12:0 a.m.26 views

riverdarkXSS.txt

DESCRIPTION:Riverdark RSS Syndicator v2.17 .This is a pretty basic little RSS syndication tool for Invision Power Board 2.0.0, which outputs the last x number of posts in an RSS 2.0 feed Vendor Page:http://www.riverdark.net/ VULNARBILITY:Cross Site Script...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2005/08/24 12:0 a.m.20 views

ZipTorrent1.3.7.3.txt

/================================================================ ZipTorrent 1.3.7.3 Local Proxy Password Disclosure Exploit by Kozan Discovered & Coded by Kozan Credits to ATmaCA Web: www.spyinstructors.com Mail: [email protected] Application: -------------------- ZipTorrent 1.3.7.3 and...

7.4AI score
Exploits0
CVE
CVE
added 2005/08/19 4:0 a.m.59 views

CVE-2005-2515

The CVE-2005-2515 entry concerns Quartz Composer Screen Saver in Mac OS X 10.4.2. Affected component: the Screen Saver subsystem (Quartz Composer Screen Saver). Root cause / vulnerability: local users can access links from the RSS Visualizer even when a password is required, enabling partial conf...

4.6CVSS8.9AI score0.00369EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2005/08/19 4:0 a.m.24 views

CVE-2005-2515

Quartz Composer Screen Saver in Mac OS X 10.4.2 allows local users to access links from the RSS Visualizer even when a password is required...

8.8AI score0.00369EPSS
Exploits0References3
NVD
NVD
added 2005/08/19 4:0 a.m.20 views

CVE-2005-2515

Quartz Composer Screen Saver in Mac OS X 10.4.2 allows local users to access links from the RSS Visualizer even when a password is required...

4.6CVSS8.8AI score0.00369EPSS
Exploits0References3
Packet Storm
Packet Storm
added 2005/07/22 12:0 a.m.32 views

Hardened-PHP Project Security Advisory 2005-11.59

Hardened PHP Project www.hardened-php.net -= Security Advisory =- Advisory: Multiple vulnerabilities in Contrexx Release Date: 2005/07/21 Last Modified: 2005/07/18 Author: Christopher Kunz Application: Contrexx 1.0.5 Severity: Cross-Site Scripting, SQL injection and information disclosure, passwo...

0.5AI score
Exploits0
OSV
OSV
added 2005/07/05 4:0 a.m.3 views

DEBIAN-CVE-2005-2110

WordPress 1.5.1.2 and earlier allows remote attackers to obtain sensitive information via 1 a direct request to menu-header.php or a "1" value in the feed parameter to 2 wp-atom.php, 3 wp-rss.php, or 4 wp-rss2.php, which reveal the path in an error message. NOTE: vector 1 was later reported to al...

5CVSS6.4AI score0.02879EPSS
Exploits0References1
NVD
NVD
added 2005/05/24 4:0 a.m.19 views

CVE-2005-1695

Multiple cross-site scripting XSS vulnerabilities in the RSS module in PostNuke 0.750 and 0.760RC2 and RC3 allow remote attackers to inject arbitrary web script or HTML via the 1 rssurl parameter to magpieslashbox.php, or the url parameter to 2 magpiesimple.php or 3 magpiedebug.php...

2.6CVSS5.7AI score0.01158EPSS
Exploits0References3
Cvelist
Cvelist
added 2005/05/24 4:0 a.m.18 views

CVE-2005-1697

The RSS module in PostNuke 0.750 and 0.760RC2 and RC3 allows remote attackers to obtain sensitive information via a direct request to simplesmarty.php, which reveals the path in an error message...

6.1AI score0.01125EPSS
Exploits0References1
CVE
CVE
added 2005/05/24 4:0 a.m.52 views

CVE-2005-1695

CVE-2005-1695 affects PostNuke RSS module (versions 0.750, 0.760RC2/RC3). The vulnerability is described as multiple cross-site scripting (XSS) flaws allowing remote injection of script/HTML via parameters: rss_url in magpie_slashbox.php and url in magpie_simple.php/magpie_debug.php. Connected Op...

2.6CVSS5.8AI score0.01158EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2005/05/24 4:0 a.m.47 views

CVE-2005-1697

The CVE-2005-1697 issue affects PostNuke’s RSS module (versions 0.750 and 0.760 RC2/RC3). A direct request to simple_smarty.php exposes the installation path via an error message, enabling remote disclosure of sensitive information. Exploit details are not provided in the sources; no patch/versio...

5CVSS6.1AI score0.01125EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder