EUVD-2005-4302

Malware in sbrugna...

New Ransomware Variants Created Using Leaked Conti Source Code

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The leaked source code of the Conti ransomware has been used to create new strains of the ransomware. These new strains include Putin Team, ScareCrow, BlueSky, and Meow ransomware are being distributed...

Command Execution Vulnerability in Scarecrow PHP System

Scarecrow PHP System is a simple and open source enterprise website program. Scarecrow PHP system has a command execution vulnerability that can be exploited by attackers to gain server control privileges...

File Upload Vulnerability on Scarecrow Enterprise Site (CNVD-2020-27175)

Scarecrow Enterprise Station based on PHP + Sqlite/MySQL open source simple and compact free enterprise website system. Scarecrow Enterprise Station has a file upload vulnerability that can be exploited by attackers to gain control of the server...

File Upload Vulnerability in Scarecrow Enterprise Website

The Inari Enterprise Station is an open source simple and compact free enterprise website system based on PHP+Sqlite/MySQL. Scarecrow Enterprise Station has a file upload vulnerability that can be exploited by attackers to gain access to the web server...

ScareCrow 2.13 forum.cgi forum Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/15915/info ScareCrow is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have...

ScareCrow 2.13 profile.cgi user Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/15915/info ScareCrow is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have...

ScareCrow 2.13 post.cgi forum Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/15915/info ScareCrow is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have...

Scarecrow enterprise Station management system wide byte injection exploit-vulnerability warning-the black bar safety net

Scarecrow enterprise Station based on php+sqlite and php+mysql two versions, php+sqlite features and asp+access almost,the advantage is in favor of the backup, now mostly web space to support php+sqlite. php+mysql features is conducive to processing large amounts of data, but backup and restore i...

CVE-2005-4307

Cross-site scripting XSS vulnerability in ScareCrow 2.13 and earlier allows remote attackers to inject arbitrary web script or HTML via the forum parameter to 1 forum.cgi and 2 post.cgi, or 3 the user parameter to profile.cgi...

CVE-2005-4307

Cross-site scripting XSS vulnerability in ScareCrow 2.13 and earlier allows remote attackers to inject arbitrary web script or HTML via the forum parameter to 1 forum.cgi and 2 post.cgi, or 3 the user parameter to profile.cgi...

CVE-2005-4307

The CVE-2005-4307 entry concerns an XSS vulnerability in ScareCrow 2.13 and earlier. The affected components are the forum.cgi, post.cgi, and profile.cgi endpoints, where attacker-controlled input via the forum parameter (for forum.cgi and post.cgi) or the user parameter (for profile.cgi) can inj...

ScareCrow 2.13 - forum.cgi?forum Cross-Site Scripting

ScareCrow 2.13 - forum.cgi?forum Cross-Site Scripting source: https://www.securityfocus.com/bid/15915/info ScareCrow is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage...

ScareCrow 2.13 - post.cgi?forum Cross-Site Scripting

ScareCrow 2.13 - post.cgi?forum Cross-Site Scripting source: https://www.securityfocus.com/bid/15915/info ScareCrow is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage...

ScareCrow Message Board XSS vuln.

ScareCrow Message Board XSS vuln. Vuln. discovered by : r0t Date: 16 dec. 2005 orginal advisory:http://pridels.blogspot.com/2005/12/scarecrow-message-board-xss-vuln.html vendor:http://scarecrow.sourceforge.net/ affected version:2.13 and prior Product Description: ScareCrow is a fully featured and...

ScareCrow 2.13 - profile.cgi?user Cross-Site Scripting

ScareCrow 2.13 - profile.cgi?user Cross-Site Scripting source: https://www.securityfocus.com/bid/15915/info ScareCrow is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage...

ScareCrow 2.13 - 'profile.cgi?user' Cross-Site Scripting

source: https://www.securityfocus.com/bid/15915/info ScareCrow is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code executed in...

ScareCrow 2.13 - 'forum.cgi?forum' Cross-Site Scripting

source: https://www.securityfocus.com/bid/15915/info ScareCrow is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code executed in...

ScareCrow 2.13 - 'post.cgi?forum' Cross-Site Scripting

source: https://www.securityfocus.com/bid/15915/info ScareCrow is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code executed in...