70 matches found
Prosieben Community 2011 - Persistent Web Vulnerability
Document Title: =============== Prosieben Community 2011 - Persistent Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=306 Release Date: ============= 2011-10-30 Vulnerability Laboratory ID VL-ID: ==================================== 306...
Opera Web Browser Command Execution and XSS Vulnerabilities (Windows)
The host is installed with Opera Web Browser and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gboperacmdexecnxssvulnwin.nasl 6519 2017-07-04 14:08:14Z cfischer $ Opera Web Browser Command Execution and XSS Vulnerabilities Windows Authors: Chandan S Copyright: Copyright c...
Firebug 1.03 - Rep.JS Script Code Injection
source: https://www.securityfocus.com/bid/23349/info Firebug is prone to a script-code-injection vulnerability because it fails to adequately escape user-supplied data. An attacker can exploit this issue to execute arbitrary script code in the context of the application. Versions prior to 1.04 ar...
HAMweather 3.9.8 - 'template.php' Script Code Injection
source: https://www.securityfocus.com/bid/20311/info HAMweather is prone to a script-code-injection vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue may allow an attacker to compromise the application and the underlying system; other attacks are al...
HAMweather 3.9.8 - template.php Script Code Injection
HAMweather 3.9.8 - template.php Script Code Injection source: https://www.securityfocus.com/bid/20311/info HAMweather is prone to a script-code-injection vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue may allow an attacker to compromise the...
Chatness 2.5 - 'Message Form' HTML Injection
source: https://www.securityfocus.com/bid/12929/info Chatness is prone to an HTML injection vulnerability. This issue is exposed through various chat message form fields. Exploitation will allow an attacker to inject hostile HTML and script code into the session of another user. An attacker could...
[Full-Disclosure] [ GLSA 200502-16 ] ht://Dig: Cross-site scripting vulnerability
Gentoo Linux Security Advisory GLSA 200502-16 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity:...
Gallery: Cross-site scripting vulnerability
Background Gallery is a web application written in PHP which is used to organize and publish photo albums. It allows multiple users to build and maintain their own albums. It also supports the mirroring of images on other servers. Description Jim Paris has discovered a cross-site scripting...
phpGroupWare: XSS vulnerability in wiki module
Background phpGroupWare is a web-based suite of group applications including calendar, todo-list, addressbook, email, wiki, news headlines, and a file manager. Description Due to an input validation error, the wiki module in the phpGroupWare suite is vulnerable to cross site scripting attacks...
SunShop Shopping Cart 1.52.x - User-Embedded Scripting
SunShop Shopping Cart 1.52.x - User-Embedded Scripting source: https://www.securityfocus.com/bid/4506/info SunShop is commercial web store software. It is written in PHP, and will run on most Unix and Linux operating systems as well as Microsoft Windows. SunShop allows attackers to embed arbitrar...