6665 matches found
PPLive Multiple Argument Injection Vulnerabilities
This host has PPLive installed and is prone to multiple argument injection vulnerabilities. OpenVAS Vulnerability Test $Id: secpodpplivecodeexevuln.nasl 5122 2017-01-27 12:16:00Z teissa $ PPLive Multiple Argument Injection Vulnerabilities Authors: Nikita MR Copyright: Copyright c 2009 SecPod,...
Turnkey eBook Store 1.1 - 'keywords' Cross-Site Scripting
source: https://www.securityfocus.com/bid/34324/info Turnkey eBook Store is prone to a cross-site scripting vulnerability. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site and to steal cookie-based...
Sun Java System Calendar Server 6 - 'command.shtml' Cross-Site Scripting
source: https://www.securityfocus.com/bid/34153/info Sun Java System Calendar Server is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspectin...
Turnkey eBook Store 1.1 - keywords Cross-Site Scripting
Turnkey eBook Store 1.1 - keywords Cross-Site Scripting source: https://www.securityfocus.com/bid/34324/info Turnkey eBook Store is prone to a cross-site scripting vulnerability. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...
On the web Trojan automated analysis of two small ideas-vulnerability warning-the black bar safety net
Author: rayh4c 80sec Now online web Trojans and more are several sets of a fixed code, The changes are not many, including script code encryption methods, almost all is to explain the type of encryption, since the hack is performed the process of hanging horse, Inglés for the automated analysis o...
IncrediMail 5.86 Cross Site Scripting
!/usr/bin/perl -w IncrediMail Xe latest version XSS Vulnerability Discovered by : Bui Quang Minh Description : The most of popular Mail Client now exclude Script Code for mail content. It aims to avoid the type of XSS exploitation For e.g: stolen cookie. IncrediMail also remove Script Code when t...
IncrediMail 5.86 - Cross-Site Scripting Script Execution
IncrediMail 5.86 - Cross-Site Scripting Script Execution !/usr/bin/perl -w IncrediMail Xe latest version XSS Vulnerability Discovered by : Bui Quang Minh Description : The most of popular Mail Client now exclude Script Code for mail content. It aims to avoid the type of XSS exploitation For e.g:...
[SA34410] PHP Classifieds Cross-Site Scripting and File Upload Vulnerabilities
---------------------------------------------------------------------- Secunia is pleased to announce the release of the annual Secunia report for 2008. Highlights from the 2008 report: Vulnerability Research Software Inspection Results Secunia Research Highlights Secunia Advisory Statistics...
Imera TeamLinks ImeraIEPlugin.dll ActiveX Control DoS Vulnerability
This host is installed with Imera ImeraIEPlugin ActiveX and is prone to denial of service vulnerability. OpenVAS Vulnerability Test $Id: secpodimeraiepluginactvxctrlvuln.nasl 5369 2017-02-20 14:48:07Z cfi $ Imera TeamLinks ImeraIEPlugin.dll ActiveX Control DoS Vulnerability Authors: Nikita MR...
Sun Java System Messenger Express 6.3-0.15 - 'error' Cross-Site Scripting
source: https://www.securityfocus.com/bid/34140/info Sun Java System Messenger Express is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...
FreeBSD : opera -- multiple vulnerabilities (8c5205b4-11a0-11de-a964-0030843d3802)
Opera Team reports : An unspecified error in the processing of JPEG images can be exploited to trigger a memory corruption. An error can be exploited to execute arbitrary script code in a different domain via unspecified plugins. An unspecified error has a 'moderately severe' impact. No further...
Woltlab Burning Board Multiple Input Validation Vulnerabilities
Woltlab Burning Board is prone to multiple input-validation vulnerabilities, including: - Multiple security that may allow attackers to delete private messages - A cross-site scripting vulnerability - Multiple URI redirection vulnerabilities Attackers can exploit these issues to delete private...
TikiWiki 2.23.0 - tiki-list_file_gallery.php Cross-Site Scripting
TikiWiki 2.23.0 - tiki-listfilegallery.php Cross-Site Scripting source: https://www.securityfocus.com/bid/34106/info TikiWiki is prone to a cross-site scripting vulnerability. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the contex...
UMI CMS 2.7 - fields_filter Cross-Site Scripting
UMI CMS 2.7 - fieldsfilter Cross-Site Scripting source: https://www.securityfocus.com/bid/34018/info UMI CMS is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the...
Novaboard 1.0 - HTML Injection / Cross-Site Scripting
source: https://www.securityfocus.com/bid/33968/info NovaBoard is prone to an HTML-injection vulnerability and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage the issues to execute arbitrary script code in the browser of an...
Blogsa 1.0 - Widgets.aspx Cross-Site Scripting
Blogsa 1.0 - Widgets.aspx Cross-Site Scripting source: https://www.securityfocus.com/bid/33957/info Blogsa is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the...
Blogsa 1.0 - 'Widgets.aspx' Cross-Site Scripting
source: https://www.securityfocus.com/bid/33957/info Blogsa is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of...
mod_perl -- cross-site scripting
Secunia reports: Certain input passed to the "Apache::Status" and "Apache2::Status" modules is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected website...
APC PowerChute Network Shutdown - HTTP Response Splitting Cross-Site Scripting
APC PowerChute Network Shutdown - HTTP Response Splitting Cross-Site Scripting source: https://www.securityfocus.com/bid/33924/info APC PowerChute Network Shutdown is prone to an HTTP-response-splitting vulnerability and a cross-site scripting vulnerability because it fails to properly sanitize...
APC PowerChute Network Shutdown - HTTP Response Splitting / Cross-Site Scripting
source: https://www.securityfocus.com/bid/33924/info APC PowerChute Network Shutdown is prone to an HTTP-response-splitting vulnerability and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary...