6665 matches found
Absolute News Manager .NET 5.1 - xlaabsolutenm.aspx Multiple SQL Injections
Absolute News Manager .NET 5.1 - xlaabsolutenm.aspx Multiple SQL Injections source: https://www.securityfocus.com/bid/26692/info Absolute News Manager .NET is prone to multiple remote vulnerabilities, including multiple cross-site scripting, SQL-injection, and information-disclosure issues...
Absolute News Manager .NET 5.1 - pagesdefault.aspx?template Remote File Access
Absolute News Manager .NET 5.1 - pagesdefault.aspx?template Remote File Access source: https://www.securityfocus.com/bid/26692/info Absolute News Manager .NET is prone to multiple remote vulnerabilities, including multiple cross-site scripting, SQL-injection, and information-disclosure issues...
Absolute News Manager .NET 5.1 - 'getpath.aspx' Direct Request Error Message Information
source: https://www.securityfocus.com/bid/26692/info Absolute News Manager .NET is prone to multiple remote vulnerabilities, including multiple cross-site scripting, SQL-injection, and information-disclosure issues. Attackers can exploit these issues to steal cookie-based authentication...
Absolute News Manager .NET 5.1 - '/pages/default.aspx?template' Cross-Site Scripting
source: https://www.securityfocus.com/bid/26692/info Absolute News Manager .NET is prone to multiple remote vulnerabilities, including multiple cross-site scripting, SQL-injection, and information-disclosure issues. Attackers can exploit these issues to steal cookie-based authentication...
Absolute News Manager .NET 5.1 - 'xlaabsolutenm.aspx' Multiple SQL Injections
source: https://www.securityfocus.com/bid/26692/info Absolute News Manager .NET is prone to multiple remote vulnerabilities, including multiple cross-site scripting, SQL-injection, and information-disclosure issues. Attackers can exploit these issues to steal cookie-based authentication...
F5 Networks FirePass 4100 SSL VPN - My.Logon.php3 Cross-Site Scripting
F5 Networks FirePass 4100 SSL VPN - My.Logon.php3 Cross-Site Scripting source: https://www.securityfocus.com/bid/26659/info F5 Networks FirePass 4100 SSL VPN devices are prone to a cross-site scripting vulnerability because they fail to properly sanitize user-supplied input. An attacker may...
F5 Networks FirePass 4100 SSL VPN - 'My.Logon.php3' Cross-Site Scripting
source: https://www.securityfocus.com/bid/26659/info F5 Networks FirePass 4100 SSL VPN devices are prone to a cross-site scripting vulnerability because they fail to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...
phpslideshow-xss.txt
PHPSlideShow toonchapter8.php Cross-Site Scripting Vulnerability Download: http://fmdeluxe.com/ Bug found by Jose Luis Góngora Fernández / JosS Contact: sys-projectathotmail.com Spanish Hackers Team www.spanish-hackers.com /server irc.freenode.net /join fullsecure d0rk: "Powered by PHPSlideShow"...
FMDeluxe 2.1 - index.php Cross-Site Scripting
FMDeluxe 2.1 - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/26587/info FMDeluxe is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue allows an attacker to execute arbitrary HTML or script...
Satel Lite - Satellite.php Local File Inclusion
Satel Lite - Satellite.php Local File Inclusion source: https://www.securityfocus.com/bid/23143/info Satel Lite is prone to a local file-include vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue may allow an attacker to access sensitive information...
PHPSlideShow 0.9.9 - Directory Cross-Site Scripting
PHPSlideShow 0.9.9 - Directory Cross-Site Scripting source: https://www.securityfocus.com/bid/26575/info PHPSlideShow is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue allows attackers to execute arbitrary HTML or...
VBTube 1.1 - Search Cross-Site Scripting
VBTube 1.1 - Search Cross-Site Scripting source: https://www.securityfocus.com/bid/26566/info VBTube is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue allows attackers to execute arbitrary HTML or script code in a...
Bandersnatch 0.4 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/26553/info Bandersnatch is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in t...
GWextranet Multiple Vulnerabilites
GWextranet Multiple Vulnerabilites Vendor: Messaging Architects http://www.gwtools.com/en/gwextranet/eval/ http://www.example/gwextranet/scp.dll/sendto?user=calendar+of+events&mid=474020FA.GWEMAILDEPOT.SDEPO.100.167656B.1.1B00.1&template=.././../../boot.ini00...
Citrix Netscaler 8.0 build 47.8 - Generic_API_Call.pl Cross-Site Scripting
source: https://www.securityfocus.com/bid/26491/info Citrix NetScaler is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting use...
Liferay Portal 4.1 Login Script - Cross-Site Scripting
Liferay Portal 4.1 Login Script - Cross-Site Scripting source: https://www.securityfocus.com/bid/26470/info Liferay Portal is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute...
Liferay Portal 4.1 Login Script - Cross-Site Scripting
source: https://www.securityfocus.com/bid/26470/info Liferay Portal is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user ...
GLSA-200711-17 : Ruby on Rails: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-200711-17 Ruby on Rails: Multiple vulnerabilities candlerb found that ActiveResource, when processing responses using the Hash.fromxml function, does not properly sanitize filenames CVE-2007-5380. The session management...
Aruba MC-800 Mobility Controller - Screens Directory HTML Injection
Aruba MC-800 Mobility Controller - Screens Directory HTML Injection source: https://www.securityfocus.com/bid/26465/info Aruba MC-800 Mobility Controller is prone to an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied input data. Exploiting this issue may allow...
VTLS Web Gateway 48.1 - Searchtype Cross-Site Scripting
VTLS Web Gateway 48.1 - Searchtype Cross-Site Scripting source: https://www.securityfocus.com/bid/26419/info Web Gateway is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code...