mp3com.txt

mp3.com - Cross site scripting vulnerability ---------------------------------------------- Type: Cross site scripting Date: June, 15th 2006 ---------------------------------------------- Credits: ---------------------------------------------- Discovered by: David "Aesthetico" Vieira-Kurz...

MVNForum Activatemember 1.0 - Cross-Site Scripting

source: https://www.securityfocus.com/bid/18663/info mvnForum is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code execute in the browser of a...

eNpaper1 - 'Root_Header.php' Remote File Inclusion

source: https://www.securityfocus.com/bid/18649/info eNpaper1 is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input to the application. An attacker may leverage this issue to have an arbitrary remote file containing malicious script code execute...

Winged Gallery 1.0 - 'Thumb.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/18629/info Winged Gallery is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code execute in the browse...

BlueDragon 6.2.1 Multiple Remote Vulnerabilities (XSS, DoS)

The remote host is running BlueDragon Server / Server JX, Java-based servers for stand-alone deployment of CFML ColdFusion Markup Language pages. The version of BlueDragon Server / Server JX installed on the remote host fails to sanitize user-supplied input passed as part of the filename before...

Usenet 0.5 - 'index.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/18662/info Usenet is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code execute in the browser of an...

PHP Blue Dragon CMS 2.9.1 - Multiple Remote File Inclusions

PHP Blue Dragon CMS 2.9.1 - Multiple Remote File Inclusions source: https://www.securityfocus.com/bid/18609/info PHP Blue Dragon CMS is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input to the application. An attacker may leverage thes...

Microsoft Office 2003 - Embedded Shockwave Flash Object Security Bypass

source: https://www.securityfocus.com/bid/18583/info Microsoft Office is prone to a weakness that may allow remote attackers to execute arbitrary script code contained in Shockwave Flash Objects without first requiring confirmation from users. A successful attack may allow attackers to access...

Maximus SchoolMAX 4.0.1 - Error_msg Cross-Site Scripting

Maximus SchoolMAX 4.0.1 - Errormsg Cross-Site Scripting source: https://www.securityfocus.com/bid/18563/info Maximus SchoolMAX is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input before displaying it to users of the application. An attacker may levera...

e107 0.7.5 - Subject HTML Injection

e107 0.7.5 - Subject HTML Injection source: https://www.securityfocus.com/bid/18560/info The e107 CMS is prone to an HTML-injection vulnerability. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site...

macworld.txt

Macworld.com - XSS vulnerability ---------------------------------------------- Type: Cross site scripting Rated as: Low Risk Date: June, 13th 2006 ---------------------------------------------- Credits: ---------------------------------------------- Discovered by: David "Aesthetico" Vieira-Kurz...

GLSA-200606-21 : Mozilla Thunderbird: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200606-21 Mozilla Thunderbird: Multiple vulnerabilities Several vulnerabilities were found and fixed in Mozilla Thunderbird. For details, please consult the references below. Impact : A remote attacker could craft malicious emails...

Singapore 0.9.x/0.10 - Multiple Traversal Arbitrary File Access

source: https://www.securityfocus.com/bid/18518/info singapore gallery is prone to directory-traversal and cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit the directory-traversal...

TWiki Privilege Escalation

Binary data 3657.prm...

Singapore 0.9.x0.10 - Multiple Traversal Arbitrary File Access

Singapore 0.9.x0.10 - Multiple Traversal Arbitrary File Access source: https://www.securityfocus.com/bid/18518/info singapore gallery is prone to directory-traversal and cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied...

Singapore 0.9.x0.10 - index.php?template Cross-Site Scripting

Singapore 0.9.x0.10 - index.php?template Cross-Site Scripting source: https://www.securityfocus.com/bid/18518/info singapore gallery is prone to directory-traversal and cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied...

CMS Faethon 1.3.2 - Multiple Remote File Inclusions

CMS Faethon 1.3.2 - Multiple Remote File Inclusions source: https://www.securityfocus.com/bid/18489/info CMS Faethon is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input to the application. An attacker may leverage these issues to have...

aXentForum II XSS vuLLn

vendor:http://www.axent.us/axentforum.cfm affected versions:aXentForum II and prior aXentForum II contains a flaw that allows a remote Cross-Site Scripting attacks.Input passed to the "startrow" parameter in "viewposts.cfm" isn't properly sanitised before being returned to the user. This can be...

HotPlug CMS 1.0 - Login1.php Cross-Site Scripting

HotPlug CMS 1.0 - Login1.php Cross-Site Scripting source: https://www.securityfocus.com/bid/18454/info HotPlug CMS is prone to a cross-site scripting attack. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to execute...

HotPlug CMS 1.0 - 'Login1.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/18454/info HotPlug CMS is prone to a cross-site scripting attack. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to execute arbitrary HTML and script code in the browser of a...