Lucene search
K

6666 matches found

Vulnerability Lab
Vulnerability Lab
added 2012/04/13 12:0 a.m.111 views

Microsoft Partner Service - Persistent Web Vulnerability

Document Title: =============== Microsoft Partner Service - Persistent Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=433 http://www.vulnerability-lab.com/getcontent.php?id=439 MSRC ID: 12209nj Release Date: ============= 2012-04-13...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2012/04/11 12:0 a.m.19 views

WordPress Plugin All-in-One Event Calendar 1.4 - agenda-widget-form.php?title Cross-Site Scripting

WordPress Plugin All-in-One Event Calendar 1.4 - agenda-widget-form.php?title Cross-Site Scripting source: https://www.securityfocus.com/bid/52986/info All-in-One Event Calendar plugin for WordPress is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize...

6.7AI score
Exploits0
exploitpack
exploitpack
added 2012/04/11 12:0 a.m.15 views

WordPress Plugin All-in-One Event Calendar 1.4 - box_publish_button.php?button_value Cross-Site Scripting

WordPress Plugin All-in-One Event Calendar 1.4 - boxpublishbutton.php?buttonvalue Cross-Site Scripting source: https://www.securityfocus.com/bid/52986/info All-in-One Event Calendar plugin for WordPress is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitiz...

Exploits0
Exploit DB
Exploit DB
added 2012/04/11 12:0 a.m.31 views

WordPress Plugin All-in-One Event Calendar 1.4 - 'save_successful.php?msg' Cross-Site Scripting

source: https://www.securityfocus.com/bid/52986/info All-in-One Event Calendar plugin for WordPress is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2012/04/11 12:0 a.m.33 views

WordPress Plugin All-in-One Event Calendar 1.4 - 'box_publish_button.php?button_value' Cross-Site Scripting

source: https://www.securityfocus.com/bid/52986/info All-in-One Event Calendar plugin for WordPress is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2012/04/11 12:0 a.m.31 views

WordPress Plugin All-in-One Event Calendar 1.4 - 'agenda-widget-form.php?title' Cross-Site Scripting

source: https://www.securityfocus.com/bid/52986/info All-in-One Event Calendar plugin for WordPress is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the...

7.4AI score
Exploits0
Symantec
Symantec
added 2012/04/10 12:0 a.m.21 views

Microsoft Forefront Unified Access Gateway URI Open Redirection Vulnerability

Description Microsoft Forefront Unified Access Gateway is prone to a URI open-redirection vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to spoof a UAG server or redirect legitimate network traffic intended for a UAG server. This may...

7.3AI score
Exploits0Affected Software1
Symantec
Symantec
added 2012/04/10 12:0 a.m.32 views

Microsoft Internet Explorer CVE-2012-0168 Print Feature Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Technologies Affected Avaya Aura Conferenci...

7.6CVSS7.1AI score0.18305EPSS
Exploits1Affected Software6
Packet Storm
Packet Storm
added 2012/04/09 12:0 a.m.49 views

osCmax Shop CMS 2.5.1 Cross Site Scripting

Title: ====== osCmax Shop CMS v2.5.1 - Multiple Web Vulnerabilities Date: ===== 2012-04-08 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=497 VL-ID: ===== 497 Introduction: ============= osCMax is a powerful e-commerce/shopping cart web application. There are many...

0.1AI score
Exploits0
Vulnerability Lab
Vulnerability Lab
added 2012/04/07 12:0 a.m.25 views

idev Game Site CMS v1.0 - Multiple Web Vulnerabilities

Document Title: =============== idev Game Site CMS v1.0 - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=494 Release Date: ============= 2012-04-07 Vulnerability Laboratory ID VL-ID: ==================================== 494...

7.1AI score
Exploits0
htbridge
htbridge
added 2012/04/04 12:0 a.m.36 views

Multiple vulnerabilities in Piwigo

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Piwigo, which can be exploited to perform Cross-Site Scripting XSS and Path Traversal attacks. 1 Directory Path Traversal in Piwigo: CVE-2012-2208 1.1 Input passed via the "language" GET parameter to upgrade.php ...

7.6CVSS1.2AI score0.09432EPSS
Exploits7Affected Software1
OpenVAS
OpenVAS
added 2012/04/04 12:0 a.m.23 views

BackupPC < 3.2.1 Multiple XSS Vulnerabilities - Active Check

BackupPC is prone to multiple cross-site scripting XSS vulnerabilities. Copyright C 2012 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

5.8AI score
Exploits0References9
exploitpack
exploitpack
added 2012/04/03 12:0 a.m.17 views

Arbor Networks Peakflow SP 3.6.1 - index Cross-Site Scripting

Arbor Networks Peakflow SP 3.6.1 - index Cross-Site Scripting source: https://www.securityfocus.com/bid/52881/info Peakflow SP is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in...

6.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2012/04/03 12:0 a.m.26 views

McAfee WebShield UI ProcessTextFile bodyStyle Parameter XSS (SB10020)

The version of WebShield UI hosted on the remote web server has a reflected cross-site scripting vulnerability. Input to the 'bodyStyle' parameter of ProcessTextFiles is not properly sanitized. A remote attacker could exploit this by tricking a user into requesting a maliciously crafted URL,...

4.3CVSS5.5AI score0.01384EPSS
Exploits0References3
Exploit DB
Exploit DB
added 2012/04/03 12:0 a.m.34 views

Arbor Networks Peakflow SP 3.6.1 - &#039;index/&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/52881/info Peakflow SP is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2012/04/02 12:0 a.m.17 views

JBMC Software DirectAdmin 1.403 - domain Cross-Site Scripting

JBMC Software DirectAdmin 1.403 - domain Cross-Site Scripting source: https://www.securityfocus.com/bid/52845/info DirectAdmin is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in...

6.8AI score
Exploits0
Exploit DB
Exploit DB
added 2012/04/02 12:0 a.m.18 views

JBMC Software DirectAdmin 1.403 - &#039;domain&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/52845/info DirectAdmin is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the...

7.4AI score
Exploits0
OpenVAS
OpenVAS
added 2012/04/02 12:0 a.m.16 views

JamWiki < 1.1.6 XSS Vulnerability - Active Check

JAMWiki is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.6AI score
Exploits0References7
exploitpack
exploitpack
added 2012/04/01 12:0 a.m.18 views

ManageEngine Firewall Analyzer 7.2 - fwmindex.do?url Cross-Site Scripting

ManageEngine Firewall Analyzer 7.2 - fwmindex.do?url Cross-Site Scripting source: https://www.securityfocus.com/bid/52841/info Firewall Analyzer is prone to multiple cross-site scripting vulnerabilities because it fails to sanitize user-supplied input. An attacker may leverage these issues to...

6.8AI score
Exploits0
exploitpack
exploitpack
added 2012/04/01 12:0 a.m.11 views

ManageEngine Firewall Analyzer 7.2 - fwsyslogViewer.do?port Cross-Site Scripting

ManageEngine Firewall Analyzer 7.2 - fwsyslogViewer.do?port Cross-Site Scripting source: https://www.securityfocus.com/bid/52841/info Firewall Analyzer is prone to multiple cross-site scripting vulnerabilities because it fails to sanitize user-supplied input. An attacker may leverage these issues...

0.1AI score
Exploits0
Rows per page
Query Builder