6712 matches found
Confixx <= 3
p0w3r curse-crew.de Examples: confixx/ftplogin/username/ftpindex.php?path=scriptalert'p0w3r oWnZ'/script...
Ji-takz - Remote File Inclusion
Ji-takz - Remote File Inclusion source: https://www.securityfocus.com/bid/18474/info Ji-takz is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input to the application. An attacker may leverage this issue to have an arbitrary remote file containin...
Ji-takz - Remote File Inclusion
source: https://www.securityfocus.com/bid/18474/info Ji-takz is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input to the application. An attacker may leverage this issue to have an arbitrary remote file containing malicious script code execute ...
Microsoft DXImageTransform.Microsoft.Light ActiveX Control Remote Code Execution Vulnerability
Description The DXImageTransform.Microsoft.Light ActiveX control is prone to remote code execution. An attacker could exploit this issue to execute code in the context of the user visiting a malicious web page. Technologies Affected Microsoft Internet Explorer 5.0.1 Microsoft Internet Explorer...
ESTsoft InternetDisk - Arbitrary File Upload Script Execution
ESTsoft InternetDisk - Arbitrary File Upload Script Execution source: https://www.securityfocus.com/bid/18279/info ESTsoft InternetDisk is prone to an arbitrary file-upload and script-execution vulnerability. An attacker can exploit this vulnerability to upload arbitrary code and execute it in th...
ESTsoft InternetDisk - Arbitrary File Upload / Script Execution
source: https://www.securityfocus.com/bid/18279/info ESTsoft InternetDisk is prone to an arbitrary file-upload and script-execution vulnerability. An attacker can exploit this vulnerability to upload arbitrary code and execute it in the context of the webserver process. This may facilitate...
ToendaCMS 0.7 - index.php Cross-Site Scripting
ToendaCMS 0.7 - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/18178/info ToendaCMS is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have...
JVN#46691257 RWiki arbitrary Ruby script execution vulnerability
Impact A remote attacker could execute an arbitrary Ruby script on the server where RWiki is installed, with the privilege running RWiki. Solution Products Affected RWiki/2.1.0pre2 and all earlier versions...
CVE-2006-2435
Unspecified vulnerability in IBM WebSphere Application Server 5.0.2 and earlier, and 5.1.1 and earlier, has unknown impact and attack vectors related to "Inserting certain script tags in urls that may allow unintended execution of scripts."...
ICQ Client Cross-Application Scripting (XAS)
ICQ Client Cross-Application Scripting XAS by [email protected] Severity: Low Potential Impact: Remote script execution ICQ client in some condition is vulnerable to remote script injection into used Internet Explorer in My Computer Security Zone. Detailed description quote...
timobraun Dynamic Galerie 1.0 - 'galerie.php?pfad' Arbitrary Directory Listing
source: https://www.securityfocus.com/bid/17896/info Dynamic Galerie is prone to a directory-traversal vulnerability and a cross-site scripting vulnerability. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these vulnerabiliti...
liberoXSS.txt
--Security Report-- Advisory: libero.it XSS vulnerability - HTML injection --- Author: Davide Denicolo --- Date: 28/04/06 --- Contact: davidesecurityinfos.com --- Vendor: ItaliaOnLine S.r.l http://www.libero.it Service: Web Level: Low --- Description: Libero.it is a Web portal of big Italian ISP:...
CuteNews 1.4.1 - search.php Multiple Cross-Site Scripting Vulnerabilities
CuteNews 1.4.1 - search.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/17850/info CuteNews is prone to multiple cross-site scripting vulnerabilities. These issues are due to the application's failure to properly sanitize user-supplied input. An attacke...
Albinator 2.0.8 - 'dlisting.php?cid' Cross-Site Scripting
source: https://www.securityfocus.com/bid/17826/info Albinator is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code executed in the browser of an...
OrbitHYIP 2.0 - 'signup.php?referral' Cross-Site Scripting
source: https://www.securityfocus.com/bid/17766/info OrbitHYIP is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code executed in...
DevBB 1.0 - member.php Cross-Site Scripting
DevBB 1.0 - member.php Cross-Site Scripting source: https://www.securityfocus.com/bid/17703/info DevBB is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrar...
PhpWebFtp Cross Site Scripting Vulnerability
Summary =============================================== phpWebFTP enables connections to FTP servers, even behind a firewall not allowing traffic. phpWebFTP bypasses the firewall by making a FTP connection from your webserver to the FTP server and transfering the files to your webclient over the...
axoverzicht.CGI - Cross-Site Scripting
source: https://www.securityfocus.com/bid/17584/info The axoverzicht.cgi script is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting...
Coppermine 1.4.4 - 'index.php' Local File Inclusion
source: https://www.securityfocus.com/bid/17570/info Coppermine is prone to a local file-include vulnerability. This may allow unauthorized users to view files and to execute local scripts. Version 1.4.4 is vulnerable to this issue; other versions may also be affected...
JVN#35274905 FreeStyleWiki cross-site scripting vulnerability
Impact An rbitrary script may be executed on the user's web browser. In addition, if session information from a cookie is leaked, an attacker could possibly conduct session hijacking. Solution Products Affected FreeStyleWiki 3.5.10 and earlier...