6712 matches found
RunCMS 1.x - Ratefile.php Cross-Site Scripting
RunCMS 1.x - Ratefile.php Cross-Site Scripting source: https://www.securityfocus.com/bid/16769/info RunCMS is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have...
[SA18963] Mac OS X "__MACOSX" ZIP Archive Shell Script Execution
TITLE: Mac OS X "MACOSX" ZIP Archive Shell Script Execution SECUNIA ADVISORY ID: SA18963 VERIFY ADVISORY: http://secunia.com/advisories/18963/ CRITICAL: Extremely critical IMPACT: System access WHERE: From remote OPERATING SYSTEM: Apple Macintosh OS X http://secunia.com/product/96/ DESCRIPTION:...
Dragonfly CMS 9.0.6.1 Downloads Module - 'c' Cross-Site Scripting
source: https://www.securityfocus.com/bid/16784/info Dragonfly is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in the browser of an unsuspecting user in...
EveryoneXSS.txt
Title: Everyone's loginName variable Cross Site Scripting Author: Simo Ben youssef aka 6mOHaCk Published: 12 february 2006 MorX Security Research Team http://www.morx.org Service: Webmail Vendor: everyone / www.everyone.net Vulnerability: Cross Site Scripting Exploit included: Yes Details:...
Design/Logic Flaw
Incomplete blacklist vulnerability in connector.php in FCKeditor 2.0 and 2.2, as used in products such as RunCMS, allows remote attackers to upload and execute arbitrary script files by giving the files specific extensions that are not listed in the ConfigDeniedExtensionsFile, such as .php.txt...
cPanel 10.8.1 - Multiple Cross-Site Scripting Vulnerabilities
cPanel 10.8.1 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/16482/info cPanel is prone to multiple cross-site scripting vulnerabilities. These issues are due to a lack of proper sanitization of user-supplied input. An attacker may leverage these issues ...
Ashwebstudio Ashnews 0.83 - Cross-Site Scripting
Ashwebstudio Ashnews 0.83 - Cross-Site Scripting source: https://www.securityfocus.com/bid/16426/info Ashnews is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have...
MDKSA-2005:120-1 : mozilla-firefox
A number of vulnerabilities were reported and fixed in Firefox 1.0.5 and Mozilla 1.7.9. The following vulnerabilities have been backported and patched for this update: In several places the browser UI did not correctly distinguish between true user events, such as mouse clicks or keystrokes, and...
EV0014.txt
New eVuln Advisory: TinyPHPForum Multiple Vulnerabilities --------------------Summary---------------- Software: TinyPHPForum Sowtware's Web Site: http://www.ralpharama.co.uk/tpf/ Versions: 3.6 and earlier Critical Level: Moderate Type: Multiple Vulnerabilities Class: Remote Status: Unpatched...
[eVuln] TinyPHPForum Multiple Vulnerabilities
New eVuln Advisory: TinyPHPForum Multiple Vulnerabilities --------------------Summary---------------- Software: TinyPHPForum Sowtware's Web Site: http://www.ralpharama.co.uk/tpf/ Versions: 3.6 and earlier Critical Level: Moderate Type: Multiple Vulnerabilities Class: Remote Status: Unpatched...
phpDocumentor 1.2/1.3 - Forum Lib Variable Cross-Site Scripting
source: https://www.securityfocus.com/bid/16101/info phpDocumentor is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browse...
Binary Board System 0.2.5 - toc.pl?board Cross-Site Scripting
Binary Board System 0.2.5 - toc.pl?board Cross-Site Scripting source: https://www.securityfocus.com/bid/15913/info binary board system is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An...
EZDatabase 2.1.2 - index.php?db_id SQL Injection
EZDatabase 2.1.2 - index.php?dbid SQL Injection source: https://www.securityfocus.com/bid/15908/info ezDatabase is prone to multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. ezDatabase is prone to an SQL...
eDatCat 3.0 - EDCstore.pl Cross-Site Scripting
eDatCat 3.0 - EDCstore.pl Cross-Site Scripting source: https://www.securityfocus.com/bid/15889/info eDatCat is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have...
EveryAuction 1.53 - Auction.pl Cross-Site Scripting
EveryAuction 1.53 - Auction.pl Cross-Site Scripting source: https://www.securityfocus.com/bid/15824/info EveryAuction is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to run arbitrary script code in the...
PHP JackKnife 2.21 - Cross-Site Scripting
PHP JackKnife 2.21 - Cross-Site Scripting source: www.securityfocus.com/bid/15841/info PHP JackKnife is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary...
PHP JackKnife 2.21 - Cross-Site Scripting
source: www.securityfocus.com/bid/15841/info PHP JackKnife is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of an...
EveryAuction 1.53 - Auction.pl Cross-Site Scripting
source: https://www.securityfocus.com/bid/15824/info EveryAuction is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to run arbitrary script code in the browser of an unsuspecting user in the context of t...
CF_Nuke 4.6 - index.cfm Cross-Site Scripting
CFNuke 4.6 - index.cfm Cross-Site Scripting source: https://www.securityfocus.com/bid/15778/info CFNuke is prone to multiple cross-site scripting vulnerabilities. These are due to a lack of proper sanitization of user-supplied input. An attacker may leverage these issues to have arbitrary script...
MilliScripts 1.4 - register.php Cross-Site Scripting
MilliScripts 1.4 - register.php Cross-Site Scripting source: https://www.securityfocus.com/bid/15792/info MilliScripts is prone to a cross-site scripting vulnerability. This is due to a lack of proper input validation. An attacker may leverage this issue to have arbitrary script code executed in...