Visale 1.0 pbpgst.cgi keyval Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/17598/info Visale is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have...

ATutor 1.4.3 directory.php Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/13972/info ATutor is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues to...

Web Service Deluxe News Manager 1.0.1 Deluxe Footer.PHP Local File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/23499/info News Manager Deluxe is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. Exploiting this issue may allow an unauthorized user to view files and execute local...

Zabbix Authenticated Remote Command Execution

No description provided by source. This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit4 Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::HttpClient def...

PHProg 1.0 - Multiple Input Validation Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/19942/info PHProg is prone to multiple input-validation vulnerabilities because the application fails to sanitize user-supplied input. These issues include a cross-site scripting vulnerability and a local file-include...

AbleDating 2.4 - search_results.php keyword Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/29342/info AbleDating is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied data. The issues include an SQL-injection vulnerability and a cross-site scripting...

Orbis CMS 1.0.2 - Arbitrary File Upload Vulnerability

No description provided by source. 'Orbis CMS' Arbitrary Script Execution Vulnerability CVE-2010-4313 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- A vulnerability exists in the 'Orbis CMS' filemanfileupload.php script that allows any authenticat...

eCardMAX HotEditor 4.0 Keyboard.PHP Local File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/23377/info eCardMAX HotEditor is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. Exploiting this issue may allow an unauthorized user to view files and execute local...

Adobe IndesignServer 5.5 SOAP Server Arbitrary Script Execution

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core'...

@Mail 4.0/4.13 Multiple Cross Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/14408/info @Mail is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have...

ZO Tech Multiple Print Servers Cross-site Scripting Vulnerability

No description provided by source. GotGeek Labs http://www.gotgeek.com.br/ ZO Tech Multiple Print Servers Cross-site Scripting Vulnerability + Description 1 PA101 Fast Parallel Port Print Server 2 PU201 Fast USB Print Server 3 PA301 Parallel Port Print Server 4 PS531 USB & Parallel Print Server +...

RealOne Player 1.0/2.0/6.0.10/6.0.11 SMIL File Script Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8453/info Real Networks has reported a vulnerability in RealOne Player. Script embedded in SMIL presentations may be executed in the context of a domain that is specified by an attacker. This could allow for theft of...

Pre Classified Listings 1.0 'signup.asp' Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/32567/info Pre Classified Listings is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the...

Active Calendar 1.2 ShowCode.PHP Local File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/22704/info Active Calendar is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. Exploiting this issue may allow an unauthorized user to view files and execute local...

QuadComm Q-Shop 2.5 Failure To Validate Credentials Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8153/info Zone-H has reported that the Q-Shop ASP shopping cart software contains a vulnerability that may allow remote attackers to upload arbitrary files. Once uploaded, the attacker may be able to have the script...

Forum 5 PM.PHP Local File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/18967/info Forum 5 is prone to a local file-include vulnerability. The application fails to sanitize user input when executing the script. In particular the script fails to check for the presence of a directory-traversal...

PHPBB 2.0.x Viewtopic.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13345/info phpBB is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script...

Apple Mac OS X 10.4 Weblog Server Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/14569/info Apple Mac OS X Weblog Server is prone to cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issue...

Topic Calendar 1.0.1 Calendar_Scheduler.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/12893/info Topic Calendar is reportedly affected by a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to...

PostBoard 2.0 Topic Title Script Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/4561/info PostBoard is a freely available, open source message board module for the PostNuke content management system. It is designed for use on the Unix and Linux operating systems. PostBoard does not adequately sanitiz...