magnolia.txt

Magnolia CMS Script Insertion Vulnerability Risk: Medium Class: Remote Script: Magnolia CMS Version: not define ------------------------------------------------------------------- Example: http://target/path/search.html?query=CODE&x=0&y=0 http://target/path/search.html?query=alert"lol";&x=0&y=0...

[SA20081] Website Baker "display_name" Script Insertion Vulnerability

TITLE: Website Baker "displayname" Script Insertion Vulnerability SECUNIA ADVISORY ID: SA20081 VERIFY ADVISORY: http://secunia.com/advisories/20081/ CRITICAL: Less critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: Website Baker 2.x http://secunia.com/product/5455/ DESCRIPTION:...

FreeBSD : phpldapadmin -- XSS and Script Insertion vulnerabilities (6d78202e-e2f9-11da-8674-00123ffe8333)

Secunia reports : phpLDAPadmin have some vulnerabilities, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site scripting attacks. 1 Some input isn't properly sanitised before being returned to the user. This can be exploited t...

FreeBSD : phpbb -- multiple vulnerabilities (28c9243a-72ed-11da-8c1d-000e0c2e438a)

Multiple vulnerabilities have been reported within phpbb. phpbb is proven vulnerable to : - script insertion, - bypassing of protetion mechanisms, - multiple cross site scripting vulnerabilities, - SQL injection, - arbitrary code execution %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

FreeBSD : trac -- Wiki Macro Script Insertion Vulnerability (400d9d22-d6c5-11da-a14b-00123ffe8333)

Secunia reports : A vulnerability has been reported, which can be exploited by malicious people to conduct script insertion attacks. Input passed using the wiki macro isn't properly sanitised before being used. This can be exploited to inject arbitrary HTML and script code, which will be executed...

FreeBSD : drupal -- multiple vulnerabilities (faca0843-6281-11da-8630-00123ffe8333)

Secunia reports : Some vulnerabilities have been reported in Drupal, which can be exploited by malicious people to bypass certain security restrictions, and conduct script insertion and HTTP response splitting attacks. 1 An input validation error in the filtering of HTML code can be exploited to...

FreeBSD : bugzilla -- multiple vulnerabilities (46f7b598-a781-11da-906a-fde5cdde365e)

Some vulnerabilities have been reported in Bugzilla, which can be exploited by malicious users to conduct SQL injection attacks, and by malicious people to disclose sensitive information and conduct script insertion attacks. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive tex...

[SA19996] 2005-Comments-Script Multiple Vulnerabilities

TITLE: 2005-Comments-Script Multiple Vulnerabilities SECUNIA ADVISORY ID: SA19996 VERIFY ADVISORY: http://secunia.com/advisories/19996/ CRITICAL: Moderately critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: 2005-Comments-Script http://secunia.com/product/9778/ DESCRIPTION: Some...

[SA19870] Trac Wiki Macro Script Insertion Vulnerability

TITLE: Trac Wiki Macro Script Insertion Vulnerability SECUNIA ADVISORY ID: SA19870 VERIFY ADVISORY: http://secunia.com/advisories/19870/ CRITICAL: Moderately critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: Trac 0.x http://secunia.com/product/5260/ DESCRIPTION: A vulnerability h...

trac -- Wiki Macro Script Insertion Vulnerability

Secunia reports: A vulnerability has been reported, which can be exploited by malicious people to conduct script insertion attacks. Input passed using the wiki macro isn't properly sanitised before being used. This can be exploited to inject arbitrary HTML and script code, which will be executed ...

phpldapadmin -- Cross-Site Scripting and Script Insertion vulnerabilities

Secunia reports: phpLDAPadmin have some vulnerabilities, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site scripting attacks. 1 Some input isn't properly sanitised before being returned to the user. This can be exploited to...

[SA19727] @1 Event Publisher Multiple Vulnerabilities

TITLE: @1 Event Publisher Multiple Vulnerabilities SECUNIA ADVISORY ID: SA19727 VERIFY ADVISORY: http://secunia.com/advisories/19727/ CRITICAL: Moderately critical IMPACT: Cross Site Scripting, Exposure of sensitive information WHERE: From remote SOFTWARE: @1 Event Publisher...

phpLDAPadmin multiple vuln.

phpLDAPadmin multiple vuln. Vuln. discovered by : r0t Date: 21 april 2006 vendorlink:http://phpldapadmin.sourceforge.net/ affected versions:phpLDAPadmin 0.9.8 and prior orginal advisory: http://pridels.blogspot.com/2006/04/phpldapadmin-multiple-vuln.html Vuln. Description: phpLDAPadmin contains a...

[SA19723] @1 Table Publisher Script Insertion Vulnerability

TITLE: @1 Table Publisher Script Insertion Vulnerability SECUNIA ADVISORY ID: SA19723 VERIFY ADVISORY: http://secunia.com/advisories/19723/ CRITICAL: Less critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: @1 Table Publisher http://secunia.com/product/9472/ DESCRIPTION: Jericho ha...

BluePay Manager v2.0 Script Insertion Vulnerability

BluePay Manager v2.0 Script Insertion Vulnerability Vuln. discovered by : r0t Date: 18 april 2006 vendor:bluepay.com affected versions:v2.0 and previous orginal advisory: http://pridels.blogspot.com/2006/04/bluepay-manager-v20-script-insertion.html Vuln. description: Input passed to the "Account...

[Full-disclosure] Secunia Research: Adobe Document Server for Reader Extensions Multiple Vulnerabilities

====================================================================== Secunia Research 13/04/2006 Adobe Document Server for Reader Extensions Multiple Vulnerabilities ====================================================================== Table of Contents Affected...

[SA19580] Gallery Unspecified Script Insertion Vulnerabilities

TITLE: Gallery Unspecified Script Insertion Vulnerabilities SECUNIA ADVISORY ID: SA19580 VERIFY ADVISORY: http://secunia.com/advisories/19580/ CRITICAL: Moderately critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: Gallery 1.x http://secunia.com/product/1933/ DESCRIPTION: Some...

[SA19551] ARIA Multiple Script Insertion Vulnerabilities

TITLE: ARIA Multiple Script Insertion Vulnerabilities SECUNIA ADVISORY ID: SA19551 VERIFY ADVISORY: http://secunia.com/advisories/19551/ CRITICAL: Moderately critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: ARIA 0.x http://secunia.com/product/9226/ DESCRIPTION: Some...

[SA19512] gtd-php Cross-Site Scripting and Script Insertion Vulnerabilities

TITLE: gtd-php Cross-Site Scripting and Script Insertion Vulnerabilities SECUNIA ADVISORY ID: SA19512 VERIFY ADVISORY: http://secunia.com/advisories/19512/ CRITICAL: Moderately critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: gtd-php 0.x http://secunia.com/product/9122/...

[SA19448] VBook Multiple Vulnerabilities

TITLE: VBook Multiple Vulnerabilities SECUNIA ADVISORY ID: SA19448 VERIFY ADVISORY: http://secunia.com/advisories/19448/ CRITICAL: Moderately critical IMPACT: Cross Site Scripting, Manipulation of data, System access WHERE: From remote SOFTWARE: VBook 2.x http://secunia.com/product/9051/...