99 matches found
Summit Computer Networks Lil' HTTP Server 2.1/2.2 pbcgi.cgi Cross Site Scripting
No description provided by source. source: http://www.securityfocus.com/bid/5211/info Lil' HTTP server is a web server application for Windows environments and is maintained by Summit Computer Networks. It is possible for attackers to construct a URL to the 'pbcgi.cgi' script which includes...
file_upload
This plugin will try to expoit insecure file upload forms. One configurable parameter exists: extensions The extensions parameter is a comma separated list of extensions that this plugin will try to upload. Many web applications verify the extension of the file being uploaded, if special extensio...
HP Intelligent Management Center multiple security vulnerabilities
Crossite scripting, code execution, information disclosure...
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
Crossite scripting, code execution, memory corruptions, information leakage...
WordPress Inline Gallery 'do' Parameter Cross-site Scripting Vulnerability
The WordPress plugin SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wordpress:wordpress"; ifdescription...
WordPress PHP Speedy Plugin 'title' Parameter Cross Site Scripting Vulnerability
WordPress PHP Speedy Plugin is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
WordPress IWantOneButton 'post_id' Parameter Cross-site Scripting Vulnerability
The WordPress plugin SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wordpress:wordpress"; ifdescription...
Adobe Reader and Acrobat Multiple Vulnerabilities (Feb 2011) - Windows
Adobe Reader/Acrobat is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
WordPress RSS Feed Reader Plugin 'rss_url' Parameter Cross Site Scripting Vulnerability
The WordPress plugin SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wordpress:wordpress"; ifdescription...
DotNetNuke CMS Cross Site Scripting
PR10-19 DotNetNuke CMS XSS Advisory publicly released: Friday, 3 December 2010 Vulnerability found: Saturday, 30 October 2010 Vendor informed: Monday, 1 November 2010 Severity level: Low/Medium Credits Richard Brain of ProCheckUp Ltd www.procheckup.com Description DotNetNuke is a Content Manageme...
MS Windows Help and Support Center Remote Code Execution Vulnerability
This host is prone to remote code execution vulnerability. OpenVAS Vulnerability Test $Id: gbmswindowshelpnsupportcentercodeexecvuln.nasl 6529 2017-07-05 06:05:51Z cfischer $ MS Windows Help and Support Center Remote Code Execution Vulnerability Authors: Antu Sanadi Updated By: Antu Sanadi on...
Gmail Checker Plus Chrome Extension Cross Site Scripting
Gmail Checker plus Chrome extension XSS extension: https://chrome.google.com/extensions/detail/mihcahmgecmbnbcchbopgniflfhgnkff advisore:http://lostmon.blogspot.com/2010/06/gmail-checker-plus-chrome-extension-xss.html Exploit available:yes So in this case "Google Mail Checker Plus" version 1.1.7...
MoinMoin 'Despam' Action Cross-Site Scripting Vulnerability
This host is running MoinMoin Wiki and is prone to Cross-Site Scripting vulnerability. OpenVAS Vulnerability Test $Id: gbmoinmoinwikixssvuln.nasl 5306 2017-02-16 09:00:16Z teissa $ MoinMoin 'Despam' Action Cross Site Scripting Vulnerability Authors: Antu Sanadi Copyright: Copyright c 2010 Greenbo...
Autodesk Maya Script - Nodes Arbitrary Command Execution
Autodesk Maya Script - Nodes Arbitrary Command Execution -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Autodesk Maya Script Nodes Arbitrary Command Execution 1. Advisory Information Title: Autodesk Maya Script...
Various Orion application application server example pages are vulnerable to XSS.
R08-08: Several XSS on Orion Application server 2.0 to 2.0.8 Vulnerability found: May 2008 Revalidated 23 July 2009 Vendor informed: 27th July 09 Vulnerability fixed: Severity: Medium Description: Various Orion application application server example pages are vulnerable to XSS. Orion application...
ELOG Remote Buffer Overflow and Cross Site Scripting Vulnerabilities
This host has ELOG installed and is prone multiple vulnerabilities. OpenVAS Vulnerability Test $Id: secpodelogmultvuln.nasl 5055 2017-01-20 14:08:39Z teissa $ ELOG Remote Buffer Overflow and Cross Site Scripting Vulnerabilities Authors: Antu Sanadi Copyright: Copyright c 2009 SecPod,...
WordPress / WordPress MU Multiple Vulnerabilities (Jul 2009)
WordPress / WordPress MU is prone to multiple vulnerabilities SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CORE-2009-0109 - Multiple XSS in Sun Communications Express
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Multiple XSS in Sun Communications Express 1. Advisory Information Title: Multiple XSS in Sun Communications Express Advisory ID: CORE-2009-0109 Advisory URL:...
FreeBSD : icecast -- XSS Vulnerability (b2cfb400-1df0-11d9-a859-0050fc56d258)
Caused by improper filtering of HTML code in the status display, it is possible for a remote user to execute scripting code in the target user's browser. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuX...
PR08-23: XSS on Novell GroupWise WebAccess
PR08-23: XSS on Novell GroupWise WebAccess Vulnerability found: 2nd October 2008 Vendor contacted: 3rd October 2008 Advisory publicly released: 30th January 2009 Severity: Medium Credits: Richard Brain of ProCheckUp Ltd www.procheckup.com. ProCheckUp thanks Novell for working with us in such a...