Ultimate Member 1.2.98-1.2.994 - Reflected Cross-Site Scripting (XSS)

The Ultimate Member plugin utilizes the Redux Framework. The Redux Framework includes a script named ‘class.p.php’, which acts as a HTTP proxy. Utilizing this script, it is possible to trigger a Reflected XSS attack, by loading data from a location controlled by the attacker. The data from this...

MKPortal Anekdot Cross Site Scripting

========================================= MKPortal Anekdot module XSS Vulnerability ========================================= The largest Exploit Database in the world ! 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/...

FreeSchool 1.1.0 Cross Site Scripting

| D R U N K E N | || || || D A N I S H | || || |' R E D N E C K S '--''--''--' RESEARCH AND FUCKING HACKING: | DRUNKEN DANISH REDNECKS | || || || !!!!!!! | || || |' [email protected] '--''--''--' = FREESCHOOL 1.1.0 XSS FUCK SCHOOL!!! | | "keywords" PARMETER IN INDEX.PHP @...

ecrater-xss.txt

---------------------------------------------------------------- eCRATER cart.php -XSS- Cross Site Scripting Vulnerabilities http://www.ecrater.com ---------------------------------------------------------- Bug founded by d3v1l Date:02.10.2008 [email protected]...

Real Estate Website 1.0 - 'location.asp' Multiple Input Validation Vulnerabilities

source: https://www.securityfocus.com/bid/29612/info Real Estate Website is prone to multiple input-validation vulnerabilities, including an SQL-injection issue and a cross-site scripting issue, because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an...

Apple QuickTime 7.1.3 PlugIn - Arbitrary Script Execution

Apple QuickTime 7.1.3 PlugIn - Arbitrary Script Execution source: https://www.securityfocus.com/bid/20138/info Apple QuickTime plug-in is prone to an arbitrary-script-execution weakness when executing QuickTime Media Link files .qtl. An attacker can exploit this issue to execute arbitrary script...

forumjbc4.txt

ForumJBC v4 alert'hacking%20xss' ; Greetz : M.I.D.TDrackanZ, Mr.IlysS, NeThug47 & All Moroccan & Arab Hackers ; Yallah Tla7 Safi...

SoftBB v0.1 < = Cross-Site Scripting

SoftBB v0.1 = Cross-Site Scripting - XSS Exploit ; Discovred By : ThELeOMor0Ccan Islam DefenDers Team ; Software : SoftBB ; Version : 0.1 ; Site Of Software : Www.Softbb.Be ; Exploit : http://Www.Site.Com/Script/index.php?page=scriptalert'hacking20xss'/script ; Greetz : M.I.D.TDrackanZ, Mr.IlysS ...

JGS-Portal 3.0.13.0.2 - jgs_portal_mitgraf.php?year SQL Injection

JGS-Portal 3.0.13.0.2 - jgsportalmitgraf.php?year SQL Injection source: https://www.securityfocus.com/bid/13650/info JGS-Portal is prone to multiple cross-site scripting and SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied inpu...

Maxwebportal 1.30 - Remote Database Disclosure

Maxwebportal 1.30 - Remote Database Disclosure source: https://www.securityfocus.com/bid/7837/info A number of vulnerabilities have been discovered in the MaxWebPortal. The issues that have been discovered include: MaxWebPortal 'search.asp' has been reported prone to a cross-site scripting...

mIRC 6.0 - Scripting ASCTime Buffer Overflow

mIRC 6.0 - Scripting ASCTime Buffer Overflow source: https://www.securityfocus.com/bid/5576/info mIRC is a chat client for the IRC protocol, designed for Microsoft Windows based operating systems. mIRC includes support for a scripting language. A buffer overflow vulnerability has been reported in...

Microsoft Internet Explorer 5.0/5.5 / OE 5.5 - XML Stylesheets Active Scripting

source: https://www.securityfocus.com/bid/2633/info A vulnerability exists in the handling of XML stylesheets in Internet Explorer and Outlook Express. If active scripting is disabled in all security zones, IE and OE will still allow script to run if it is contained in the stylesheet of an XML...

Microsoft Outlook Express 5 - JavaScript Email Access

Microsoft Outlook Express 5 - JavaScript Email Access source: https://www.securityfocus.com/bid/962/info Microsoft Outlook Express 5, and possibly other email clients that parse HTML messages, can be made to run Active Scripting that will read any new messages that arrive after the hostile code h...

Microsoft Outlook Express 5 - JavaScript Email Access

source: https://www.securityfocus.com/bid/962/info Microsoft Outlook Express 5, and possibly other email clients that parse HTML messages, can be made to run Active Scripting that will read any new messages that arrive after the hostile code has been run. Example code: a=window.open"about:Click...