EUVD-2007-4462

Malware in sbrugna...

Search Engine Builder Cross Site Scripting

Search Engine Builder XSS/HTML Injection Vulnerabilities Software : Search Engine Builder Date : 2/20/2012 Vendor : http://www.aleadsoft.com Get App. : http://www.aleadsoft.com/SearchMakerSetup.exe Platform : Windows Language : ASP Tested on: Windows Dork : "Powered by Search Engine Builder" Auth...

Cross site scripting

Cross-site scripting XSS vulnerability in search.html in Search Engine Builder allows remote attackers to inject arbitrary web script or HTML via the searWords parameter...

CVE-2007-4479

Cross-site scripting XSS vulnerability in search.html in Search Engine Builder allows remote attackers to inject arbitrary web script or HTML via the searWords parameter...

CVE-2007-4479

CVE-2007-4479 describes a Cross-site scripting (XSS) vulnerability in the Search Engine Builder’s search.html, exploitable via the searWords parameter to inject arbitrary script/HTML. The issue affects the described product/component/feature as per the CVE entry; the documented impact is remote s...

ALeadSoft Search Engine Builder - Search.HTML Cross-Site Scripting

ALeadSoft Search Engine Builder - Search.HTML Cross-Site Scripting source: https://www.securityfocus.com/bid/25391/info ALeadSoft Search Engine Builder is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage...

Vulnerability in Search Engine Builder

Здравствуйте 3APA3A! Сообщаю вам о найденной мною Cross-Site Scripting уязвимости в Search Engine Builder. XSS: Уязвимость на странице search.html в параметре searWords. http://site/search/search.html?searWords=3Cscript3Ealertdocument.cookie3C/script3E Дополнительная информация о данной уязвимост...

ALeadSoft Search Engine Builder - Search.HTML Cross-Site Scripting

source: https://www.securityfocus.com/bid/25391/info ALeadSoft Search Engine Builder is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...