EUVD-2014-2276

Malware in sbrugna...

EUVD-2015-0711

Malware in sbrugna...

SUSE CVE-2004-1059

Multiple cross-site scripting XSS vulnerabilities in mnoGoSearch 3.2.26 and earlier allow remote attackers to inject arbitrary HTML and web script via the 1 next and 2 prev result search pages, and the 3 extended and 4 simple search forms...

SUSE CVE-2011-2927

A flaw was found in Spacewalk and Red Hat Network Satellite. This vulnerability, known as cross-site scripting XSS, allows remote attackers to inject malicious web scripts or HTML into web pages viewed by other users. The flaw is triggered through vectors related to Search forms, enabling attacke...

Wolters Kluwer TeamMate Audit SQL Injection Vulnerability

Wolters Kluwer TeamMate Audit is a cloud-based audit management tool from Wolters Kluwer Netherlands. A SQL injection vulnerability exists in Wolters Kluwer TeamMate Audit version 28.0.19.0, which stems from a lack of filtering and escaping of SQL data in search forms. An attacker could use this...

Moodle vulnerable to Cross-site Scripting

Multiple cross-site scripting XSS vulnerabilities in Moodle 1.8.x before 1.8.12 and 1.9.x before 1.9.8 allow remote attackers to inject arbitrary web script or HTML via vectors related to 1 the Login-As feature or 2 when the global search feature is enabled, unspecified global search forms in the...

Ivory Search < 4.6.1 - Reflected Cross Site Scripting (XSS)

The Search Forms page of the plugin did not properly sanitise the tab parameter before output it in the page, leading to a reflected Cross-Site Scripting issue when opening a malicious crafted link as a high privilege user. Knowledge of a form id is required to conduct the attack. PoC...

Inout EasyRooms - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Inout EasyRooms Ultimate Edition - SQL Injection Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://www.inoutscripts.com/products/inout-easyrooms/ Demo Site: http://inout-easyrooms.demo.inoutscripts.net/ Version: v1.0...

CVE-2015-0698

Multiple cross-site scripting XSS vulnerabilities in filter search forms in admin web pages on Cisco Web Security Appliance WSA devices with software 8.5.0-497 allow remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCut39213...

SA-CONTRIB-2015-067 - Finder - Open Redirect

Finder module allows you to create flexible faceted search forms to find entities such as nodes or users based on the values of fields and database attributes. The provided function finderformgoto is susceptible to a phishing attack. An attacker could formulate a redirect in a way that gets the...

CVE-2014-2236

Multiple cross-site scripting XSS vulnerabilities in Askbot before 0.7.49 allow remote attackers to inject arbitrary web script or HTML via vectors related to the 1 tag or 2 user search forms...

CVE-2011-2927

A flaw was found in Spacewalk and Red Hat Network Satellite. This vulnerability, known as cross-site scripting XSS, allows remote attackers to inject malicious web scripts or HTML into web pages viewed by other users. The flaw is triggered through vectors related to Search forms, enabling attacke...

CVE-2011-2927

A flaw was found in Spacewalk and Red Hat Network Satellite. This vulnerability, known as cross-site scripting XSS, allows remote attackers to inject malicious web scripts or HTML into web pages viewed by other users. The flaw is triggered through vectors related to Search forms, enabling attacke...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Spacewalk 1.6, as used in Red Hat Network RHN Satellite, allow remote attackers to inject arbitrary web script or HTML via vectors related to Search forms...

CVE-2011-2927 Spacewalk: spacewalk and red hat network satellite: cross-site scripting vulnerability via search forms

A flaw was found in Spacewalk and Red Hat Network Satellite. This vulnerability, known as cross-site scripting XSS, allows remote attackers to inject malicious web scripts or HTML into web pages viewed by other users. The flaw is triggered through vectors related to Search forms, enabling attacke...

PT-2014-2132 · Red Hat · Spacewalk

Name of the Vulnerable Software and Affected Versions: Spacewalk version 1.6 Description: The issue concerns multiple cross-site scripting XSS vulnerabilities. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML. The vectors related to this issue are Search forms...

Satellite/Spacewalk: XSS flaw in channels search

Multiple cross-site scripting XSS vulnerabilities in Spacewalk 1.6, as used in Red Hat Network RHN Satellite, allow remote attackers to inject arbitrary web script or HTML via vectors related to Search forms...

DEBIAN-CVE-2010-1733

Multiple SQL injection vulnerabilities in OCS Inventory NG before 1.02.3 allow remote attackers to execute arbitrary SQL commands via 1 multiple inventory fields to the search form, reachable through index.php; or 2 the "Software name" field to the "All softwares" search form, reachable through...

CVE-2010-1733

Multiple SQL injection vulnerabilities in OCS Inventory NG before 1.02.3 allow remote attackers to execute arbitrary SQL commands via 1 multiple inventory fields to the search form, reachable through index.php; or 2 the "Software name" field to the "All softwares" search form, reachable through...