6 matches found
Cross site scripting
Cross-site scripting XSS vulnerability in Pligg CMS 1.1.4 allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to the search program, a different vulnerability than CVE-2011-3986...
CVE-2003-1519
Cross-site scripting XSS vulnerability in Vivisimo clustering engine allows remote attackers to inject arbitrary web script or HTML via the query parameter to the search program...
CVE-2007-1331
Multiple cross-site scripting XSS vulnerabilities in TKS Banking Solutions ePortfolio 1.0 Java allow remote attackers to inject arbitrary web script or HTML via unspecified vectors that bypass the client-side protection scheme, one of which may be the q parameter to the search program. NOTE: some...
CVE-2007-1331
Multiple cross-site scripting XSS vulnerabilities in TKS Banking Solutions ePortfolio 1.0 Java allow remote attackers to inject arbitrary web script or HTML via unspecified vectors that bypass the client-side protection scheme, one of which may be the q parameter to the search program. NOTE: some...
POWER SEARCH Detection
The remote host is using the POWER SEARCH program. You should ensure that : - the user intended to install POWER SEARCH it is sometimes silently installed - the use of POWER SEARCH matches your corporate mandates and security policies. To remove this sort of software, you may wish to check out...
CVE-2001-0215
ROADS search.pl program allows remote attackers to read arbitrary files by specifying the file name in the form parameter and terminating the filename with a null byte...