41 matches found
CVE-2020-8893
An issue was discovered in MISP before 2.4.121. The Galaxy view contained an incorrectly sanitized search string in app/View/Galaxies/view.ctp...
Code injection
An issue was discovered in MISP before 2.4.121. The Galaxy view contained an incorrectly sanitized search string in app/View/Galaxies/view.ctp...
CVE-2020-8893
An issue was discovered in MISP before 2.4.121. The Galaxy view contained an incorrectly sanitized search string in app/View/Galaxies/view.ctp...
CVE-2018-19828
Artica Integria IMS 5.0.83 has XSS via the searchstring parameter...
CVE-2016-0725
Cross-site scripting XSS vulnerability in the searchpagination function in course/classes/managementrenderer.php in Moodle 2.8.x before 2.8.10, 2.9.x before 2.9.4, and 3.0.x before 3.0.2 allows remote attackers to inject arbitrary web script or HTML via a crafted search string...
Cross site scripting
Cross-site scripting XSS vulnerability in the searchpagination function in course/classes/managementrenderer.php in Moodle 2.8.x before 2.8.10, 2.9.x before 2.9.4, and 3.0.x before 3.0.2 allows remote attackers to inject arbitrary web script or HTML via a crafted search string...
CVE-2008-6168
Cross-site scripting XSS vulnerability in search.php in miniPortail 2.2 and earlier allows remote attackers to inject arbitrary web script or HTML via an unspecified argument, probably the search string...
CVE-2007-4102
Cross-site scripting XSS vulnerability in search.php for sBlog 0.7.3 Beta allows remote attackers to inject arbitrary HTML and web script via a leading '"/ sequence in the search string...
CVE-2007-3815
Buffer overflow in pirs32.exe in Poslovni informator Republike Slovenije PIRS 2007 allows local users to cause a denial of service application crash and possibly execute arbitrary code via a long search string in certain fields in the GUI. NOTE: this may cross privilege boundaries if PIRS is used...
CVE-2007-3417
Multiple cross-site scripting XSS vulnerabilities in cgi-bin/cgi-lib/search.pl in web-app.org WebAPP before 0.9.9.7 allow remote attackers to inject arbitrary web script or HTML via a search string, which is not sanitized when an HREF attribute is printed by the 1 processsearch or 2...
CVE-2007-3417
Multiple cross-site scripting XSS vulnerabilities in cgi-bin/cgi-lib/search.pl in web-app.org WebAPP before 0.9.9.7 allow remote attackers to inject arbitrary web script or HTML via a search string, which is not sanitized when an HREF attribute is printed by the 1 processsearch or 2...
CVE-2007-3417
CVE-2007-3417 covers multiple XSS vulnerabilities in the WebAPP web-app.org CGI module: cgi-bin/cgi-lib/search.pl, where a non-sanitized search string is echoed into an HREF attribute by process_search or show_recent_searches. The issue affects WebAPP prior to version 0.9.9.7 and allows remote at...
CVE-2007-3183
Multiple SQL injection vulnerabilities in Calendarix 0.7.20070307, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 month and 2 year parameters to calendar.php and the 3 search string to calsearch.php...
CVE-2007-3299
Cross-site scripting XSS vulnerability in AWFFull before 3.7.4, when AllSearchStr aka the All Search Terms report is enabled, allows remote attackers to inject arbitrary web script or HTML via a search string...
DEBIAN-CVE-2007-3299
Cross-site scripting XSS vulnerability in AWFFull before 3.7.4, when AllSearchStr aka the All Search Terms report is enabled, allows remote attackers to inject arbitrary web script or HTML via a search string...
P-News 1.16 - Remote File Inclusion
============================================ P-News 1.16, 1.17 Remote File Inclusion Vulnerability ============================================ Discovered by vegas78 - feel82atweb.de ============================================ Greetz: scoper, corny, smaesch0r, Sascha Schmalz, ReFleCtion, BleX,...
CVE-2006-3382
Cross-site scripting XSS vulnerability in search.php in mAds 1.0 allows remote attackers to inject arbitrary web script or HTML via the "search string"...
limboExec.txt
Official page : http://www.limbo-cms.com/ Vulnerable : Limbo 1. Fix : No Bug : http://somehost/path-to-limbo/index.php?option=frontpage&Itemid=systemCODE example : index.php?option=frontpage&Itemid=systemuname Google search string : inurl:"option=frontpage" -- Best Regards, Aleksander Hristov...
CVE-2002-1931
Cross-site scripting XSS vulnerability in PHP Arena paFileDB 1.1.3 and 2.1.1 allows remote attackers to inject arbitrary web script or HTML via Javascript in the search string...
Buffer overflow in PGP Public Key Server
Buffer overflow on long search string...