2326 matches found
Microsoft Windows - 'HTA' Script Execution (MS05-016)
/ Changed date in db to place it on the main page instead of it being bumped off /str0ke / /++ MS05-016 POC Made By ZwelL [email protected] 2005.4.13 All information from : http://www.securityfocus.net/archive/1/395563/2005-04-10/2005-04-16/0 You need make a .hta file to use it. Like: set...
MagicScripts E-Store Kit-2 PayPal Edition - Cross-Site Scripting
source: https://www.securityfocus.com/bid/12909/info MagicScripts E-Store Kit-2 PayPal Edition is prone to a cross-site scripting vulnerability. An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of...
Phorum < 5.0.15 Multiple XSS
The version of Phorum installed on the remote host is prone to multiple cross-site scripting vulnerabilities due to its failure to sanitize user input. An attacker can exploit these flaws to potentially cause arbitrary script and HTML code to be rendered by a user's browser in the context of the...
VoteBox 2.0 - Votebox.php Remote File Inclusion
VoteBox 2.0 - Votebox.php Remote File Inclusion source: https://www.securityfocus.com/bid/12806/info It is reported that VoteBox is affected by a remote PHP file include vulnerability. This issue is due in part to the application failing to properly sanitize user-supplied input to the 'votebox.ph...
Solaris whodo Vulnerability
Vulnerability in Solaris whodo Date Published: July 5, 2001 Advisory ID: N/A Bugtraq ID: 2935 CVE CAN: Non currently assigned. Title: Solaris whodo Buffer Overflow Vulnerability Class: Boundary Error Condition Remotely Exploitable: No Locally Exploitable: Yes Vulnerability Description: The whodo...
Concerning the LDAP Enabled Netscape FTP Server
Over the last few days a great number of people have mailed us in regards to the "Netscape Professional Services FTP Server Vulnerability" http://www.securityfocus.com/bid/1375 discovered by Michal Zalewski [email protected] and posted to the Bugtraq mailing list on Wed, 21 Jun 2000. The following...