Lucene search
K

43 matches found

CVE
CVE
added 2015/01/01 11:0 a.m.40 views

CVE-2011-5303

CVE-2011-5303 affects Spitfire CMS 1.0.436 with a cross-site scripting (XSS) flaw that allows remote attackers to inject arbitrary web script or HTML via the cms_username cookie. Root cause: XSS in handling the cms_username parameter. The connected records corroborate the vulnerability across mul...

4.3CVSS5.8AI score0.00966EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2015/01/01 11:0 a.m.39 views

CVE-2011-5303

Cross-site scripting XSS vulnerability in Spitfire CMS 1.0.436 allows remote attackers to inject arbitrary web script or HTML via a cmsusername cookie...

5.6AI score0.00966EPSS
Exploits1References1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.20 views

SpitFire Photo Pro 'pages.php' SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/32012/info SpitFire Photo Pro is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2013/08/15 12:0 a.m.17 views

Spitfire CMS 1.1.4 - Cross-Site Request Forgery

Spitfire CMS 1.1.4 - Cross-Site Request Forgery Exploit Title: spitefire CMS - CSRF / ADD / EDTI / UPLOAD FILE Date: 2013 15 August Exploit Author: Yashar shahinzadeh Special thanks to Mormoroth Credit goes for: http://y-shahinzadeh.ir & ha.cker.ir Vendor Homepage: http://spitfire.clausmuus.de/...

0.6AI score
Exploits0
Exploit DB
Exploit DB
added 2013/08/15 12:0 a.m.25 views

Spitfire CMS 1.1.4 - Cross-Site Request Forgery

Exploit Title: spitefire CMS - CSRF / ADD / EDTI / UPLOAD FILE Date: 2013 15 August Exploit Author: Yashar shahinzadeh Special thanks to Mormoroth Credit goes for: http://y-shahinzadeh.ir & ha.cker.ir Vendor Homepage: http://spitfire.clausmuus.de/ Tested on: Linux & Windows, PHP 5.2.9 Affected...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2011/03/29 12:0 a.m.16 views

Spitfire CMS 1.0.436 Cross Site Scripting

Vulnerability ID: HTB22903 Reference: http://www.htbridge.ch/advisory/xssinspitfirecms.html Product: Spitfire CMS Vendor: Spitfire http://spitfire.clausmuus.de/ Vulnerable Version: 1.0.436 Vendor Notification: 15 March 2011 Vulnerability Type: XSS Risk level: Medium Credit: High-Tech Bridge SA -...

7AI score
Exploits0
securityvulns
securityvulns
added 2011/03/29 12:0 a.m.54 views

HTB22903: XSS in Spitfire CMS

Vulnerability ID: HTB22903 Reference: http://www.htbridge.ch/advisory/xssinspitfirecms.html Product: Spitfire CMS Vendor: Spitfire http://spitfire.clausmuus.de/ Vulnerable Version: 1.0.436 Vendor Notification: 15 March 2011 Vulnerability Type: XSS Risk level: Medium Credit: High-Tech Bridge SA -...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2011/03/29 12:0 a.m.16 views

Spitfire 1.0.3x - cms_username Cross-Site Scripting

Spitfire 1.0.3x - cmsusername Cross-Site Scripting source: https://www.securityfocus.com/bid/47077/info Spitfire is prone to a cross-site scripting vulnerability. because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary scrip...

6.8AI score
Exploits0
Exploit DB
Exploit DB
added 2011/03/29 12:0 a.m.24 views

Spitfire 1.0.3x - 'cms_username' Cross-Site Scripting

source: https://www.securityfocus.com/bid/47077/info Spitfire is prone to a cross-site scripting vulnerability. because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in th...

7.4AI score
Exploits0
htbridge
htbridge
added 2011/03/15 12:0 a.m.26 views

Cross-site Scripting (XSS) Vulnerability in Spitfire

High-Tech Bridge SA Security Research Lab has discovered vulnerability in Spitfire which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in Spitfire The vulnerability exists due to input sanitation error in the " cmsusername " cookie in...

4.3CVSS6AI score
Exploits0Affected Software1
securityvulns
securityvulns
added 2010/07/23 12:0 a.m.190 views

XSS vulnerability in Spitfire

Vulnerability ID: HTB22485 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityinspitfire2.html Product: Spitfire Vendor: Claus Muus http://spitfire.clausmuus.de/ Vulnerable Version: 1.0.336 and Probably Prior Versions Vendor Notification: 08 July 2010 Vulnerability Type: XSS Cross Site...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2010/07/23 12:0 a.m.87 views

XSS vulnerability in Spitfire

Vulnerability ID: HTB22486 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityinspitfire3.html Product: Spitfire Vendor: Claus Muus http://spitfire.clausmuus.de/ Vulnerable Version: 1.0.336 and Probably Prior Versions Vendor Notification: 08 July 2010 Vulnerability Type: XSS Cross Site...

6.6AI score
Exploits0
securityvulns
securityvulns
added 2010/07/23 12:0 a.m.51 views

XSS vulnerability in Spitfire

Vulnerability ID: HTB22482 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityinspitfire.html Product: Spitfire Vendor: Claus Muus http://spitfire.clausmuus.de/ Vulnerable Version: 1.0.336 and Probably Prior Versions Vendor Notification: 08 July 2010 Vulnerability Type: XSS Cross Site...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2010/07/23 12:0 a.m.93 views

XSS vulnerability in Spitfire search

Vulnerability ID: HTB22483 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityinspitfiresearch.html Product: Spitfire Vendor: Claus Muus http://spitfire.clausmuus.de/ Vulnerable Version: 1.0.336 and Probably Prior Versions Vendor Notification: 08 July 2010 Vulnerability Type: XSS Cross Si...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 2010/07/23 12:0 a.m.23 views

Spitfire 1.0.336 Cross Site Scripting

============================================================ Vulnerability ID: HTB22482 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityinspitfire.html Product: Spitfire Vendor: Claus Muus http://spitfire.clausmuus.de/ Vulnerable Version: 1.0.336 and Probably Prior Versions Vendor...

7AI score
Exploits0
securityvulns
securityvulns
added 2010/07/23 12:0 a.m.176 views

XSS vulnerability in Spitfire

Vulnerability ID: HTB22484 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityinspitfire1.html Product: Spitfire Vendor: Claus Muus http://spitfire.clausmuus.de/ Vulnerable Version: 1.0.336 and Probably Prior Versions Vendor Notification: 08 July 2010 Vulnerability Type: XSS Cross Site...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2010/07/22 12:0 a.m.49 views

Claus Muus Spitfire 1.0.336 - Multiple Cross-Site Scripting Vulnerabilities

Claus Muus Spitfire 1.0.336 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/41885/info Claus Muus Spitfire is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2010/07/22 12:0 a.m.18 views

Claus Muus Spitfire 1.0.336 - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/41885/info Claus Muus Spitfire is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2010/07/15 12:0 a.m.15 views

Spitfire 1.0.381 - Cross-Site Scripting Cross-Site Request Forgery

Spitfire 1.0.381 - Cross-Site Scripting Cross-Site Request Forgery source: https://www.securityfocus.com/bid/41701/info Spitfire is prone to multiple cross-site scripting vulnerabilities and a cross-site request-forgery vulnerability. An attacker may exploit these issues to execute arbitrary scri...

0.6AI score
Exploits0
Exploit DB
Exploit DB
added 2010/07/15 12:0 a.m.36 views

Spitfire 1.0.381 - Cross-Site Scripting / Cross-Site Request Forgery

source: https://www.securityfocus.com/bid/41701/info Spitfire is prone to multiple cross-site scripting vulnerabilities and a cross-site request-forgery vulnerability. An attacker may exploit these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of th...

7AI score
Exploits0
Rows per page
Query Builder