TellMe 1.2 - Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/15012/info TellMe is prone to multiple cross-site scripting vulnerabilities. This is due to a lack of proper sanitization of user-supplied input. An attacker may leverage these issues to have arbitrary script code execute...

CVE-2005-4700

TellMe 1.2 and earlier, when the Server oServer and HEAD oHead options are enabled, allows remote attackers to obtain sensitive information via an invalid qHost parameter, which reveals the full pathname of the application in an fsockopen error message...

CVE-2005-4699

The CVE-2005-4699 issue affects TellMe 1.2 and earlier. An argument-injection vulnerability in the q_Host parameter allows remote attackers to influence the Whois program’s command line arguments and access sensitive information via "--" style options. Affected software: TellMe (versions 1.2 and ...

CVE-2005-4700

This CVE (CVE-2005-4700) affects TellMe versions 1.2 and earlier. When the Server (o_Server) and HEAD (o_Head) options are enabled, remote attackers can obtain sensitive information via an invalid q_Host parameter, which reveals the full application pathname in an fsockopen error message. The con...

CVE-2005-4699

Argument injection vulnerability in TellMe 1.2 and earlier allows remote attackers to modify command line arguments for the Whois program and obtain sensitive information via "--" style options in the qHost parameter...

CVE-2005-4698

The provided records describe a Cross-site scripting (XSS) vulnerability in TellMe 1.2 and earlier, exploitable via the q_IP (IP) or q_Host (HOST) parameters. The root cause is insufficient input sanitization in these parameters, enabling injection of arbitrary web script/HTML. Impact is limited ...

CVE-2005-4698

Cross-site scripting XSS vulnerability in TellMe 1.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the 91 qIP IP or 2 qHost HOST parameters...

CVE-2005-4700

TellMe 1.2 and earlier, when the Server oServer and HEAD oHead options are enabled, allows remote attackers to obtain sensitive information via an invalid qHost parameter, which reveals the full pathname of the application in an fsockopen error message...

CVE-2005-4698

Cross-site scripting XSS vulnerability in TellMe 1.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the 91 qIP IP or 2 qHost HOST parameters...

CVE-2005-4699

Argument injection vulnerability in TellMe 1.2 and earlier allows remote attackers to modify command line arguments for the Whois program and obtain sensitive information via "--" style options in the qHost parameter...

PT-2005-5364 · Tellme · Tellme

Name of the Vulnerable Software and Affected Versions: TellMe versions 1.2 and earlier Description: The issue allows remote attackers to modify command line arguments for the Whois program and obtain sensitive information via "--" style options in the q Host parameter. Recommendations: For TellMe...

[Full-disclosure] Tellme 1.2

------------------------------------------------------------ - EXPL-A-2005-015 exploitlabs.com Advisory 044 - ------------------------------------------------------------ - TellMe - AFFECTED PRODUCTS ================= TellMe v1.2 and earlier http://kimihia.org.nz/projects/...

Exploit Labs Security Advisory 2005.15

------------------------------------------------------------ - EXPL-A-2005-015 exploitlabs.com Advisory 044 - ------------------------------------------------------------ - TellMe - AFFECTED PRODUCTS ================= TellMe v1.2 and earlier http://kimihia.org.nz/projects/...

TellMe 1.2 - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/15012/info TellMe is prone to multiple cross-site scripting vulnerabilities. This is due to a lack of proper sanitization of user-supplied input. An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspectin...

TellMe 1.2 - Multiple Cross-Site Scripting Vulnerabilities

TellMe 1.2 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/15012/info TellMe is prone to multiple cross-site scripting vulnerabilities. This is due to a lack of proper sanitization of user-supplied input. An attacker may leverage these issues to have...