790 matches found
Mayaa cross-site scripting vulnerability
Overview Mayaa, a Java template engine from the Seasar Project, contains a cross-site scripting vulnerability. Mayaa from the Seasar Project is an open source Java template engine. A cross-site scripting vulnerability exists in Mayaa. Impact An arbitrary script may be executed on the user's web...
Phoenix View CMS <= Pre Alpha2 (SQL/LFI/XSS) Multiple Vulnerabilities
Exploit for unknown platform in category web applications ===================================================================== Phoenix View CMS = Pre Alpha2 SQL/LFI/XSS Multiple Vulnerabilities ===================================================================== Phoenix View CMS = Pre Alpha2...
Phoenix View CMS Pre Alpha2 - SQL Injection Local File Inclusion Cross-Site Scripting
Phoenix View CMS Pre Alpha2 - SQL Injection Local File Inclusion Cross-Site Scripting Phoenix View CMS = Pre Alpha2 Multiple Vulnerabilities LFISQLIXSS Found by : tw8 Date : 8.05.2008 Website && Forum : http://rstzone.org && http://rstzone.org/forum/ Bug type : LFI, SQLI & XSS Affected software...
Phoenix View CMS Pre Alpha2 - SQL Injection / Local File Inclusion / Cross-Site Scripting
Phoenix View CMS = Pre Alpha2 Multiple Vulnerabilities LFISQLIXSS Found by : tw8 Date : 8.05.2008 Website && Forum : http://rstzone.org && http://rstzone.org/forum/ Bug type : LFI, SQLI & XSS Affected software description: Application : Phoenix View CMS Version : = Pre Alpha2 Vendor :...
Aconon Mail 2004 - Directory Traversal
Aconon Mail 2004 - Directory Traversal Application: acononR Mail Affected versions: probably all known, tested against 2007 Enterprise SQL 11.7.0 and 2004 Enterprise SQL 11.5.1 Affected plattforms: every, Aconon runs at Win32, Linux, Solaris ... Exploitation: remote Description: Aconon Mail is a...
Aconon Mail 2004 - Directory Traversal
Application: acononR Mail Affected versions: probably all known, tested against 2007 Enterprise SQL 11.7.0 and 2004 Enterprise SQL 11.5.1 Affected plattforms: every, Aconon runs at Win32, Linux, Solaris ... Exploitation: remote Description: Aconon Mail is a commercial newsletter software, providi...
DEBIAN-CVE-2006-2016
Multiple cross-site scripting XSS vulnerabilities in phpLDAPadmin 0.9.8 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 dn parameter in a compareform.php, b copyform.php, c renameform.php, d templateengine.php, and e deleteform.php; 2 scope parameter in f...
CVE-2005-2568
Eval injection vulnerability in the template engine for SysCP 1.2.10 and earlier allows remote attackers to execute arbitrary PHP code via a string containing the code within "" and "" curly bracket characters, which are processed by the PHP eval function...
CVE-2005-2568
CVE-2005-2568 describes an eval-injection vulnerability in SysCP's template engine affecting SysCP 1.2.10 and earlier. An attacker can supply a string containing code inside { and } that is processed by PHP eval, enabling remote execution of arbitrary PHP. The NVD CVSS data rates impact as PARTIA...
Smarty: Template vulnerability
Background Smarty is a template engine for PHP. The "template security" feature of Smarty is designed to help reduce the risk of a system compromise when you have untrusted parties editing templates. Description A vulnerability has been discovered within the regexreplace modifier of the Smarty...