482 matches found
WordPress Plugin Contact Form DB Cross-Site Scripting Vulnerability
WordPress is the WordPress Software Foundation's suite of blogging platforms developed in the PHP language, which supports personal blog sites on PHP and MySQL servers.Contact Form DB also known as CFDB and contact-form-7-to-database-extension is one of the plugins that can submit the create and...
Multiple SQL Injection Vulnerabilities in Zabbix 'chart_bar.php'
Zabbix is a CS-structured distributed network monitoring system. Zabbix has multiple SQL injection vulnerabilities that allow remote attackers to execute arbitrary commands via the itemid or time parameter...
CVE-2012-6643
Multiple SQL injection vulnerabilities in the updatecounter function in includes/functions.php in ClipBucket 2.6 allow remote attackers to execute arbitrary SQL commands via the time parameter to 1 videos.php or 2 channels.php. NOTE: some of these details are obtained from third party information...
DEBIAN-CVE-2010-5049
SQL injection vulnerability in events.php in Zabbix 1.8.1 and earlier allows remote attackers to execute arbitrary SQL commands via the navtime parameter...
CVE-2010-5049
SQL injection vulnerability in events.php in Zabbix 1.8.1 and earlier allows remote attackers to execute arbitrary SQL commands via the navtime parameter...
CVE-2011-1700
Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted profile-time parameter in a printer-url...
Heap overflow
Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted file-date-time parameter in a printer-url...
CVE-2011-1702
Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted file-date-time parameter in a printer-url...
Sql injection
SQL injection vulnerability in memberlist.php in WSN Guest 1.24 allows remote attackers to execute arbitrary SQL commands via the time parameter...
Cross site scripting
Cross-site scripting XSS vulnerability in jsp/cal/cal2.jsp in the calendar application in the examples web application in Apache Tomcat on Red Hat Enterprise Linux 5, Desktop Workstation 5, and Linux Desktop 5 allows remote attackers to inject arbitrary web script or HTML via the time parameter,...
tomcat: XSS in Apache Tomcat calendar application
Cross-site scripting XSS vulnerability in jsp/cal/cal2.jsp in the calendar application in the examples web application in Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18 allows remote attackers to inject arbitrary web script or HTML via the time parameter, relat...
tomcat: XSS in Apache Tomcat calendar application
Cross-site scripting XSS vulnerability in jsp/cal/cal2.jsp in the calendar application in the examples web application in Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18 allows remote attackers to inject arbitrary web script or HTML via the time parameter, relat...
Cross site scripting
Cross-site scripting XSS vulnerability in jsp/cal/cal2.jsp in the calendar application in the examples web application in Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18 allows remote attackers to inject arbitrary web script or HTML via the time parameter, relat...
PT-2009-3392 · Apache +2 · Apache Tomcat +2
Name of the Vulnerable Software and Affected Versions: Apache Tomcat versions 4.1.0 through 4.1.39 Apache Tomcat versions 5.5.0 through 5.5.27 Apache Tomcat versions 6.0.0 through 6.0.18 Description: The issue is related to a cross-site scripting XSS flaw in the calendar application, specifically...
tomcat examples XSS
Multiple cross-site scripting XSS vulnerabilities in Apache Geronimo 1.0 allow remote attackers to inject arbitrary web script or HTML via the 1 time parameter to cal2.jsp and 2 any invalid parameter, which causes an XSS when the log file is viewed by the Web-Access-Log viewer...
tomcat XSS in example webapps
Cross-site scripting XSS vulnerability in the calendar application example in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.31, 5.0.0 through 5.0.30, and 5.5.0 through 5.5.15 allows remote attackers to inject arbitrary web script or HTML via the time parameter to cal2.jsp and possibly...
tomcat examples XSS
Multiple cross-site scripting XSS vulnerabilities in Apache Geronimo 1.0 allow remote attackers to inject arbitrary web script or HTML via the 1 time parameter to cal2.jsp and 2 any invalid parameter, which causes an XSS when the log file is viewed by the Web-Access-Log viewer...
tomcat XSS in example webapps
Cross-site scripting XSS vulnerability in the calendar application example in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.31, 5.0.0 through 5.0.30, and 5.5.0 through 5.5.15 allows remote attackers to inject arbitrary web script or HTML via the time parameter to cal2.jsp and possibly...
tomcat XSS in example webapps
Cross-site scripting XSS vulnerability in the calendar application example in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.31, 5.0.0 through 5.0.30, and 5.5.0 through 5.5.15 allows remote attackers to inject arbitrary web script or HTML via the time parameter to cal2.jsp and possibly...
CVE-2006-1661
Multiple cross-site scripting XSS vulnerabilities in SKForum 1.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 areaID parameter in area.View.action, 2 time parameter in planning.View.action, and 3 userID parameter in user.View.action...