EUVD-2008-5241

Malware in sbrugna...

Tornado Knowledge Retrieval System 4.2 - 'p' Parameter Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/29626/info Tornado Knowledge Retrieval System is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script cod...

Cross site scripting

Cross-site scripting XSS vulnerability in searcher.exe in Tornado Knowledge Retrieval System 4.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the p parameter in a root action...

CVE-2008-5264

Cross-site scripting XSS vulnerability in searcher.exe in Tornado Knowledge Retrieval System 4.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the p parameter in a root action...

CVE-2008-5264

The CVE-2008-5264 entry documents a Cross-site scripting (XSS) flaw in Tornado Knowledge Retrieval System versions 4.2 and earlier, affecting the searcher.exe component via the p parameter in a root action. Public sources do not provide additional exploit details, proof-of-exploit, affected versi...

CVE-2008-5264

Cross-site scripting XSS vulnerability in searcher.exe in Tornado Knowledge Retrieval System 4.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the p parameter in a root action...

tornado-xss.txt

/ | || | | | | | | | | /| | | | | || ||| ||||| || C. H. R. O. O. T. SECURITY GROUP - -- ----- --- -- -- ---- --- -- - http://www.chroot.org Hacks In Taiwan | || | | | | | | | Conference 2008 | | | | | | | | | || ||| || |||| http://www.hitcon.org Title =========:: Tornado Knowledge Retrieval...

Tornado Knowledge Retrieval System 4.2 - 'p' Cross-Site Scripting

source: https://www.securityfocus.com/bid/29626/info Tornado Knowledge Retrieval System is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspectin...

[web-app] Tornado Knowledge Retrieval System <= 4.2 Remote XSS Vulnerability

/ | || | | | | | | | | /| | | | | || ||| ||||| || C. H. R. O. O. T. SECURITY GROUP - -- ----- --- -- -- ---- --- -- - http://www.chroot.org Hacks In Taiwan | || | | | | | | | Conference 2008 | | | | | | | | | || ||| || |||| http://www.hitcon.org Title =========:: Tornado Knowledge Retrieval Syste...

Tornado Knowledge Retrieval System 4.2 - p Cross-Site Scripting

Tornado Knowledge Retrieval System 4.2 - p Cross-Site Scripting source: https://www.securityfocus.com/bid/29626/info Tornado Knowledge Retrieval System is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue t...