EUVD-2006-1208

Malware in sbrugna...

EUVD-2006-1207

Malware in sbrugna...

txtForum 1.0.3/1.0.4 - Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/17054/info txtForum is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in txtForum 1.0.4-dev and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 prev, 2 next, and 3 rand5 parameters in a index.php; the 4 rusername and 5 rloc parameters in b newtopic.php; the 6 rnum, 7 rfamilyname, 8...

CVE-2006-1203

PHP remote file include vulnerability in common.php in txtForum 1.0.4-dev and earlier allows remote attackers to include and execute arbitrary PHP code via a URL in the skin parameter to login.php, and possibly other parameters to other PHP scripts, related to include statements in common.php...

CVE-2006-1204

Multiple cross-site scripting XSS vulnerabilities in txtForum 1.0.4-dev and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 prev, 2 next, and 3 rand5 parameters in a index.php; the 4 rusername and 5 rloc parameters in b newtopic.php; the 6 rnum, 7 rfamilyname, 8...

CVE-2006-1204

The CVE-2006-1204 entry concerns multiple XSS vulnerabilities in txtForum 1.0.4-dev and earlier. The affected components include index.php, new_topic.php, profile.php, reply.php, and view_topic.php, with vulnerable parameters such as prev, next, rand5, r_username, r_loc, r_num, r_family_name, r_i...

CVE-2006-1204

Multiple cross-site scripting XSS vulnerabilities in txtForum 1.0.4-dev and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 prev, 2 next, and 3 rand5 parameters in a index.php; the 4 rusername and 5 rloc parameters in b newtopic.php; the 6 rnum, 7 rfamilyname, 8...

CVE-2006-1203

The CVE-2006-1203 entry concerns a PHP remote file include vulnerability in txtForum 1.0.4-dev and earlier. The issue allows an attacker to cause arbitrary PHP code execution via a URL passed to the skin parameter of login.php (and possibly other parameters) due to include statements in common.ph...

CVE-2006-1203

PHP remote file include vulnerability in common.php in txtForum 1.0.4-dev and earlier allows remote attackers to include and execute arbitrary PHP code via a URL in the skin parameter to login.php, and possibly other parameters to other PHP scripts, related to include statements in common.php...

txtForum 1.0.31.0.4 - Remote PHP Script Code Injection

txtForum 1.0.31.0.4 - Remote PHP Script Code Injection source: https://www.securityfocus.com/bid/17061/info txtForum is prone to a remote PHP code-injection vulnerability. An attacker can exploit this issue to facilitate a compromise of the application and the underlying system; other attacks are...

txtForum 1.0.3/1.0.4 - Remote PHP Script Code Injection

source: https://www.securityfocus.com/bid/17061/info txtForum is prone to a remote PHP code-injection vulnerability. An attacker can exploit this issue to facilitate a compromise of the application and the underlying system; other attacks are also possible. document.forms0.submit;...

txtForum: Multiple XSS Vulnerabilities

=========================================================== txtForum: Multiple XSS Vulnerabilities =========================================================== Technical University of Vienna Security Advisory TUVSA-0603-003, March 9, 2006 ===========================================================...

txtForum: Script Injection Vulnerability

=========================================================== txtForum: Script Injection Vulnerability =========================================================== Technical University of Vienna Security Advisory TUVSA-0603-004, March 9, 2006 =========================================================...