6 matches found
EUVD-2006-1234
Malware in sbrugna...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in create.php in vCard 2.x allow remote attackers to inject arbitrary web script or HTML via the 1 cardid, 2 uploaded, 3 cardfontsize, or 4 cardcolor parameter. NOTE: the cardid vector was later reported to affect vCard 2.9, and the uploaded vecto...
CVE-2006-1230
Multiple cross-site scripting XSS vulnerabilities in create.php in vCard 2.x allow remote attackers to inject arbitrary web script or HTML via the 1 cardid, 2 uploaded, 3 cardfontsize, or 4 cardcolor parameter. NOTE: the cardid vector was later reported to affect vCard 2.9, and the uploaded vecto...
CVE-2006-1230
CVE-2006-1230 describes multiple cross-site scripting (XSS) flaws in create.php of vCard 2.x, allowing remote injection of arbitrary script/HTML via (1) card_id, (2) uploaded, (3) card_fontsize, or (4) card_color parameters. The note indicates the card_id vector was later reported to affect vCard...
vCard2x.txt
Hello Vulnerable: vCard 2.x http://www.belchiorfoundry.com Exploit : http://example.com/vcard/create.php?cardid='alertdocument.cookie http://example.com/vcard/create.php?uploaded='alertdocument.cookie http://example.com/vcard/create.php?cardfontsize='alertdocument.cookie...
XSS in vCard
Hello Vulnerable: vCard 2.x http://www.belchiorfoundry.com Exploit : http://example.com/vcard/create.php?cardid='scriptalertdocument.cookie/script http://example.com/vcard/create.php?uploaded='scriptalertdocument.cookie/script...