EUVD-2006-0690

Malware in sbrugna...

EUVD-2005-3897

Malware in sbrugna...

EUVD-2007-3972

Malware in sbrugna...

EUVD-2006-0692

Malware in sbrugna...

Virtual Hosting Control System 2.4.7 .1 Server_day_stats.PHP Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/17790/info Virtual Hosting Control System is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to have...

Virtual Hosting Control System 2.2/2.4 Error Message Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/15538/info Virtual Hosting Control System is prone to cross-site scripting attacks. The vulnerability arises when error messages are rendered and could let an attacker inject hostile HTML and script code into the browser...

[MajorSecurity Advisory #51]Virtual Hosting Control System - Session fixation Issue

MajorSecurity Advisory 51Virtual Hosting Control System - Session fixation Issue Details ======= Product: Virtual Hosting Control System Affected version: 2.4.7.1 and prior Remote-Exploit: yes Vendor-URL: http://www.vhcs.net Vendor-Status: informed Advisory-Status: published Credits ============...

Virtual Hosting Control System 2.4.7.1 - 'Server_day_stats.php' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/17790/info Virtual Hosting Control System is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code executed in the...

Virtual Hosting Control System 2.4.7.1 - Server_day_stats.php Multiple Cross-Site Scripting Vulnerabilities

Virtual Hosting Control System 2.4.7.1 - Serverdaystats.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/17790/info Virtual Hosting Control System is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitiz...

VHCS --- Virtual Hosting Control System Cross Site Scripting

---------------------------------------------------------- Aria-Security.net Advisory Discovered by: O.U.T.L.A.W www.Aria-security.net Gr33t to: A.u.r.a & R@1D3N & Smok3r ----------------------------------------------------------- Software: VHCS Link: http://www.vhcs.net Attack method: Cross Site...

Default credentials

changepassword.php in Virtual Hosting Control System VHCS 2.4.7.1 and earlier does not verify the old password when a user changes the password, which may allow remote attackers to gain unauthorized access...

CVE-2006-0685

The CVE-2006-0685 issue affects VHCS (Virtual Hosting Control System) up to version 2.4.7.1, where the check_login function in login.php does not exit on failed authentication. This enables a remote attacker to bypass authentication and gain unauthorized access to VHCS application scripts. The co...

Virtual Hosting Control System 2.2/2.4 - 'change_password.php' Current Password

source: https://www.securityfocus.com/bid/16600/info Virtual Hosting Control System VHCS is prone to multiple input and access vulnerabilities. VHCS is prone to an HTML-injection vulnerability and an authentication-bypass vulnerability. These issues could be exploited to gain administrative acces...

VHCSXSS.txt

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SA0006 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ +++++ VHCS 2.x HTTP Error Cross Site Scripting +++++ +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ PUBLISHED ON Nov 22, 2005 PUBLISHED AT...

CVE-2005-3902

VHCS (Virtual Hosting Control System) versions 2.2.0 through 2.4.6.2 are affected by a cross-site scripting (XSS) vulnerability in gui/errordocs/index.php. Attackers can inject arbitrary script or HTML via query strings that are reflected in an error message. The advisory entries (NVD CVE-2005-39...

Virtual Hosting Control System 2.2/2.4 - Error Message Cross-Site Scripting

source: https://www.securityfocus.com/bid/15538/info Virtual Hosting Control System is prone to cross-site scripting attacks. The vulnerability arises when error messages are rendered and could let an attacker inject hostile HTML and script code into the browser session of another user in the...

Virtual Hosting Control System 2.22.4 - Error Message Cross-Site Scripting

Virtual Hosting Control System 2.22.4 - Error Message Cross-Site Scripting source: https://www.securityfocus.com/bid/15538/info Virtual Hosting Control System is prone to cross-site scripting attacks. The vulnerability arises when error messages are rendered and could let an attacker inject hosti...

[Full-Disclosure] Kernelpanik Labs Digest 2005-1

Hi and happy new year. This is a email digest with security fails recently published by Kernelpanik Labs http://www.kernelpanik.org Apache suEXEC Bypass -------------------- Small document about how bypass isolating procedures, i.e. suEXEC, in Apache WebServer. English document:...