Lucene search
K

968 matches found

securityvulns
securityvulns
added 2007/12/27 12:0 a.m.62 views

IPortalX Forums Cross-Site Scripting Vulnerability

HSC IPortalX Forums Cross-Site Scripting Vulnerability IPortalX is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...

1AI score
Exploits0
Packet Storm
Packet Storm
added 2007/12/24 12:0 a.m.36 views

dokeos-xss.txt

HSC Dokeos Multiple Cross-Site Scripting Vulnerabilities Dokeos is a learning management systemused to manage e-learning. It's prone to cross-site scripting vulnerability. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the conte...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2007/12/18 12:0 a.m.56 views

wconnect-xss.txt

HSC WCONNECT WC.DLL Cross-Site Scripting Vulnerability West Wind Web Connection is a tool for building Web applications using the Visual FoxPro environment but is also Vulnerable to Cross-Site scripting attacks. Admins need to password protect the application since its installed with out password...

7.4AI score
Exploits0
Cvelist
Cvelist
added 2007/12/03 10:0 p.m.40 views

CVE-2007-6203

Apache HTTP Server 2.0.x and 2.2.x does not sanitize the HTTP Method specifier header from an HTTP request when it is reflected back in a "413 Request Entity Too Large" error message, which might allow cross-site scripting XSS style attacks using web client components that can send arbitrary...

7.6AI score0.80749EPSS
Exploits1References31
Debian CVE
Debian CVE
added 2007/12/03 10:0 p.m.39 views

CVE-2007-6203

Apache HTTP Server 2.0.x and 2.2.x does not sanitize the HTTP Method specifier header from an HTTP request when it is reflected back in a "413 Request Entity Too Large" error message, which might allow cross-site scripting XSS style attacks using web client components that can send arbitrary...

4.3CVSS5.6AI score0.80749EPSS
Exploits1
Packet Storm
Packet Storm
added 2007/11/27 12:0 a.m.19 views

gwextranet-multi.txt

HSC GWExtranet Script Injections & Privilege Escalation Vulnerability Attackers may exploit this issue via a web client. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site. This may help the attacker...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2007/11/27 12:0 a.m.37 views

mps-insertion.txt

HSCMySpace Scripts - Poll Creator JavaScript Injection Vulnerability Our MySpace Poll Creator script is the ultimate addition to your MySpace resource site. The script enables your user to quickly and easily create a poll that they can post to profile or bulletin to all their friends. Everyone...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2007/11/26 12:0 a.m.53 views

GWExtranet Script Injections & Privilege Escalation Vulnerability

HSC GWExtranet Script Injections & Privilege Escalation Vulnerability Attackers may exploit this issue via a web client. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site. This may help the attacker...

1.1AI score
Exploits0
Cvelist
Cvelist
added 2007/11/05 5:0 p.m.24 views

CVE-2007-5808

Unspecified vulnerability in the Groupmax Collaboration - Schedule component in Hitachi Groupmax Collaboration Portal 07-30 through 07-30-/F and 07-32 through 07-32-/C, uCosminexus Collaboration Portal 06-30 through 06-30-/F and 06-32 through 06-32-/C, and Groupmax Collaboration Web Client -...

6.1AI score0.01442EPSS
Exploits0References6
Packet Storm
Packet Storm
added 2007/10/29 12:0 a.m.40 views

smartshop-xss.txt

HSC Smart-Shop Shopping Cart Cross-Site Scripting Vulrnability SMART-SHOP shopping cart software is a all-in-one hosted e-commerce solution that creates and helps you maintain your online store fast, easy, and cost-effective. Many people using this software must be warned that there are holes in...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2007/10/10 12:0 a.m.101 views

DNewsWeb Softwares Cross Site Scripting Vulrnability

HSC DNewsWeb Softwares Cross Site Scripting Vulrnability The DNews News Server is advanced news server software that makes it easy for you to provide users with fast access to Internet Usenet news groups. Installing your own l ocal news server software also gives you complete control to create yo...

1AI score
Exploits0
Packet Storm
Packet Storm
added 2007/10/10 12:0 a.m.30 views

dnewsweb-xss.txt

HSC DNewsWeb Softwares Cross Site Scripting Vulrnability The DNews News Server is advanced news server software that makes it easy for you to provide users with fast access to Internet Usenet news groups. Installing your own l ocal news server software also gives you complete control to create yo...

Exploits0
securityvulns
securityvulns
added 2007/10/02 12:0 a.m.104 views

eGov Content Manager Cross Site Scripting Vulrnability

HSC eGov Content Manager Cross Site Scripting Vulrnability The eGov Manager was designed to simplify the efforts of government staffers who are responsible for posting public documents, news updates, events, managing staff directories and online services. This issue is due to a failure in the...

0.7AI score
Exploits0
securityvulns
securityvulns
added 2007/09/13 12:0 a.m.97 views

Boinc Forum Cross Site Scripting Vulrnability

HSC Boinc Forum Cross Site Scripting Vulrnability This issue is due to a failure in the application to properly sanitize user-supplied input. Attackers may exploit this issue via a web client. An attacker may leverage this issue to have arbitrary script code execute in the browser of an...

1.2AI score
Exploits0
Packet Storm
Packet Storm
added 2007/09/13 12:0 a.m.27 views

boinc-xss.txt

HSC Boinc Forum Cross Site Scripting Vulrnability This issue is due to a failure in the application to properly sanitize user-supplied input. Attackers may exploit this issue via a web client. An attacker may leverage this issue to have arbitrary script code execute in the browser of an...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2007/08/28 12:0 a.m.43 views

InterWorx-CP Multiple HTML Injections Vulnerabilitie

HSC InterWorx-CP Multiple HTMl Injection Vulnerabilities The InterWorx Hosting Control Panel InterWorx-CP is a dedicated server control panel. InterWorx suffers from multiple HTMl injection vulnerabilities. JavaScript and Cross site scripting are just few found vulns, more sophisticated attacks...

0.9AI score
Exploits0
Packet Storm
Packet Storm
added 2007/07/28 12:0 a.m.30 views

phpsysinfo-xss.txt

HSC PHPSysInfo Index.php Cross Site Scripting PhpSysInfo is a PHP script that displays information about the host being accessed. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site. This may help the...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2007/06/21 12:0 a.m.40 views

csc-sqlxss.txt

--- Comersus Shop Cart 7.07 SQL Injection & XSS Comersus is an active server pages asp software for running shopping stores, integrated with the rest of your web site. Comersus ASP Cart is free and IT CAN BE used for commercial purposes. An attacker may leverage this issue to have arbitrary scrip...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2007/06/07 12:0 a.m.26 views

cactushop-mdb.txt

Cactushop V6 allows remote users to download the database which contains creditcard numbers and critical information. The affected carts default installation gives away the path to database file. As a result, an attacker exploiting this vulnerability will be able to obtain detailed private custom...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2007/05/03 12:0 a.m.51 views

Aardvark Topsites PHP Directory Disclosure Vulnerability

Aardvark Topsites PHP Directory Disclosure Vulnerability Aardvark Topsites PHP is the premier free PHP/MySQL topsites script. An attacker can see what files are in the Directory. Knowing what is there to be executed can allow for more targeted and intelligent attacks against PHP Files known to be...

0.5AI score
Exploits0
Rows per page
Query Builder