Lucene search
K

966 matches found

securityvulns
securityvulns
added 2007/01/20 12:0 a.m.61 views

MyShoutBox Multiple Cross-Site Scripting Vulnerability

A Shoutbox is a new interaction possiblity for visitors to your site! With a Shoutbox, site visitors develop a durable, personal relationship with your homepage. Customer relations is indispensable for today's websites. Hackers Center Security Group http://www.hackerscenter.com Credit: Doz Risk:...

1.3AI score
Exploits0
securityvulns
securityvulns
added 2007/01/20 12:0 a.m.58 views

Paypal Subscription Manager Multiple HTML Injections

Paypal Subscription Manager allows webmaster easily create subscription web site, visitors can access to digital product instantly after paying through Paypal, PSM provides ability to effortlessly process subscription and protect membership areas. PSM uses PHP and MySQL for fast, efficient,...

1.2AI score
Exploits0
securityvulns
securityvulns
added 2007/01/17 12:0 a.m.53 views

InstantForum.NET Multiple Cross-Site Scripting Vulnerability

InstantForum.NET Multiple Cross-Site Scripting Vulnerability ASP.NET based discussion forum. Full administration, WYSIWYG editor, Permission based forum access, Assign forum moderators, VS.NET solution available. InstantForum.NET is the most comprehensive, high performance ASP.NET & SQL Server...

0.7AI score
Exploits0
Packet Storm
Packet Storm
added 2007/01/16 12:0 a.m.38 views

instant-xss.txt

InstantForum.NET Multiple Cross-Site Scripting Vulnerability ASP.NET based discussion forum. Full administration, WYSIWYG editor, Permission based forum access, Assign forum moderators, VS.NET solution available. InstantForum.NET is the most comprehensive, high performance ASP.NET & SQL Server...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2007/01/03 12:0 a.m.40 views

AShop Shopping Cart Multiple XSS Vulnerabilities

Ashop Commerce provides a turn-key ecommerce solution with it's revolutionary online store building software. One of the worlds most easy to use web based administrations with award winning features allows the merchant to set up an online store capable of competing with the webs most powerful...

1.5AI score
Exploits0
Packet Storm
Packet Storm
added 2006/12/28 12:0 a.m.18 views

phplive322-xss.txt

PHP Live! © OSI Codes Inc. enables live help and live customer support communication directly from your website. With PHP Live!, you can provide one-on-one chat assistance in real-time, answer visitor questions and add that extra human touch to your website. The application if full of xss holes...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2006/12/26 12:0 a.m.38 views

PHP Live! 3.2.2 Multiple Cross-Site Scripting Vulnerabilities

PHP Live! © OSI Codes Inc. enables live help and live customer support communication directly from your website. With PHP Live!, you can provide one-on-one chat assistance in real-time, answer visitor questions and add that extra human touch to your website. The application if full of xss holes...

1.2AI score
Exploits0
seebug.org
seebug.org
added 2006/12/22 12:0 a.m.38 views

Typo3 Class.TX_RTEHTMLArea_PI1.PHP多个命令执行漏洞

Typo3是一款基于PHP的WEB应用程序。 Typo3不正确过滤用户提交的输入,远程攻击者可以利用漏洞以WEB权限执行任意命令。 问题是脚本对用户提交的'useruid'参数缺少过滤,提交包含SHELL元字符命令的字符串作为参数数据,可导致以WEB权限执行任意命令。 Typo3 Typo3 4.0.3 Typo3 Typo3 4.0.2 Typo3 Typo3 4.0.1 Typo3 Typo3 3.7 .0 Typo3 Typo3 4.0 Typo3 Typo3 3.8 http://typo3.org/ Attackers can exploit these issues via ...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2006/11/14 12:0 a.m.38 views

MS06-067: Cumulative Security Update for Internet Explorer (922760)

The remote host is missing the IE cumulative security update 922760. The remote version of IE is vulnerable to several flaws that could allow an attacker to execute arbitrary code on the remote host. Note that Microsoft has re-released this hotfix as its initial version contained a buffer overflo...

7.6CVSS6.7AI score0.78755EPSS
Exploits4References4
seebug.org
seebug.org
added 2006/10/28 12:0 a.m.30 views

Microsoft Windows Web Client缓冲区溢出漏洞(MS06-008)

Microsoft Windows是微软发布的非常流行的操作系统。 Microsoft Windows的Web Client服务中存在缓冲区溢出漏洞,远程攻击者可能利用此漏洞在主机上执行任意指令。 远程攻击者可以通过向有漏洞系统发送特制的WebDAV请求导致执行任意指令。但是,攻击者必须拥有有效的登录凭据才可以利用这个漏洞。 Microsoft Windows XP SP2 Microsoft Windows XP SP1 Microsoft Windows Server 2003 SP1 Microsoft Windows Server 2003...

7.5AI score
Exploits0
securityvulns
securityvulns
added 2006/09/28 12:0 a.m.150 views

net2ftp: a web based FTP client :) <= Remote File Inclusion

+-------------------------------------------------------------------- + + net2ftp: a web based FTP client : = Remote File Inclusion + +-------------------------------------------------------------------- + + Affected Software .: net2ftp: a web based FTP client + Venedor ...........:...

0.2AI score
Exploits0
RedHat Linux
RedHat Linux
added 2006/08/10 8:55 p.m.4 views

httpd: Expect header XSS

httpprotocol.c in 1 IBM HTTP Server 6.0 before 6.0.2.13 and 6.1 before 6.1.0.1, and 2 Apache HTTP Server 1.3 before 1.3.35, 2.0 before 2.0.58, and 2.2 before 2.2.2, does not sanitize the Expect header from an HTTP request when it is reflected back in an error message, which might allow cross-site...

4.3CVSS7.1AI score0.94281EPSS
Exploits7References4
CVE
CVE
added 2006/07/13 10:0 a.m.42 views

CVE-2006-3574

CVE-2006-3574 involves XSS vulnerabilities in Hitachi Groupmax Collaboration Portal and Web Client (affected before 07-20-/D) and uCosminexus Collaboration Portal and Forum/File Sharing (affected before 06-20-/C). The issue allows remote execution of malicious scripts via unknown vectors. The pro...

6.8CVSS6.1AI score0.01414EPSS
Exploits0References6Affected Software3
Check Point Advisories
Check Point Advisories
added 2006/02/22 12:0 a.m.4 views

Microsoft Windows Web Client Remote Code Execution (MS06-008; CVE-2006-0013)

Web Client WebDAV is a system service that allows Web-based Distributed Authoring and Versioning. Remote code execution vulnerability exists in the way that Windows processes Web Client requests that could allow an attacker who successfully exploited this vulnerability to take complete control of...

6.5CVSS6.6AI score0.34854EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2006/02/15 12:0 a.m.92 views

MS06-008: Vulnerability in Web Client Service Could Allow Remote Code Execution (911927) (uncredentialed check)

The remote version of Windows contains a flaw in the Web Client service that may allow an attacker to execute arbitrary code on the remote host. To exploit this flaw, an attacker would need credentials to log into the remote host. C Tenable Network Security, Inc. include"compat.inc"; if descripti...

6.5CVSS6.2AI score0.34854EPSS
Exploits0References2
NVD
NVD
added 2006/02/14 7:6 p.m.21 views

CVE-2006-0013

Buffer overflow in the Web Client service WebClnt.dll for Microsoft Windows XP SP1 and SP2, and Server 2003 up to SP1, allows remote authenticated users or Guests to execute arbitrary code via crafted RPC requests, a different vulnerability than CVE-2005-1207...

6.5CVSS7.3AI score0.34854EPSS
Exploits0References12
Prion
Prion
added 2006/02/14 7:6 p.m.14 views

Buffer overflow

Buffer overflow in the Web Client service WebClnt.dll for Microsoft Windows XP SP1 and SP2, and Server 2003 up to SP1, allows remote authenticated users or Guests to execute arbitrary code via crafted RPC requests, a different vulnerability than CVE-2005-1207...

6.5CVSS7.7AI score0.34854EPSS
Exploits0References12Affected Software1
Cvelist
Cvelist
added 2006/02/14 7:0 p.m.25 views

CVE-2006-0013

Buffer overflow in the Web Client service WebClnt.dll for Microsoft Windows XP SP1 and SP2, and Server 2003 up to SP1, allows remote authenticated users or Guests to execute arbitrary code via crafted RPC requests, a different vulnerability than CVE-2005-1207...

7.3AI score0.34854EPSS
Exploits0References12
CVE
CVE
added 2006/02/14 7:0 p.m.71 views

CVE-2006-0013

Mode C: Affected software and root cause: Microsoft Windows XP SP1/SP2 and Windows Server 2003 up to SP1 with the Web Client service (WebClnt.dll) are vulnerable. The issue is an unchecked buffer in the Web Client service that handles WebDAV/RPC messages, enabling remote code execution. Impact: a...

6.5CVSS7.4AI score0.34854EPSS
Exploits0References12Affected Software2
Check Point Advisories
Check Point Advisories
added 2006/02/14 12:0 a.m.8 views

Update Protection against Microsoft Windows Web Client Service Vulnerability (MS06-008)

A vulnerability was detected in Microsoft Windows Web Client service. The Web Client Service allows applications to access documents on the Internet by using the WebDAV protocol. WebDAV is a set of extensions to the HTTP protocol that allows users to collaboratively edit and manage files on remot...

6.5CVSS3.4AI score0.34854EPSS
Exploits0
Rows per page
Query Builder