966 matches found
MyShoutBox Multiple Cross-Site Scripting Vulnerability
A Shoutbox is a new interaction possiblity for visitors to your site! With a Shoutbox, site visitors develop a durable, personal relationship with your homepage. Customer relations is indispensable for today's websites. Hackers Center Security Group http://www.hackerscenter.com Credit: Doz Risk:...
Paypal Subscription Manager Multiple HTML Injections
Paypal Subscription Manager allows webmaster easily create subscription web site, visitors can access to digital product instantly after paying through Paypal, PSM provides ability to effortlessly process subscription and protect membership areas. PSM uses PHP and MySQL for fast, efficient,...
InstantForum.NET Multiple Cross-Site Scripting Vulnerability
InstantForum.NET Multiple Cross-Site Scripting Vulnerability ASP.NET based discussion forum. Full administration, WYSIWYG editor, Permission based forum access, Assign forum moderators, VS.NET solution available. InstantForum.NET is the most comprehensive, high performance ASP.NET & SQL Server...
instant-xss.txt
InstantForum.NET Multiple Cross-Site Scripting Vulnerability ASP.NET based discussion forum. Full administration, WYSIWYG editor, Permission based forum access, Assign forum moderators, VS.NET solution available. InstantForum.NET is the most comprehensive, high performance ASP.NET & SQL Server...
AShop Shopping Cart Multiple XSS Vulnerabilities
Ashop Commerce provides a turn-key ecommerce solution with it's revolutionary online store building software. One of the worlds most easy to use web based administrations with award winning features allows the merchant to set up an online store capable of competing with the webs most powerful...
phplive322-xss.txt
PHP Live! © OSI Codes Inc. enables live help and live customer support communication directly from your website. With PHP Live!, you can provide one-on-one chat assistance in real-time, answer visitor questions and add that extra human touch to your website. The application if full of xss holes...
PHP Live! 3.2.2 Multiple Cross-Site Scripting Vulnerabilities
PHP Live! © OSI Codes Inc. enables live help and live customer support communication directly from your website. With PHP Live!, you can provide one-on-one chat assistance in real-time, answer visitor questions and add that extra human touch to your website. The application if full of xss holes...
Typo3 Class.TX_RTEHTMLArea_PI1.PHP多个命令执行漏洞
Typo3是一款基于PHP的WEB应用程序。 Typo3不正确过滤用户提交的输入,远程攻击者可以利用漏洞以WEB权限执行任意命令。 问题是脚本对用户提交的'useruid'参数缺少过滤,提交包含SHELL元字符命令的字符串作为参数数据,可导致以WEB权限执行任意命令。 Typo3 Typo3 4.0.3 Typo3 Typo3 4.0.2 Typo3 Typo3 4.0.1 Typo3 Typo3 3.7 .0 Typo3 Typo3 4.0 Typo3 Typo3 3.8 http://typo3.org/ Attackers can exploit these issues via ...
MS06-067: Cumulative Security Update for Internet Explorer (922760)
The remote host is missing the IE cumulative security update 922760. The remote version of IE is vulnerable to several flaws that could allow an attacker to execute arbitrary code on the remote host. Note that Microsoft has re-released this hotfix as its initial version contained a buffer overflo...
Microsoft Windows Web Client缓冲区溢出漏洞(MS06-008)
Microsoft Windows是微软发布的非常流行的操作系统。 Microsoft Windows的Web Client服务中存在缓冲区溢出漏洞,远程攻击者可能利用此漏洞在主机上执行任意指令。 远程攻击者可以通过向有漏洞系统发送特制的WebDAV请求导致执行任意指令。但是,攻击者必须拥有有效的登录凭据才可以利用这个漏洞。 Microsoft Windows XP SP2 Microsoft Windows XP SP1 Microsoft Windows Server 2003 SP1 Microsoft Windows Server 2003...
net2ftp: a web based FTP client :) <= Remote File Inclusion
+-------------------------------------------------------------------- + + net2ftp: a web based FTP client : = Remote File Inclusion + +-------------------------------------------------------------------- + + Affected Software .: net2ftp: a web based FTP client + Venedor ...........:...
httpd: Expect header XSS
httpprotocol.c in 1 IBM HTTP Server 6.0 before 6.0.2.13 and 6.1 before 6.1.0.1, and 2 Apache HTTP Server 1.3 before 1.3.35, 2.0 before 2.0.58, and 2.2 before 2.2.2, does not sanitize the Expect header from an HTTP request when it is reflected back in an error message, which might allow cross-site...
CVE-2006-3574
CVE-2006-3574 involves XSS vulnerabilities in Hitachi Groupmax Collaboration Portal and Web Client (affected before 07-20-/D) and uCosminexus Collaboration Portal and Forum/File Sharing (affected before 06-20-/C). The issue allows remote execution of malicious scripts via unknown vectors. The pro...
Microsoft Windows Web Client Remote Code Execution (MS06-008; CVE-2006-0013)
Web Client WebDAV is a system service that allows Web-based Distributed Authoring and Versioning. Remote code execution vulnerability exists in the way that Windows processes Web Client requests that could allow an attacker who successfully exploited this vulnerability to take complete control of...
MS06-008: Vulnerability in Web Client Service Could Allow Remote Code Execution (911927) (uncredentialed check)
The remote version of Windows contains a flaw in the Web Client service that may allow an attacker to execute arbitrary code on the remote host. To exploit this flaw, an attacker would need credentials to log into the remote host. C Tenable Network Security, Inc. include"compat.inc"; if descripti...
CVE-2006-0013
Buffer overflow in the Web Client service WebClnt.dll for Microsoft Windows XP SP1 and SP2, and Server 2003 up to SP1, allows remote authenticated users or Guests to execute arbitrary code via crafted RPC requests, a different vulnerability than CVE-2005-1207...
Buffer overflow
Buffer overflow in the Web Client service WebClnt.dll for Microsoft Windows XP SP1 and SP2, and Server 2003 up to SP1, allows remote authenticated users or Guests to execute arbitrary code via crafted RPC requests, a different vulnerability than CVE-2005-1207...
CVE-2006-0013
Buffer overflow in the Web Client service WebClnt.dll for Microsoft Windows XP SP1 and SP2, and Server 2003 up to SP1, allows remote authenticated users or Guests to execute arbitrary code via crafted RPC requests, a different vulnerability than CVE-2005-1207...
CVE-2006-0013
Mode C: Affected software and root cause: Microsoft Windows XP SP1/SP2 and Windows Server 2003 up to SP1 with the Web Client service (WebClnt.dll) are vulnerable. The issue is an unchecked buffer in the Web Client service that handles WebDAV/RPC messages, enabling remote code execution. Impact: a...
Update Protection against Microsoft Windows Web Client Service Vulnerability (MS06-008)
A vulnerability was detected in Microsoft Windows Web Client service. The Web Client Service allows applications to access documents on the Internet by using the WebDAV protocol. WebDAV is a set of extensions to the HTTP protocol that allows users to collaboratively edit and manage files on remot...