CVE-2006-1785

Adobe Document Server for Reader Extensions 6.0 allows remote authenticated users to inject arbitrary web script via a leading 1 ftp or 2 http URI in the ReaderURL variable in the "Update Download Site" section of ads-readerext. NOTE: it is not clear whether the vendor advisory addresses this...

DSA-999-1 lurker - several

Bulletin has no description...

PHP Web Scripts Ad Manager Pro 2.0 - 'Advertiser_statistic.php' SQL Injection

source: https://www.securityfocus.com/bid/15847/info Ad Manager Pro is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could result in a compromise of the...

PHP Web Scripts Ad Manager Pro 2.0 - Advertiser_statistic.php SQL Injection

PHP Web Scripts Ad Manager Pro 2.0 - Advertiserstatistic.php SQL Injection source: https://www.securityfocus.com/bid/15847/info Ad Manager Pro is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in ...

KLA10185 Multiple vulnerabilities in Groove

Multiple serious vulnerabilities have been found in Groove products. Malicious users can exploit these vulnerabilities to obtain sensitive information, inject web scripts, bypass security restrictions and spoof filenames. Below is a complete list of vulnerabilities 1. Improper file extension...

CVE-2003-1175

Cross-site scripting XSS vulnerability in index.php in Sympoll 1.5 allows remote attackers to inject arbitrary web script or HTML via the vo parameter...

CVE-2003-0154

Cross-site scripting vulnerabilities XSS in bonsai Mozilla CVS query tool allow remote attackers to execute arbitrary web script via 1 the file, root, or rev parameters to cvslog.cgi, 2 the file or root parameters to cvsblame.cgi, 3 various parameters to cvsquery.cgi, 4 the person parameter to...