20 matches found
CVE-2005-1076
Cross-site scripting XSS vulnerability in the discussion board functionality for WebCT Campus Edition 4.1 allows remote attackers to inject arbitrary web script or HTML via the message field...
EUVD-2008-1234
Malware in sbrugna...
EUVD-2004-1865
Malware in sbrugna...
EUVD-2005-1079
Malware in sbrugna...
EUVD-2004-2007
Malware in sbrugna...
WebCT Campus Edition 3.8/4.x HTML Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/9999/info It has been reported that WebCT Campus Edition may be prone to an HTML injection vulnerability that may allow a remote attacker to execute arbitrary HTML or script code in the browser of an unsuspecting user. A...
WebCT 4.x Javascript Session Stealer
WebCT 4.x Javascript Session Stealer Exploits Software: WebCT Campus Edition 4.x http://secunia.com/product/3280/ Affected Version: 4.1.5.8 Discoverer: Benjamin "balupton" Lupton Date Discovered: November 2005 Date Reported: 25/06/2007 Software Author Contacted again on: 20/07/2007 Date Published...
CVE-2008-1225
Multiple cross-site scripting XSS vulnerabilities in WebCT Campus Edition 4.1.5.8, when "Don't wrap text" is enabled, allow remote authenticated users to inject arbitrary web script or HTML via a 1 mail message or 2 discussion board message. NOTE: this might overlap CVE-2005-1076...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in WebCT Campus Edition 4.1.5.8, when "Don't wrap text" is enabled, allow remote authenticated users to inject arbitrary web script or HTML via a 1 mail message or 2 discussion board message. NOTE: this might overlap CVE-2005-1076...
CVE-2008-1225
WebCT Campus Edition 4.1.5.8 contains multiple XSS vulnerabilities when “Don’t wrap text” is enabled, allowing remote authenticated users to inject arbitrary script/HTML via a mail message or discussion board message. Root cause is input handling in the discussion/mail features; exploit details a...
CVE-2008-1225
Multiple cross-site scripting XSS vulnerabilities in WebCT Campus Edition 4.1.5.8, when "Don't wrap text" is enabled, allow remote authenticated users to inject arbitrary web script or HTML via a 1 mail message or 2 discussion board message. NOTE: this might overlap CVE-2005-1076...
WebCT 4.1.5 - Email and Discussion Board Messages HTML Injection
WebCT 4.1.5 - Email and Discussion Board Messages HTML Injection source: https://www.securityfocus.com/bid/28107/info WebCT is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content...
CVE-2004-1872
CVE-2004-1872 affects WebCT Campus Edition 4.1.1.5 and is a Cross-site Scripting (XSS) vulnerability that allows remote injection of arbitrary script/HTML via the @import URL function in a CSS style tag. The NVD CVSS v2 base score is 4.3 (MEDIUM) with network access, no authentication, and partia...
CVE-2004-2015
Cross-site scripting XSS vulnerability in WebCT Campus Edition allows remote attackers to inject arbitrary HTML or web script via 1 iframe, 2 img, or 3 object tags...
CVE-2004-2015
CVE-2004-2015 is an XSS vulnerability in WebCT Campus Edition. The issue allows remote attackers to inject arbitrary HTML or web script through iframe, img, or object tags. The available documents confirm the affected product and the vulnerable vectors but do not specify root cause details beyond...
CVE-2005-1076
Cross-site scripting XSS vulnerability in the discussion board functionality for WebCT Campus Edition 4.1 allows remote attackers to inject arbitrary web script or HTML via the message field...
CVE-2005-1076
CVE-2005-1076 describes a cross-site scripting (XSS) vulnerability in the WebCT Campus Edition 4.1 discussion board, allowing an attacker to inject arbitrary script/HTML via the message field. The connected Red Hat and CVE-2008-1225 records corroborate XSS in WebCT 4.1.5.8 and note potential over...
CVE-2004-2015
Cross-site scripting XSS vulnerability in WebCT Campus Edition allows remote attackers to inject arbitrary HTML or web script via 1 iframe, 2 img, or 3 object tags...
WebCT Campus Edition 4.1 - Cross site scripting using CSS @import
Name: WebCT Campus Edition 4.1 - Cross site scripting using CSS @import Release date: 2004/03/29 Application: WebCT Campus Edition 4.1 4.1.1.5, possibly others Vendor URL: http://www.webct.com/ WebCT Inc. Author: Simon Boulet simon boulet divahost net Legal Notice: -------------------- This...
CVE-2004-1872
Cross-site scripting XSS vulnerability in WebCT Campus Edition 4.1.1.5 allows remote attackers to inject arbitrary web script or HTML via the @import URL function in a CSS style tag...