49 matches found
EUVD-2013-3572
Malware in sbrugna...
EUVD-2006-0574
Malware in sbrugna...
EUVD-2005-3924
Malware in sbrugna...
EUVD-2007-2246
Malware in sbrugna...
SUSE CVE-2006-0147
Dynamic code evaluation vulnerability in tests/tmssql.php test script in ADOdb for PHP before 4.70, as used in multiple products including 1 Mantis, 2 PostNuke, 3 Moodle, 4 Cacti, 5 Xaraya, 6 PhpOpenChat, possibly 7 MAXdev MD-Pro, and 8 Simplog, allows remote attackers to execute arbitrary PHP...
Xaraya <= 1.0.0 RC4 create() Denial of Service Exploit
No description provided by source. ?php ---XarayaDOS.php 17.30 28/11/2005 Xaraya =1.0.0 RC4 D.O.S coded by rgod site: http://rgod.altervista.org usage: launch from Apache, fill in requested fields, then go! Sun-Tzu: Hold out baits to entice the enemy. Feign disorder, and crush him. errorreporting...
CVE-2013-3639
Multiple cross-site scripting XSS vulnerabilities in Xaraya 2.4.0-b1 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 id, 2 interface, 3 name, or 4 tabmodule parameter to index.php...
CVE-2013-3639
Multiple cross-site scripting XSS vulnerabilities in Xaraya 2.4.0-b1 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 id, 2 interface, 3 name, or 4 tabmodule parameter to index.php...
CVE-2013-3639
CVE-2013-3639 details multiple cross-site scripting (XSS) vulnerabilities in Xaraya 2.4.0-b1 and earlier, exploitable via index.php parameters (id, interface, name, tabmodule). Root cause: insufficient sanitisation of user-supplied data delivered to /index.php, enabling an attacker to craft links...
Multiple XSS Vulnerabilities in Xaraya
Advisory ID: HTB23156 Product: Xaraya Vendor: Xaraya Development Group Vulnerable Versions: 2.4.0-b1 and probably prior Tested Version: 2.4.0-b1 Vendor Notification: May 15, 2013 Public Disclosure: June 26, 2013 Vulnerability Type: Cross-Site Scripting CWE-79 CVE Reference: CVE-2013-3639 Risk...
Xaraya - Multiple Cross-Site Scripting Vulnerabilities
Xaraya - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/60795/info Xaraya is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary HTML a...
Xaraya 2.4.0-b1 Cross Site Scripting
Advisory ID: HTB23156 Product: Xaraya Vendor: Xaraya Development Group Vulnerable Versions: 2.4.0-b1 and probably prior Tested Version: 2.4.0-b1 Vendor Notification: May 15, 2013 Public Disclosure: June 26, 2013 Vulnerability Type: Cross-Site Scripting CWE-79 CVE Reference: CVE-2013-3639 Risk...
Xaraya - Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/60795/info Xaraya is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary HTML and script code in the browser of an unsuspecting user i...
Multiple XSS Vulnerabilities in Xaraya
High-Tech Bridge Security Research Lab discovered four XSS vulnerabilities in Xaraya, which can be exploited to perform cross-site scripting attacks against administrators of vulnerable application. 1 Multiple Cross-Site Scripting XSS in Xaraya: CVE-2013-3639 1.1 The vulnerability exists due to...
Xaraya 2.2.0 Beta 1 Path Disclosure
Vulnerability ID: HTB22829 Reference: http://www.htbridge.ch/advisory/pathdisclosureinxaraya.html Product: Xaraya Vendor: Xaraya Development Group http://www.xaraya.com/ Vulnerable Version: 2.2.0 beta 1 Vendor Notification: 01 February 2011 Vulnerability Type: Path disclosure Risk level: Low...
HTB22829: Path disclosure in Xaraya
Vulnerability ID: HTB22829 Reference: http://www.htbridge.ch/advisory/pathdisclosureinxaraya.html Product: Xaraya Vendor: Xaraya Development Group http://www.xaraya.com/ Vulnerable Version: 2.2.0 beta 1 Vendor Notification: 01 February 2011 Vulnerability Type: Path disclosure Risk level: Low...
Cross-Site Scripting vulnerability in Xaraya
Здравствуйте 3APA3A! Сообщаю вам о найденной мною Cross-Site Scripting уязвимости в системе Xaraya. XSS: Уязвимость в index.php в параметре d. http://site/?module=search&q=';alertdocument.cookie;// В последних версиях системы уязвимость уже исправлена. Дополнительная информация о данной уязвимост...
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. Xaraya: crossite scripting...
CVE-2007-2251
Unspecified vulnerability in the Roles module in Xaraya 1.1.2 and earlier allows attackers to gain privileges via unspecified vectors, probably related to incorrect permission checking in xartemplates/user-view.xd...
Code injection
Unspecified vulnerability in the Roles module in Xaraya 1.1.2 and earlier allows attackers to gain privileges via unspecified vectors, probably related to incorrect permission checking in xartemplates/user-view.xd...