17 matches found
EUVD-2008-0518
Malware in sbrugna...
EUVD-2011-0772
Malware in sbrugna...
Cross site scripting
Cross-site Scripting XSS vulnerability in the 'notes' field of a discovered scan asset in Rapid7 Metasploit Pro allows an attacker with a specially-crafted network service of a scan target store an XSS sequence in the Metasploit Pro console, which will trigger when the operator views the record o...
Cross site request forgery (csrf)
Multiple cross-site request forgery CSRF vulnerabilities in Nuke ET 3.2 and 3.4 allow remote attackers to perform actions as administrators, as demonstrated by inserting an XSS sequence into a document...
CVE-2008-1719
Multiple cross-site request forgery CSRF vulnerabilities in Nuke ET 3.2 and 3.4 allow remote attackers to perform actions as administrators, as demonstrated by inserting an XSS sequence into a document...
Cross site request forgery (csrf)
Multiple cross-site request forgery CSRF vulnerabilities in the web interface on the central phone server for the Snom 320 SIP Phone allow remote attackers to perform actions as the phone user, as demonstrated by inserting an address-book entry containing an XSS sequence...
CVE-2008-1250
Multiple cross-site request forgery CSRF vulnerabilities in the web interface on the central phone server for the Snom 320 SIP Phone allow remote attackers to perform actions as the phone user, as demonstrated by inserting an address-book entry containing an XSS sequence...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in deanspermalinksmigration.php in the Dean's Permalinks Migration 1.0 plugin for WordPress allows remote attackers to modify the oldstructure aka deanpmconfigoldstructure configuration setting as administrators via the oldstruct parameter in a...
CVE-2008-0508
Cross-site request forgery CSRF vulnerability in deanspermalinksmigration.php in the Dean's Permalinks Migration 1.0 plugin for WordPress allows remote attackers to modify the oldstructure aka deanpmconfigoldstructure configuration setting as administrators via the oldstruct parameter in a...
CVE-2008-0508
CVE-2008-0508 corresponds to a CSRF vulnerability in the WordPress plugin Dean’s Permalinks Migration 1.0. The flaw affects deans_permalinks_migration.php, enabling remote attackers to modify the oldstructure configuration (dean_pm_config[oldstructure]) via the old_struct parameter when pressing ...
CVE-2008-0508
Cross-site request forgery CSRF vulnerability in deanspermalinksmigration.php in the Dean's Permalinks Migration 1.0 plugin for WordPress allows remote attackers to modify the oldstructure aka deanpmconfigoldstructure configuration setting as administrators via the oldstruct parameter in a...
CVE-2007-5415
Cross-site scripting XSS vulnerability in Mozilla Firefox 2.0, when UTF-7 document content is rendered directly in UTF-7, allows remote attackers to inject arbitrary web script or HTML via a gopher URI that uses '/' slash characters to delimit a literal string within an XSS sequence, a related...
Cross site scripting
Cross-site scripting XSS vulnerability in Mozilla Firefox before 2.0, when UTF-7 document content is rendered directly in UTF-7, allows remote attackers to inject arbitrary web script or HTML via a gopher URI that uses single quote characters to delimit a literal string within an XSS sequence, a...
CVE-2007-5415
Cross-site scripting XSS vulnerability in Mozilla Firefox 2.0, when UTF-7 document content is rendered directly in UTF-7, allows remote attackers to inject arbitrary web script or HTML via a gopher URI that uses '/' slash characters to delimit a literal string within an XSS sequence, a related...
CVE-2007-4141
OpenRat CMS 0.8-beta1 and earlier allows remote attackers to obtain sensitive information via a request containing an XSS sequence in the action parameter to index.php, which reveals the path in an error message...
Design/Logic Flaw
OpenRat CMS 0.8-beta1 and earlier allows remote attackers to obtain sensitive information via a request containing an XSS sequence in the action parameter to index.php, which reveals the path in an error message...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in the WP-FeedStats before 2.4 plugin for WordPress allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, one of which involves an rss2 feed with an invalid or missing blog with an XSS sequence in the query string...