Lucene search
+L

2580 matches found

Packet Storm
Packet Storm
added 2005/03/03 12:0 a.m.16 views

HRG006.txt

HRG - Hackerlounge Research Group Release: HRG006 Monday 03/01/05 427BB The author can't be held responsible for any damage done by a reader. You have your own resonsibility Please use this document like it's meant to. Vulnerable: 427BB Any Version --- General Information: 427BB Is a simple board...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2005/02/17 12:0 a.m.32 views

[PersianHacker.NET 200505-06] paNews v2.0b4 XSS Vulnerability

PersianHacker.NET 200505-06 paNews v2.0b4 XSS Vulnerability Date: 2005 February Bug Number: 06 paNews is a news management script to use on your site. Users can use paCode, special code designed to allow the adding of images and font changes in the posts without allowing users to use HTML to post...

1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2005/02/03 12:0 a.m.9 views

Sunshop < 3.4RC2 index.php search Parameter XSS

Binary data 2590.prm...

7.3AI score
Exploits0
Packet Storm
Packet Storm
added 2005/01/18 12:0 a.m.22 views

sparkleBlog.txt

Various Vulnerabilities in SparkleBlog SparkleBlog is an open-source PHP script which allows you to input and edit your weblog entries, without having to go through the hassle of coding in HTML and uploading via FTP every time you want to make an update. A weblog aka blog is simply an online...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2005/01/16 12:0 a.m.23 views

Various Vulnerabilities in SparkleBlog

Various Vulnerabilities in SparkleBlog SparkleBlog is an open-source PHP script which allows you to input and edit your weblog entries, without having to go through the hassle of coding in HTML and uploading via FTP every time you want to make an update. A weblog aka blog is simply an online...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2005/01/06 12:0 a.m.21 views

[Full-Disclosure] Xanga Cookie Stealing Vunerability XSS - GNAA Security Center

Vendor: Xanga URL: http://www.xanga.com/ Versions: Current Remote: Yes vendor notified: 06 Oct 2004 at 14:08 Vendor response: NONE Summary: Xanga is a fully featured blogging system, it provides great control over look & feel of a users blog by allowing HTML with only basic checks. Xanga has well...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2004/11/23 12:0 a.m.31 views

PHPKIT SQL Injection, XSS

Author: Steve Date: November 22, 2004 Affected Software:PHP KIT Software Version: 1.6.03 - 1.6.1 Software URL: http://www.phpkit.de Attack: SQL Injection, allowing people to manipulate the query into pulling data. XSS What is PHPKIT: PHPKIT is a modular developed Homepage Software which can simpl...

0.2AI score
Exploits0
Gentoo Linux
Gentoo Linux
added 2004/11/17 12:0 a.m.35 views

SquirrelMail: Encoded text XSS vulnerability

Background SquirrelMail is a webmail package written in PHP. It supports IMAP and SMTP, and can optionally be installed with SQL support. Description SquirrelMail fails to properly sanitize certain strings when decoding specially-crafted headers. Impact By enticing a user to read a...

6.8CVSS1.4AI score0.02818EPSS
Exploits0
Packet Storm
Packet Storm
added 2004/09/10 12:0 a.m.20 views

phpSQLnuke.pl

XSS/SQL Injection PHP-Nuke Delete Messages Bug by bima Php-Nuke is a popular freeware content management system. Based on information at : http://www.mantralab.org/modules.php/modulo/news/lanotizia/%5BXSS%5D+PHP-Nuke+7.4+Add+Message+Bug An attacker permitted to post to global home-page messages. ...

7.4AI score
Exploits0
FreeBSD
FreeBSD
added 2004/08/20 12:0 a.m.12 views

imp3 -- XSS hole in the HTML viewer

The script vulnerabilities can only be exposed with certain browsers and allow XSS attacks when viewing HTML messages with the HTML MIME viewer...

2.1AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2004/08/02 12:0 a.m.22 views

Phorum search.php subject Parameter XSS

The remote version of Phorum contains a script called 'search.php' that is vulnerable to a cross-site scripting attack. An attacker may be able to exploit this problem to steal the authentication credentials of third-party users. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

4.3CVSS5.2AI score0.03579EPSS
Exploits1References3
securityvulns
securityvulns
added 2004/05/31 12:0 a.m.40 views

SquirrelMail &quot;Content-Type&quot; XSS vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =============================== - RS-Labs Security Advisory - =============================== Tittle: SquirrelMail "Content-Type" XSS vulnerability ID: RS-2004-1 Severity: Medium / High - Arbitrary tags injection in victim's browser context Date:...

6.1AI score
Exploits0
securityvulns
securityvulns
added 2004/04/15 12:0 a.m.22 views

[Full-Disclosure] [SCAN Associates Sdn Bhd Security Advisory] Postnuke v 0.726 and below SQL injection

Products: Postnuke v 0.726 http://www.postnuke.com Date: 15 April 2004 Author: pokleyzz pokleyzzatscan-associates.net Contributors:skatscan-associates.net shaharilatscan-associates.net muniratscan-associates.net URL: http://www.scan-associates.net Summary: Postnuke v 0.726 and below SQL injection...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2004/03/27 12:0 a.m.93 views

[waraxe-2004-SA#012 - Multiple vulnerabilities in XMB Forum 1.8 SP3 and 1.9 beta]

================================================================================ waraxe-2004-SA012 ================================================================================ Multiple vulnerabilities in XMB 1.8 Partagium SP3 and 1.9 Nexus Beta...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2004/03/26 12:0 a.m.29 views

[Full-Disclosure] Blogger XSS Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------ BLOGGER XSS VULNERABILITY - ------------------------------------------------------ Online URL : http://ferruh.mavituna.com/article/?470 Severity : Moderately Critical for Members Permanent Accou...

6.7AI score
Exploits0
securityvulns
securityvulns
added 2003/10/31 12:0 a.m.23 views

Multiple Vulnerabilities in Led-Forums

Product: Led-Forums Versions: Beta 1 Vulnerability: XSS- and redirection-Bug Date: October 30, 2003 Discovered by: ProXy [email protected] 1. - XSS-Bug The Welcome-Message of the Led-Forums software could be changed by everybody. Normal Text, HTML and Javascript it's all allowed! : eg:...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2003/09/30 12:0 a.m.40 views

ECHU.ORG Alert #4: GuppY makes XSS attacks easy

-------------------------------- | GuppY makes XSS attacks easy | -------------------------------- PROGRAM: GuppY VULNERABLE VERSIONS: All versions under 2.4p1 IMMUNE VERSIONS: 2.4p1 SEVERITY: high Tested version ============== GuppY 2.4 on the official GuppY website. Description ============...

6.2AI score
Exploits0
securityvulns
securityvulns
added 2003/06/21 12:0 a.m.137 views

phpMyAdmin XSS Vulnerabilities, Transversal Directory Attack , Information Encoding Weakness and Path Disclosures

phpMyAdmin XSS Vulnerabilities, Transversal Directory Attack , Information Encoding Weakness and Path Disclosures -------------------- Product: phpMyAdmin Vendor: phpMyAdmin Development Team Versions: VULNERABLE - 2.5.2 CVS in Development - 2.5.x - 2.4.x - 2.3.x - 2.2.x - 2.1.x - 2.0.x - 1.x.x NO...

7.2AI score
Exploits0
phpMyAdmin
phpMyAdmin
added 2003/06/18 12:0 a.m.42 views

Several security issues were reported to BugTraq mailing list. However most of these issues were already fixed some time ago.

PMASA-2003-1 Announcement-ID: PMASA-2003-1 Date: 2003-06-18 Summary Several security issues were reported to BugTraq mailing list. However most of these issues were already fixed some time ago. Description Reporter wrote that he found following issues within phpMyAdmin code each issue is followed...

5.5AI score
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2003/03/23 12:0 a.m.86 views

DCP-Portal Multiple Script XSS

The version of DCP-Portal installed on the remote host fails to sanitize input to the script 'calendar.php' before using it to generate dynamic HTML, that could let an attacker execute arbitrary code in the browser of a legitimate user. It may also be affected by HTML injection flaws, which could...

4.3CVSS5.7AI score0.05324EPSS
Exploits3References4
Rows per page
Query Builder