494 matches found
DubSite CMS 1.0 - Cross-Site Request Forgery
DubSite CMS 1.0 - Cross-Site Request Forgery Pentest Information: ==================== Connection has discovered a Cross Site Request ForgeryCSRF vulnerability in DubSite CMS v1.0 Details ======= Tested on OS: Windows XP Tested with Software: Mozilla Firefox 3.5.x Vulnerable Products: DubSite CMS...
DubSite CMS 1.0 - Cross-Site Request Forgery
Pentest Information: ==================== Connection has discovered a Cross Site Request ForgeryCSRF vulnerability in DubSite CMS v1.0 Details ======= Tested on OS: Windows XP Tested with Software: Mozilla Firefox 3.5.x Vulnerable Products: DubSite CMS Affected Versions: 1.0 Vulnerability Type:...
DubSite CMS 1.0 Cross Site Request Forgery
Pentest Information: ==================== Connection has discovered a Cross Site Request ForgeryCSRF vulnerability in DubSite CMS v1.0 Details ======= Tested on OS: Windows XP Tested with Software: Mozilla Firefox 3.5.x Vulnerable Products: DubSite CMS Affected Versions: 1.0 Vulnerability Type:...
DubSite CMS v1.0 CSRF Vulnerability
Exploit for unknown platform in category web applications =================================== DubSite CMS v1.0 CSRF Vulnerability =================================== Pentest Information: ==================== Connection has discovered a Cross Site Request ForgeryCSRF vulnerability in DubSite CMS...
[SECURITY] Fedora 10 Update: php-ZendFramework-1.7.7-2.fc10
Extending the art & spirit of PHP, Zend Framework is based on simplicity, object-oriented best practices, corporate friendly licensing, and a rigorou sly tested agile codebase. Zend Framework is focused on building more secure, reliable, and modern Web 2.0 applications & web services, and consumi...
XSS vector in Zend_Filter_StripTags
More info at https://framework.zend.com/security/advisory/ZF2009-02...
FreeBSD : Zend Framework -- Local File Inclusion vulnerability in Zend_View::render() (cf495fd4-fdcd-11dd-9a86-0050568452ac)
Matthew Weier O'Phinney reports : A potential Local File Inclusion LFI vulnerability exists in the ZendView::render method. If user input is used to specify the script path, then it is possible to trigger the LFI. Note that Zend Framework applications that never call the ZendView::render method...
LFI vector in Zend_View::setScriptPath() and render()
More info at https://framework.zend.com/security/advisory/ZF2009-01...
Zend Framework -- Local File Inclusion vulnerability in Zend_View::render()
Matthew Weier O'Phinney reports: A potential Local File Inclusion LFI vulnerability exists in the ZendView::render method. If user input is used to specify the script path, then it is possible to trigger the LFI. Note that Zend Framework applications that never call the ZendView::render method wi...
CVE-2006-5900
Cross-site scripting XSS vulnerability in the incubator/tests/Zend/Http/files/testRedirections.php sample code in Zend Framework Preview 0.2.0 allows remote attackers to inject arbitrary web script or HTML via arbitrary parameters...
CVE-2006-5900
Cross-site scripting XSS vulnerability in the incubator/tests/Zend/Http/files/testRedirections.php sample code in Zend Framework Preview 0.2.0 allows remote attackers to inject arbitrary web script or HTML via arbitrary parameters...
CVE-2006-5900
The CVE-2006-5900 entry concerns a Cross-site scripting (XSS) vulnerability in Zend Framework Preview 0.2.0, specifically in the incubator/tests/Zend/Http/_files/testRedirections.php sample code. The issue arises because arbitrary parameters can be used to inject arbitrary web script or HTML. The...
Armorize-ADV-2006-0009.txt
Armorize Technologies Security Advisory Advisory No: Armorize-ADV-2006-0009 Status: Partial Date: 2006/11/03 Summary: Armorize-ADV-2006-0009 discloses cross-site scripting vulnerability that is found in the sample codes of Zend Framework http://framework.zend.com/, which aims to provide a complet...
XSS Vulnerability in Zend Framework Preview 0.2.0
Armorize Technologies Security Advisory Advisory No: Armorize-ADV-2006-0009 Status: Partial Date: 2006/11/03 Summary: Armorize-ADV-2006-0009 discloses cross-site scripting vulnerability that is found in the sample codes of Zend Framework http://framework.zend.com/, which aims to provide a complet...