HotPlugCMS version 1.0 is susceptible to a cross site scripting flaw.
68419139cda674fc2852fc1e7cfd0fd4Cisco Secure ACS LoginProxy.cgi has been found to be vulnerable to Cross Site Scripting attacks via both GET and POST requests due to a failure to properly filter undesirable user input. Successful exploitation could result in a loss of privacy of sensitive data, such as usernames and passwords. Exploitation details provided.
845172879ee4eabd67b6dd8fc63bdca5Andy's Chat version 4.5 suffers from a remote file inclusion flaw.
54d0c155df2e7f3710a92df2b7696bdaHotPlugCMS version 1.0 suffers from a SQL injection vulnerability.
5ae6290371c5086125e5f972cd621c33RedTeam has identified a SQL injection that can be triggered due to a lack of user input sanitization in phpBannerExchange versions 2.0 RC5 and below. It is possible to recover a password of a user and thereby overtake his account.
92155311e0e3fa99e3565e9110bfd108RedTeam has identified two SQL injections in phpBannerExchange versions 2.0 RC5 and below. It is possible to bypass user authentication with them.
dcf1d508958fda127419fa69e6985f18Biblenet.net suffers from multiple cross site scripting flaws.
59f9f6f3325aa27a95dda4d9a3bc85b8MP3 Search/Archive version 1.2 suffer from a cross site scripting flaw.
8c545ba5555fc22c8370947c38d6d935B3ta.com suffers from a cross site scripting flaw.
302bf74fc34d92a0ab210209e06c2dacAPBoard versions 2.2-r3 and below suffer from SQL injection flaws.
03d63143b493ae2eed24039dd8574d2dEprayer is susceptible to cross site scripting attacks.
da47d3ea18f5669a9cb96cec6b8be537Setuid programs that are part of the iPlanet Messaging Server version 5.2 HotFix 1.16 try to read the configuration file msg.conf. If the environment variable CONFIGROOT is set, the configuration is read from that directory. A symlink attack is possible, and as a result it is possible to read the first line of any file with uid 0 privileges.
928ac1ba0a1465275897f4e0bcc8bda5Confixx versions 3 and below suffer from a cross site scripting flaw in ftp_index.php.
28ad70896c517ba9b17d446625d24112ISPConfig version 2.2.3 suffers from a file inclusion vulnerability.
b782559adcd80e1598ecadd366d2c0fdPhpBlueDragon CMS version 2.9.1 suffers from a file inclusion vulnerability.
e361634b53e1bd8ef5e8e4ee76f5506cConfixx versions 3 and below suffer from a cross site scripting flaw.
b51dd8db8c1e829026757a9d968af2c6Secunia Research has discovered some vulnerabilities in DeluxeBB version 1.06, which can be exploited by malicious people to conduct SQL injection attacks and compromise a vulnerable system.
6ece499572842c432fef3343e082165dFusion Polls appear susceptible to a remote file inclusion vulnerability.
8637349cdeedfcbafa7db28c5191541aFlipper Poll appears susceptible to a remote file inclusion vulnerability.
cb3c3bb37682185e6e39dffca184f9cfRahnemaCo appears susceptible to a remote file inclusion vulnerability.
345d482fef764c28f0330436b36049e0Technorati.com appears vulnerable to cross site scripting attacks.
6d2c00500418068c204886960c33dd6e43things.com appears vulnerable to cross site scripting attacks.
4ef916296ab0d7daf0a051ac8b9dc694Blogspot.com appears vulnerable to cross site scripting attacks.
c5506d67c5b124b617c7769095970d18The Ashop search module is susceptible to SQL injection attacks.
957aa3324427d9f7c8a7342221eb2682ISO.org appears vulnerable to cross site scripting attacks.
7a255cb0ea03b64eeb44dbd1d885a1a2
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed