New User, Welcome!     Login

<< Previous

Input Validation Error

Post Revolution 0.8.0c Multiple Remote Vulnerabilities

info
———————————
Name :  Post Revolution 0.8.0c Multiple Remote Vulnerabilities
Class: Design Error && Input Validation Error
CVE: CVE-2011-1952, CVE-2011-1953, CVE-2011-1954
Remote: Yes
Local: No
Credit :  Javier Bassi <javierbassi [at] gmail [dot] com>
Vulnerable :  All versions prior to and including 0.8.0c are affected.
Vendor Hompeage :  http://postrev.com.ar

Apple Safari 4 Beta feeds: URI NULL Pointer Dereference Denial of Service Vulnerability

Apple Safari 4 Beta feeds: URI NULL Pointer Dereference Denial of
Service Vulnerability

Date:    Feb 25 2009
Class:    Input Validation Error
Local:    Yes
Remote:    Yes
Vulnerable Versions:
    * Apple Safari 4 (528.16) Public Beta

InterWorx-CP Multiple HTML Injections Vulnerabilitie

Credit: Doz


Remote: Yes
Local: Yes
Class: Input Validation Error



Products:

X-Diesel Unreal Commander v0.92 (build 573) multiple vulnerabilities

http://blog.hispasec.com/lab/

Name         : X-Diesel Unreal Commander v0.92 (build 573) multiple
vulnerabilities
Class        : Local/Remote multiple directory traversal (Input
Validation Error)
Threat level : HIGH
Discovered   : 2007-08-09
Published    : 2007-08-23
Credit       : Gynvael Coldwind
Vulnerable   : 0.92 (build 573), 0.92 (build 565), prior also may be affected

IpTools(Tiny TCP/IP server) - WebServer Directory Traversal Vulnerability

Software Version : 0.1.4

Vendor: http://iptools.sourceforge.net/iptools.html

Class:  Input Validation Error  

CVE:
 
Remote:  Yes

XSS holes dotDefender

dotDefender is prone to a XSS because it doesn't satinate the input vars 
correctly. Injecting obfusctated JavaScript code based on references vars 
assignment, the dotDefender WAF is vulnerable.

Class: Input Validation Error
Remote: Yes
Credit: David K. (SH4V)
Vulnerable: till 4.02

Exploit:

Smart-Shop Shopping Cart Cross-Site Scripting Vulrnability

Hackers Center Security Group (http://www.hackerscenter.com)
Credit: Doz


Risk: Medium
Class: Input Validation Error


Vendor: http://www.smart-shop.com
Product: Smart-Shop

WebBatch Applications Cross Site Scripting Vulrnability

Hackers Center Security Group (http://www.hackerscenter.com)
Credit: Doz


Risk: Medium
Class: Input Validation Error
Remote: YES
Local: N/A
Platform: Windows Servers

CJWSoft ASPGuest GuestBook 'edit.asp' - SQL Injection Vulnerability

Version : Free Version

Vendor: http://www.cjwsoft.com/aspguest/default.asp

Class:  Input Validation Error  

CVE:
 
Remote:  Yes

PHPSysInfo Index.php Cross Site Scripting

Hackers Center Security Group (http://www.hackerscenter.com)
Credit: Doz

Class: Input Validation Error

Remote: Yes
Local: N/A

Product: PHPSysInfo

Multiple Cross-Site Scripting Vulnerabilities in Web Wiz Rich Text Editor version 4.02

# _____________________________________________________________________________________________ˆ
#     .: [Classification]   
#    Attack Type:     Input Manipulation
#    Impact:          Loss of Integrity 
#    Fix: N/A         Public release vulnz: {27-07-2008 Sun}
#    Class            Input Validation Error
# _____________________________________________________________________________________________ˆ
#     .: [Solution]    
#    Upgrade to version 4.03 or higher, as it has been reported to fix this vulnerability. 
#    An upgrade is required as there are no known workarounds. 
#    Actual Version: Web Wiz Rich Text Editor (RTE) 4.02

Multiple XSS Vulnerabilities in World Recipe 2.11

Date:   2008/12/15

Status: Full

Class:  Input Validation Error

Bugtraq ID:     N/A

Category:       Cross Site Scripting

Lastguru ASP GuestBook 'View.asp' - SQL Injection Vulnerability

Version : Free Version

Vendor: http://www.LastGuru.com

Class:  Input Validation Error  

CVE:
 
Remote:  Yes

Omnistar Live Software Cross-Site Scripting Vulrnability

Hackers Center Security Group (http://www.hackerscenter.com)
Credit: Doz


Risk: Medium
Class: Input Validation Error


Vendor: http://www.omnistarlive.com
Product: Omnistar Live
<<Previous

Copyright © 1995-2012 LinuxRocket.net. All rights reserved.

Nearly all of LinuxRocket's features are free. Be kind and donate to the cause!