Hackers Center Security Group
This could be exploited to conduct cross site scripting attacks. Attackers can run arbitrary code
that can be executed by the user's browser in the security context of an affected site. Attackers
can exploit these issues via a web client.
Hackers Center Security Group (http://www.hackerscenter.com)
Credit: Oleg P.
Class: Cross Site Scripting
Remote: Yes
Risk: Medium
the system under the context of the user. These scripts can perform any action that the
user would. The flaw lies in the processing of filtering that is saved after exiting.
Hackers Center Security Group (http://www.hackerscenter.com)
Credit: DoZ
Risk: Medium
Class: Input Validation Error
[HSC] Multiple CSRF in Joomla all versions - Complete compromise
Hackers Center Security Group (http://www.hackerscenter.com)
Credit: Armando Romeo aka Zinho
Class: CSRF
Remote: Yes
Risk: HIGH
environment. This could be exploited to conduct cross site scripting attacks. Attackers can run arbitrary
code that can be executed by the user's browser in the security context of an affected site. Attackers can
exploit these issues via a web client.
Hackers Center Security Group (http://www.hackerscenter.com)
Credit: Oleg P.
Class: Cross Site Scripting
Remote: Yes
Risk: Medium
attacker to obtain a copy of the cookie or perform other operations.
Hackers Center Security Group (http://www.hackerscenter.com)
Credit: Doz
Class: Cross Site Scripting
Remote: Yes
effected in the Admin Control Panel. Also when we Set Workflow in ticket_rules_web.php
with HTML Injection we get a injection result. Than there is "/admincp/user_help.php?do=new_entry"
This simply allows one to inject any code into the PHP file.
Hackers Center Security Group (http://www.hackerscenter.com)
Credit: Doz
Class: Input Validation Error
Priority: Medium
This may help the attacker steal cookie-based authentication credentials
and launch other attacks.
Hackers Center Security Group (http://www.hackerscenter.com)
Credit: Doz
Risk: Medium
Class: Cross Site Scripting
This may help the attacker steal cookie-based authentication credentials
and launch other attacks.
Hackers Center Security Group (http://www.hackerscenter.com)
Credit: Doz
Risk: Medium
Class: Input Validation Error
Simple Machines Forum allows attackers to exploiting this vulnerability by cross-site scripting and they will be able to obtain detailed information. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
Hackers Center Security Group (http://www.hackerscenter.com)
Credit: Doz
Remote: YES
Class: Improper Validation.
Snitz Forums Default Database installation allows remote users to download the database which contains critical information. As a result, an attacker exploiting this vulnerability will be able to obtain detailed information. An attacker may leverage xss issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
Hackers Center Security Group (http://www.hackerscenter.com)
Credit: Doz
Remote: YES
Class: Improper; Instalation configuration, XSS 7 Validation.
can post to profile or bulletin to all their friends. Everyone loves to create a
poll and gather opinions and this isn't something that's available on every other
MySpace resource site.
Hackers Center Security Group (http://www.hackerscenter.com)
Credit: Doz
Risk: Medium
Class: Input Validation Error
underlying database implementation.
Hackers Center Security Group (http://www.hackerscenter.com)
Credit: Doz
Class: Input Validation Error
Remote: Yes
IPortalX is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input.
An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
Hackers Center Security Group (http://www.hackerscenter.com)
Credit: Doz
Class: Input Validation Error
Remote: Yes
allow an attacker to compromise the application by defacing by evil code injection.
Hackers Center Security Group (http://www.hackerscenter.com)
Credit: Doz
Risk: Medium
Class: Input Validation Error in scp.dll
attacker to obtain a copy of the cookie or perform other operations.
Hackers Center Security Group (http://www.hackerscenter.com)
Credit: Doz
Class: Cross Site Scripting
Remote: Yes
MegaBBS is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input.
An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
Hackers Center Security Group (http://www.hackerscenter.com)
Credit: Doz
Class: Input Validation Error
Remote: Yes
An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
Hackers Center Security Group (http://www.hackerscenter.com)
Credit: DoZ Class: Input Validation Error
Remote: Yes
to have arbitrary script code execute in the context of the affected site.
This may allow an attacker to steal cookie-based authentication credentials
and to launch other attacks.
Hackers Center Security Group (http://www.hackerscenter.com)
Credit: Doz
Remote: Yes
Local: Yes
Hackers Center Security Group (http://www.hackerscenter.com)
Credit: Doz
Class: Cross Site Scripting
Remote: Yes
Risk: Medium
XEROX DocuShare URL XSS Injection Vulnerabilities
Xerox DocuShare is a flexible Web-based content management solution that brings greater productivity to every knowledge worker. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
Hackers Center Security Group (http://www.hackerscenter.com)
Credit: Doz
Class: Cross Site Scripting
Remote: Yes
launch other attacks. A successful exploit could allow an attacker to compromise
the application, access or modify data, or exploit vulnerabilities in the
underlying database implementation.
Hackers Center Security Group (http://www.hackerscenter.com)
Credit: Doz
Class: Input Validation Error
Remote: Yes
An attacker may leverage this issue to have arbitrary script code execute in the browser
of an unsuspecting user in the context of the affected site. This may help the attacker
steal cookie-based authentication credentials and launch other attacks.
Hackers Center Security Group (http://www.hackerscenter.com)
Credit: Doz
Risk: Medium
Class: Input Validation Error
This may help the attacker steal cookie-based authentication credentials and launch
other attacks.
Hackers Center Security Group (http://www.hackerscenter.com)
Credit: Doz
Risk: Medium
Class: Input Validation Error
credentials and launch other attacks. A successful exploit could allow an attacker
to compromise the application, access or modify data, or exploit vulnerabilities
in the underlying database implementation.
Hackers Center Security Group (http://www.hackerscenter.com)
Credit: Doz
Risk: Medium
Class: Input Validation Error
An attacker may leverage this issue to have arbitrary script code
execute in the browser of an unsuspecting user in the context of the affected site.
This may help the attacker steal cookie-based authentication credentials and launch
other attacks.
Hackers Center Security Group (http://www.hackerscenter.com)
Credit: Doz
Risk: Medium
Class: Input Validation Error
power are ideal for large-scale community websites and corporate applications,
but it is simple enough for non-technical small site users to set up and
administrate. It comes fully featured on install but is easy to extend.
Hackers Center Security Group (http://www.hackerscenter.com)
Credit: DoZ
Risk: Medium
Class: Cross-Site Scripting & SQL
authentication credentials and launch other attacks.
Hackers Center Security Group (http://www.hackerscenter.com)
Credit: Doz
Risk: Medium
Class: Input Validation Error
>
> attacker to obtain a copy of the cookie or perform other operations.
>
>
>
> Hackers Center Security Group (http://www.hackerscenter.com)
> Credit: Doz
>
> Class: Cross Site Scripting
> Remote: Yes
>
of an unsuspecting user in the context of the affected site. This may help the attacker
steal cookie-based authentication credentials and launch
other attacks.
Hackers Center Security Group (http://www.hackerscenter.com)
Credit: Doz
Risk: Medium
Class: Input Validation Error
|
