Advertisements

Omnistar Live "category_id" Cross-Site Scripting

Tuesday, 30 October 2007

Doz has reported a vulnerability in Omnistar Live, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed to the "category_id" parameter in kb.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.


read more...

GS07-02 RSA Keon Multiple Cross-Site Scripting Vulnerabilities

Tuesday, 30 October 2007

Date & Version : 07/31/2007 - 1.1 Description : RSA KEON Registration Authority Web Interface has multiple Cross-Site Scripting Vulnerabilities. Request-spk.xuda and Add-msie-request.xuda components of RSA KEON are vulnerable to Cross-Site Scripting attacks. An attacker could use these vulnerabilities for manipulating the registration information, phishing and other client side attacks...


read more...

WebMod "auth.w" Cross-Site Scripting Vulnerability

Tuesday, 16 October 2007

Nemessis has reported a vulnerability in WebMod, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed to the "redir" parameter in auth.w is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.


read more...

Joomla! "searchword" XSS Vulnerability

Saturday, 13 October 2007

MustLive has discovered a vulnerability in Joomla!, which can be exploited by malicious people to conduct cross-site scripting attacks.


read more...

phpMyAdmin "setup.php" XSS Vulnerability

Friday, 12 October 2007

Omer Singer has reported a vulnerability in phpMyAdmin, which can be exploited by malicious people to conduct cross-site scripting attacks.


read more...

Interspire ActiveKB NX "page" Cross-Site Scripting

Friday, 12 October 2007

durito has reported a vulnerability in ActiveKB NX, which can be exploited by malicious people to conduct cross-site scripting attacks.


read more...

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 

 

45884 total xss
14724 special xss
3026 fixed
5112 xss onhold
2810 EW subscribers

Home | News | Articles | Advisories | Submit | Alerts | Links | What is XSS | About | Contact | Some Rights Reserved.