Updated 09_24_2014
This commit is contained in:
parent
20e5929d70
commit
2cc98e5da6
17 changed files with 140 additions and 0 deletions
16
files.csv
16
files.csv
|
@ -31262,3 +31262,19 @@ id,file,description,date,author,platform,type,port
|
|||
34721,platforms/php/webapps/34721.txt,"Livefyre LiveComments Plugin - Stored XSS",2014-09-20,"Brij Kishore Mishra",php,webapps,0
|
||||
34722,platforms/php/webapps/34722.txt,"ClassApps SelectSurvey.net - Multiple SQL Injection Vulnerabilities",2014-09-20,BillV-Lists,php,webapps,0
|
||||
34729,platforms/windows/dos/34729.py,"Seafile-server <= 3.1.5 - Remote DoS",2014-09-20,"nop nop",windows,dos,0
|
||||
34730,platforms/php/webapps/34730.txt,"DragDropCart assets/js/ddcart.php sid Parameter XSS",2009-07-20,Moudi,php,webapps,0
|
||||
34731,platforms/php/webapps/34731.txt,"DragDropCart includes/ajax/getstate.php prefix Parameter XSS",2009-07-20,Moudi,php,webapps,0
|
||||
34732,platforms/php/webapps/34732.txt,"DragDropCart index.php search Parameter XSS",2009-07-20,Moudi,php,webapps,0
|
||||
34733,platforms/php/webapps/34733.txt,"DragDropCart search.php search Parameter XSS",2009-07-20,Moudi,php,webapps,0
|
||||
34734,platforms/php/webapps/34734.txt,"DragDropCart login.php redirect Parameter XSS",2009-07-20,Moudi,php,webapps,0
|
||||
34735,platforms/php/webapps/34735.txt,"DragDropCart productdetail.php product Parameter XSS",2009-07-20,Moudi,php,webapps,0
|
||||
34736,platforms/php/webapps/34736.txt,"EZArticles 'articles.php' Cross Site Scripting Vulnerability",2009-08-20,Moudi,php,webapps,0
|
||||
34737,platforms/php/webapps/34737.txt,"EZodiak \'index.php\' Cross Site Scripting Vulnerability",2009-07-20,Moudi,php,webapps,0
|
||||
34738,platforms/php/webapps/34738.txt,"GejoSoft Image Hosting Community Cross Site Scripting Vulnerability",2009-07-20,Moudi,php,webapps,0
|
||||
34740,platforms/php/webapps/34740.txt,"MyWeight 1.0 user_addfood.php date Parameter XSS",2009-07-20,Moudi,php,webapps,0
|
||||
34741,platforms/php/webapps/34741.txt,"MyWeight 1.0 user_forgot_pwd_form.php info Parameter XSS",2009-07-20,Moudi,php,webapps,0
|
||||
34742,platforms/php/webapps/34742.txt,"MyWeight 1.0 user_login.php Multiple Parameter XSS",2009-07-20,Moudi,php,webapps,0
|
||||
34743,platforms/php/webapps/34743.txt,"Proxy List Script 'index.php' Cross Site Scripting Vulnerability",2009-07-20,Moudi,php,webapps,0
|
||||
34744,platforms/php/webapps/34744.txt,"YourFreeWorld Ultra Classifieds listads.php Multiple Parameter XSS",2009-07-20,Moudi,php,webapps,0
|
||||
34745,platforms/php/webapps/34745.txt,"YourFreeWorld Ultra Classifieds subclass.php cname Parameter XSS",2009-07-20,Moudi,php,webapps,0
|
||||
34746,platforms/php/webapps/34746.txt,"Web TV 'chn' Parameter Cross Site Scripting Vulnerability",2009-07-20,Moudi,php,webapps,0
|
||||
|
|
Can't render this file because it is too large.
|
7
platforms/php/webapps/34730.txt
Executable file
7
platforms/php/webapps/34730.txt
Executable file
|
@ -0,0 +1,7 @@
|
|||
source: http://www.securityfocus.com/bid/43478/info
|
||||
|
||||
DragDropCart is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data.
|
||||
|
||||
An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
|
||||
|
||||
http://www.example.com/demo/assets/js/ddcart.php?sid=1<script>alert(649442730777)</script>
|
7
platforms/php/webapps/34731.txt
Executable file
7
platforms/php/webapps/34731.txt
Executable file
|
@ -0,0 +1,7 @@
|
|||
source: http://www.securityfocus.com/bid/43478/info
|
||||
|
||||
DragDropCart is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data.
|
||||
|
||||
An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
|
||||
|
||||
http://www.example.com/demo/includes/ajax/getstate.php?country=1&prefix=1>"><ScRiPt %0A%0D>alert(712244301211)%3B</ScRiPt>
|
7
platforms/php/webapps/34732.txt
Executable file
7
platforms/php/webapps/34732.txt
Executable file
|
@ -0,0 +1,7 @@
|
|||
source: http://www.securityfocus.com/bid/43478/info
|
||||
|
||||
DragDropCart is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data.
|
||||
|
||||
An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
|
||||
|
||||
http://www.example.com/demo/index.php?page=1&search=1>"><ScRiPt %0A%0D>alert(312759321896)%3B</ScRiPt>
|
7
platforms/php/webapps/34733.txt
Executable file
7
platforms/php/webapps/34733.txt
Executable file
|
@ -0,0 +1,7 @@
|
|||
source: http://www.securityfocus.com/bid/43478/info
|
||||
|
||||
DragDropCart is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data.
|
||||
|
||||
An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
|
||||
|
||||
http://www.example.com/demo/search.php?search=1<script>alert(308229169208)</script>
|
7
platforms/php/webapps/34734.txt
Executable file
7
platforms/php/webapps/34734.txt
Executable file
|
@ -0,0 +1,7 @@
|
|||
source: http://www.securityfocus.com/bid/43478/info
|
||||
|
||||
DragDropCart is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data.
|
||||
|
||||
An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
|
||||
|
||||
http://www.example.com/demo/login.php?redirect=1>"><ScRiPt %0A%0D>alert(381490124289)%3B</ScRiPt>
|
7
platforms/php/webapps/34735.txt
Executable file
7
platforms/php/webapps/34735.txt
Executable file
|
@ -0,0 +1,7 @@
|
|||
source: http://www.securityfocus.com/bid/43478/info
|
||||
|
||||
DragDropCart is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data.
|
||||
|
||||
An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
|
||||
|
||||
http://www.example.com/demo/productdetail.php?product=1>"><ScRiPt %0A%0D>alert(387540356725)%3B</ScRiPt>
|
7
platforms/php/webapps/34736.txt
Executable file
7
platforms/php/webapps/34736.txt
Executable file
|
@ -0,0 +1,7 @@
|
|||
source: http://www.securityfocus.com/bid/43483/info
|
||||
|
||||
EZArticles is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input.
|
||||
|
||||
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
|
||||
|
||||
http://www.example.com/ezarticles/articles_1/articles.php?id=6&title=1<script>alert(309558774901)</script>
|
7
platforms/php/webapps/34737.txt
Executable file
7
platforms/php/webapps/34737.txt
Executable file
|
@ -0,0 +1,7 @@
|
|||
source: http://www.securityfocus.com/bid/43485/info
|
||||
|
||||
EZodiak is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input.
|
||||
|
||||
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
|
||||
|
||||
http://www.example.com/ezarticles/ezodiak/index.php?sign=1>"><ScRiPt %0A%0D>alert(309408771751)%3B</ScRiPt>&date=20090717
|
7
platforms/php/webapps/34738.txt
Executable file
7
platforms/php/webapps/34738.txt
Executable file
|
@ -0,0 +1,7 @@
|
|||
source: http://www.securityfocus.com/bid/43486/info
|
||||
|
||||
GejoSoft Image Hosting Community is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input.
|
||||
|
||||
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
|
||||
|
||||
http://www.example.com/photos/tags/1<body+onload=alert(323052257059)>2009-07-20
|
9
platforms/php/webapps/34740.txt
Executable file
9
platforms/php/webapps/34740.txt
Executable file
|
@ -0,0 +1,9 @@
|
|||
source: http://www.securityfocus.com/bid/43488/info
|
||||
|
||||
MyWeight is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data.
|
||||
|
||||
An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
|
||||
|
||||
phplemon MyWeight 1.0 is vulnerable; others versions may be affected.
|
||||
|
||||
http://www.example.com/user_addfood.php?date=1>"><ScRiPt %0A%0D>alert(316624303488)%3B</ScRiPt>
|
9
platforms/php/webapps/34741.txt
Executable file
9
platforms/php/webapps/34741.txt
Executable file
|
@ -0,0 +1,9 @@
|
|||
source: http://www.securityfocus.com/bid/43488/info
|
||||
|
||||
MyWeight is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data.
|
||||
|
||||
An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
|
||||
|
||||
phplemon MyWeight 1.0 is vulnerable; others versions may be affected.
|
||||
|
||||
http://www.example.com/user_forgot_pwd_form.php?info=1<script>alert(394944650346)</script>
|
11
platforms/php/webapps/34742.txt
Executable file
11
platforms/php/webapps/34742.txt
Executable file
|
@ -0,0 +1,11 @@
|
|||
source: http://www.securityfocus.com/bid/43488/info
|
||||
|
||||
MyWeight is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data.
|
||||
|
||||
An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
|
||||
|
||||
phplemon MyWeight 1.0 is vulnerable; others versions may be affected.
|
||||
|
||||
http://www.example.com/user_login.php?info=1<script>alert(311454197400)</script>
|
||||
http://www.example.com/user_login.php?info=7&return=1>\"><ScRiPt+%0A%0D>alert(390214587228)%3B<%2FScRiPt>
|
||||
|
7
platforms/php/webapps/34743.txt
Executable file
7
platforms/php/webapps/34743.txt
Executable file
|
@ -0,0 +1,7 @@
|
|||
source: http://www.securityfocus.com/bid/43489/info
|
||||
|
||||
Proxy List Script is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input.
|
||||
|
||||
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
|
||||
|
||||
http://www.example.com/proxysite/index.php?act=whois&ip=1>"><ScRiPt %0A%0D>alert(319788800356)%3B</ScRiPt>
|
9
platforms/php/webapps/34744.txt
Executable file
9
platforms/php/webapps/34744.txt
Executable file
|
@ -0,0 +1,9 @@
|
|||
source: www.securityfocus.com/bid/43490/info
|
||||
|
||||
Ultra Classifieds is prone to multiple cross-site scripting vulnerabilities because the software fails to sufficiently sanitize user-supplied input
|
||||
|
||||
An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
|
||||
|
||||
Ultra Classifieds Pro is vulnerable; other versions may also be affected.
|
||||
|
||||
http://www.example.com/ultraclassifieds/listads.php?c=69&cn=apartments&sn=1>"><ScRiPt %0A%0D>alert(317944247288)%3B</ScRiPt>
|
9
platforms/php/webapps/34745.txt
Executable file
9
platforms/php/webapps/34745.txt
Executable file
|
@ -0,0 +1,9 @@
|
|||
source: www.securityfocus.com/bid/43490/info
|
||||
|
||||
Ultra Classifieds is prone to multiple cross-site scripting vulnerabilities because the software fails to sufficiently sanitize user-supplied input
|
||||
|
||||
An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
|
||||
|
||||
Ultra Classifieds Pro is vulnerable; other versions may also be affected.
|
||||
|
||||
http://www.example.com/ultraclassifieds/subclass.php?c=18&cname=1<script>alert(308954043099)</script>
|
7
platforms/php/webapps/34746.txt
Executable file
7
platforms/php/webapps/34746.txt
Executable file
|
@ -0,0 +1,7 @@
|
|||
source: http://www.securityfocus.com/bid/43494/info
|
||||
|
||||
Web TV is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input.
|
||||
|
||||
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
|
||||
|
||||
http://www.example.com/web_tv_v3/?chn=1<script>alert(308238444762)</script>
|
Loading…
Add table
Reference in a new issue