XSS Files ≈ Packet Storm

XSS Files ≈ Packet Storm Packet Storm - Information Security News, Files, Tools, Exploits, Advisories and Whitepapers http://packetstormsecurity.org/ en-us Mon, 28 May 2012 08:02:53 GMT Packet Storm 144400 http://packetstormsecurity.org/ http://www.google-analytics.com/__utm.gif?utmwv=1.3&utmn=2175832811&utmcs=ISO-8859-1&utmsr=31337x31337&utmsc=32-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=XSS%20Files%u2248%20Packet%20Storm&utmhn=packetstormsecurity.org&utmr=-&utmp=%2Ffiles%2Ftags%2Fxss%2F&utmac=UA-18885198-1&utmcc=__utma%3D32867617.2175832811.1338192173.1338192173.1338192173.1%3B%2B__utmz%3D32867617.1338192173.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none) AzDGDatingMedium 1.9.3 XSS / CSRF / SQL Injection / Directory Traversal http://packetstormsecurity.org/files/113061/azdgdatingmedium-xssxsrfexec.txt http://packetstormsecurity.org/files/113061/azdgdatingmedium-xssxsrfexec.txt http://packetstormsecurity.org/files/113061/AzDGDatingMedium-1.9.3-XSS-CSRF-SQL-Injection-Directory-Traversal.html Sun, 27 May 2012 18:48:31 GMT AzDGDatingMedium version 1.9.3 suffers from cross site request forgery, cross site scripting, php code execution, remote SQL injection, and directory traversal vulnerabilities. Secunia Security Advisory 49275 http://packetstormsecurity.org/files/113056/sa49275.txt http://packetstormsecurity.org/files/113056/sa49275.txt http://packetstormsecurity.org/files/113056/Secunia-Security-Advisory-49275.html Sat, 26 May 2012 07:07:15 GMT Secunia Security Advisory - Debian has issued an update for request-tracker3.8. This fixes multiple vulnerabilities, which can be exploited by malicious users to disclose potentially sensitive information, conduct SQL injection attacks, and bypass certain security restrictions and by malicious people to conduct cross-site scripting attacks, cross-site request forgery attacks, and compromise a vulnerable system. LogAnalyzer 3.4.2 Cross Site Scripting / SQL Injection / File Read http://packetstormsecurity.org/files/113037/CSA-12005.txt http://packetstormsecurity.org/files/113037/CSA-12005.txt http://packetstormsecurity.org/files/113037/LogAnalyzer-3.4.2-Cross-Site-Scripting-SQL-Injection-File-Read.html Fri, 25 May 2012 20:26:06 GMT LogAnalyzer version 3.4.2 suffers from cross site scripting, arbitrary file reading, and remote SQL injection vulnerabilities. Pligg CMS 1.2.1 Cross Site Scripting / Local File Inclusion http://packetstormsecurity.org/files/113036/pligg121-lfixss.txt http://packetstormsecurity.org/files/113036/pligg121-lfixss.txt http://packetstormsecurity.org/files/113036/Pligg-CMS-1.2.1-Cross-Site-Scripting-Local-File-Inclusion.html Fri, 25 May 2012 20:24:38 GMT Pligg CMS version 1.2.1 suffers from cross site scripting and local file inclusion vulnerabilities. pragmaMx 1.12.1 Cross Site Scripting http://packetstormsecurity.org/files/113035/pragmamx1121-xss.txt http://packetstormsecurity.org/files/113035/pragmamx1121-xss.txt http://packetstormsecurity.org/files/113035/pragmaMx-1.12.1-Cross-Site-Scripting.html Fri, 25 May 2012 20:19:42 GMT pragmaMx version 1.12.1 suffers from a cross site scripting vulnerability. Secunia Security Advisory 49271 http://packetstormsecurity.org/files/113028/sa49271.txt http://packetstormsecurity.org/files/113028/sa49271.txt http://packetstormsecurity.org/files/113028/Secunia-Security-Advisory-49271.html Fri, 25 May 2012 11:52:01 GMT Secunia Security Advisory - Tiago Natel de Moura has discovered multiple vulnerabilities in SocialEngine, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site scripting and request forgery attacks. Social Engine 4.2.2 Cross Site Request Forgery / Cross Site Scripting http://packetstormsecurity.org/files/113015/socialengine-xssxsrf.txt http://packetstormsecurity.org/files/113015/socialengine-xssxsrf.txt http://packetstormsecurity.org/files/113015/Social-Engine-4.2.2-Cross-Site-Request-Forgery-Cross-Site-Scripting.html Thu, 24 May 2012 15:27:22 GMT Social Engine version 4.2.2 suffers from cross site request forgery and cross site scripting vulnerabilities. Drupal Taxonomy List 6.x Cross Site Scripting http://packetstormsecurity.org/files/112996/DRUPAL-SA-CONTRIB-2012-083.txt http://packetstormsecurity.org/files/112996/DRUPAL-SA-CONTRIB-2012-083.txt http://packetstormsecurity.org/files/112996/Drupal-Taxonomy-List-6.x-Cross-Site-Scripting.html Wed, 23 May 2012 18:22:22 GMT Drupal Taxonomy List third party module version 6.x suffers from a cross site scripting vulnerability. Drupal Search API 7.x Cross Site Scripting http://packetstormsecurity.org/files/113005/DRUPAL-SA-CONTRIB-2012-084.txt http://packetstormsecurity.org/files/113005/DRUPAL-SA-CONTRIB-2012-084.txt http://packetstormsecurity.org/files/113005/Drupal-Search-API-7.x-Cross-Site-Scripting.html Wed, 23 May 2012 13:55:33 GMT Drupal Search API third party module version 7.x suffers from a cross site scripting vulnerability. Secunia Security Advisory 49235 http://packetstormsecurity.org/files/112999/sa49235.txt http://packetstormsecurity.org/files/112999/sa49235.txt http://packetstormsecurity.org/files/112999/Secunia-Security-Advisory-49235.html Wed, 23 May 2012 06:39:53 GMT Secunia Security Advisory - Multiple vulnerabilities have been discovered in RuubikCMS, which can be exploited by malicious users to disclose potentially sensitive information and by malicious people to conduct cross-site scripting attacks. Secunia Security Advisory 49280 http://packetstormsecurity.org/files/112985/sa49280.txt http://packetstormsecurity.org/files/112985/sa49280.txt http://packetstormsecurity.org/files/112985/Secunia-Security-Advisory-49280.html Wed, 23 May 2012 06:21:08 GMT Secunia Security Advisory - High-Tech Bridge SA has discovered a vulnerability in pragmaMx, which can be exploited by malicious people to conduct cross-site scripting attacks. Secunia Security Advisory 49259 http://packetstormsecurity.org/files/112984/sa49259.txt http://packetstormsecurity.org/files/112984/sa49259.txt http://packetstormsecurity.org/files/112984/Secunia-Security-Advisory-49259.html Wed, 23 May 2012 06:21:05 GMT Secunia Security Advisory - Multiple vulnerabilities have been reported in RT, which can be exploited by malicious users to disclose potentially sensitive information, conduct SQL injection attacks, and bypass certain security restrictions and by malicious people to conduct cross-site scripting attacks, cross-site request forgery attacks, and compromise a vulnerable system. Secunia Security Advisory 49257 http://packetstormsecurity.org/files/112981/sa49257.txt http://packetstormsecurity.org/files/112981/sa49257.txt http://packetstormsecurity.org/files/112981/Secunia-Security-Advisory-49257.html Wed, 23 May 2012 06:20:57 GMT Secunia Security Advisory - High-Tech Bridge SA has discovered multiple vulnerabilities in Pligg CMS, which can be exploited by malicious people to conduct cross-site scripting attacks. Secunia Security Advisory 49242 http://packetstormsecurity.org/files/112978/sa49242.txt http://packetstormsecurity.org/files/112978/sa49242.txt http://packetstormsecurity.org/files/112978/Secunia-Security-Advisory-49242.html Wed, 23 May 2012 06:20:47 GMT Secunia Security Advisory - High-Tech Bridge SA has discovered a vulnerability in pragmaMx, which can be exploited by malicious people to conduct cross-site scripting attacks. Secunia Security Advisory 49223 http://packetstormsecurity.org/files/112974/sa49223.txt http://packetstormsecurity.org/files/112974/sa49223.txt http://packetstormsecurity.org/files/112974/Secunia-Security-Advisory-49223.html Wed, 23 May 2012 06:20:34 GMT Secunia Security Advisory - Codseq has discovered multiple vulnerabilities in Adiscon LogAnalyzer, which can be exploited by malicious users to conduct SQL injection attacks and by malicious people to conduct cross-site scripting attacks. RuubikCMS 1.1.0 Beta XSS / Disclosure / Directory Traversal http://packetstormsecurity.org/files/112969/ruubik111-xssdisclosetraversal.txt http://packetstormsecurity.org/files/112969/ruubik111-xssdisclosetraversal.txt http://packetstormsecurity.org/files/112969/RuubikCMS-1.1.0-Beta-XSS-Disclosure-Directory-Traversal.html Wed, 23 May 2012 02:50:41 GMT RuubikCMS version 1.1.0 Beta suffers from cross site scripting, information disclosure, and directory traversal vulnerabilities. Yandex.Server 2010 9.0 Enterprise Cross Site Scripting http://packetstormsecurity.org/files/112945/yandex-xss.txt http://packetstormsecurity.org/files/112945/yandex-xss.txt http://packetstormsecurity.org/files/112945/Yandex.Server-2010-9.0-Enterprise-Cross-Site-Scripting.html Tue, 22 May 2012 03:38:00 GMT Yandex.Server version 2010 9.0 Enterprise suffers from a cross site scripting vulnerability. phAlbum PHP Gallery Script Cross Site Scripting http://packetstormsecurity.org/files/112949/phalbumpgs-xss.txt http://packetstormsecurity.org/files/112949/phalbumpgs-xss.txt http://packetstormsecurity.org/files/112949/phAlbum-PHP-Gallery-Script-Cross-Site-Scripting.html Mon, 21 May 2012 11:10:11 GMT phAlbum PHP Gallery Script suffers from a cross site scripting vulnerability. Secunia Security Advisory 49129 http://packetstormsecurity.org/files/112897/sa49129.txt http://packetstormsecurity.org/files/112897/sa49129.txt http://packetstormsecurity.org/files/112897/Secunia-Security-Advisory-49129.html Mon, 21 May 2012 04:17:59 GMT Secunia Security Advisory - A security issue and two vulnerabilities have been reported in Elgg, which can be exploited by malicious users to bypass certain security restrictions and by malicious people to bypass certain security restrictions and conduct cross-site scripting attacks. Secunia Security Advisory 46365 http://packetstormsecurity.org/files/112895/sa46365.txt http://packetstormsecurity.org/files/112895/sa46365.txt http://packetstormsecurity.org/files/112895/Secunia-Security-Advisory-46365.html Mon, 21 May 2012 04:17:53 GMT Secunia Security Advisory - Secunia Research has discovered two vulnerabilities in the JCE component for Joomla!, which can be exploited by malicious users to bypass certain security restrictions and by malicious people to conduct cross-site scripting attacks. Secunia Security Advisory 45431 http://packetstormsecurity.org/files/112892/sa45431.txt http://packetstormsecurity.org/files/112892/sa45431.txt http://packetstormsecurity.org/files/112892/Secunia-Security-Advisory-45431.html Mon, 21 May 2012 04:17:43 GMT Secunia Security Advisory - Multiple vulnerabilities have been reported in Pligg CMS, which can be exploited by malicious users to conduct SQL injection attacks and by malicious people to conduct cross-site scripting and SQL injection attacks. Secunia Security Advisory 49233 http://packetstormsecurity.org/files/112889/sa49233.txt http://packetstormsecurity.org/files/112889/sa49233.txt http://packetstormsecurity.org/files/112889/Secunia-Security-Advisory-49233.html Mon, 21 May 2012 04:17:35 GMT Secunia Security Advisory - Multiple vulnerabilities have been reported in Moodle, which can be exploited by malicious users to disclose sensitive information, bypass certain security restrictions, conduct script insertion attacks, and conduct SQL injection attacks and by malicious people to conduct cross-site scripting attacks. AZ Photo Album Script Cross Site Scripting http://packetstormsecurity.org/files/112944/azphotoalbum-xss.txt http://packetstormsecurity.org/files/112944/azphotoalbum-xss.txt http://packetstormsecurity.org/files/112944/AZ-Photo-Album-Script-Cross-Site-Scripting.html Sun, 20 May 2012 15:22:22 GMT AZ Photo Album Script suffers from a cross site scripting vulnerability. CHICCO SnoopyClub Cross Site Scripting / SQL Injection http://packetstormsecurity.org/files/112924/chiccosnoopyclub-sqlxss.txt http://packetstormsecurity.org/files/112924/chiccosnoopyclub-sqlxss.txt http://packetstormsecurity.org/files/112924/CHICCO-SnoopyClub-Cross-Site-Scripting-SQL-Injection.html Sun, 20 May 2012 15:22:11 GMT CHICCO SnoopyClub suffers from cross site scripting and remote SQL injection vulnerabilities. Vanilla FirstLastNames 1.3.2 Cross Site Scripting http://packetstormsecurity.org/files/112915/vanillafln-xss.txt http://packetstormsecurity.org/files/112915/vanillafln-xss.txt http://packetstormsecurity.org/files/112915/Vanilla-FirstLastNames-1.3.2-Cross-Site-Scripting.html Sat, 19 May 2012 18:22:22 GMT Vanilla FirstLastNames plugin version 1.3.2 suffers from a persistent cross site scripting vulnerability.