|
 |
| SecurityReason | ||
| WLB | ||
| RSS | ||
| Corporate | ||
| Services | ||
| Note | ||
If you have found a vulnerability, please send to our SecurityAlert Database : |
||
| Details : SecurityAlert | ||||
 SecurityAlert : 118 CVE : CVE-2005-3367 SecurityRisk : Low  (About) Remote Exploit : No Local Exploit : Yes Exploit Given : Yes Credit : sikikmail gmail com Published : 26.10.2005
Advisory Text : SparkleBlog is prone to HTMl injection attacks. It is possible for a malicious SparkleBlog user to inject hostile HTML script code into the commentary via form fields. This code may be rendered in the browser of a web user who views the commentary of SparkleBlog. SparkleBlog does not adequately filter HTMl tags from various fields. This may enable an attacker to inject arbitrary script code into pages that are generated by SparkleBlog example: put <script>alert('test')</script> in the "name:" tag in http://localhost/journal.php?id=1 SparkleBlog home page: http://www.creamed-coconut.org/ Feedback : If you have additional information or notice any errors regarding this security advisory, please use contact form or email us at info()securityreason()com. |
||||
| Alert | ||
Microsoft VISTA TCP/IP stack buffer overflow
Microsoft Device IO Control wrapped by the iphlpapi.dll API shipping with Windows Vista 32 bit and 64 bit contains a possibly exploitable, buffer overflow corrupting kernel memory. |
||
| Apache |  |
|
» Apache Tomcat <= |
||
| PHP | |
|
- 2008-11-27| Copyright © SecurityReason. All Rights Reserved. |