STG Security Advisory: [SSA-20041220-16] PHP source injection and cross-site scripting vulnerabilities in ZeroBoard

Grok Headline matches for STG Security Advisory: [SSA-20041220-16] PHP source injection and cross-site scripting vulnerabilities in ZeroBoard

Vulns: TurboTrafficTrader C Multiple
Cross-Site Scripting and HTML Injection
Vulnerabilities

Vulns: TurboTrafficTrader C Multiple
Cross-Site Scripting and HTML Injection
Vulnerabilities 05/20/2004 05:40 PM
SecurityFocus May 20 2004 8:47PM GMT

OpenCA Security Advisory: Cross Site
Scripting vulnerability

OpenCA Security Advisory: Cross Site
Scripting vulnerability 09/06/2004 12:18 PM
Martin Bartosch (Sep 06 2004)

osCommerce SQL Injection && DoS && Cross
Site Scripting

osCommerce SQL Injection && DoS && Cross
Site Scripting 12/22/2003 05:21 PM
JeiAr (Dec 22 2003)

[SNS Advisory No.73] Usermin Cross-site
Scripting Vulnerability

[SNS Advisory No.73] Usermin Cross-site
Scripting Vulnerability 06/21/2004 07:33 AM
snsadv (Jun 11 2004)

Multiple Cross Site Scripting
Vulnerabilities in eGroupWare

Multiple Cross Site Scripting
Vulnerabilities in eGroupWare 08/23/2004 12:19 PM
Joxean Koret (Aug 21 2004)

Cross Site Scripting Vulnerabilities and
Possible Code Execution in SugarCRM

Cross Site Scripting Vulnerabilities and
Possible Code Execution in SugarCRM 01/01/2005 08:48 PM
Joxean Koret (Jan 01 2005)

PhpBB HTTP Response Splitting & Cross
Site Scripting vulnerabilities

PhpBB HTTP Response Splitting & Cross
Site Scripting vulnerabilities 07/20/2004 01:04 PM
Ory Segal (Jul 19 2004)

KDE Security Advisory: Konqueror
Cross-Domain Cookie Injection

KDE Security Advisory: Konqueror
Cross-Domain Cookie Injection 08/23/2004 12:19 PM
Waldo Bastian (Aug 23 2004)

[SM-ANNOUNCE] Patch fixes SquirrelMail
cross site scripting vulnerabilities
[CAN-2005-1769]

[SM-ANNOUNCE] Patch fixes SquirrelMail
cross site scripting vulnerabilities
[CAN-2005-1769] 06/17/2005 04:53 PM
Posted by Jonathan Angliss, Thursday, 16 June

MDKSA-2004:013 - Updated mailman
packages close various cross-site
scripting vulnerabilities.

MDKSA-2004:013 - Updated mailman
packages close various cross-site
scripting vulnerabilities. 02/13/2004 07:47 PM
Mandrake Linux Security Team (Feb 13 2004)

[AppSecInc Team SHATTER Security
Advisory] Multiple SQL Injection
vulnerabilities in DBMS_METADATA package

[AppSecInc Team SHATTER Security
Advisory] Multiple SQL Injection
vulnerabilities in DBMS_METADATA package 04/18/2005 06:59 PM
Posted by Team SHATTER, Apr 18 2005

[AppSecInc Team SHATTER Security
Advisory] Multiple SQL Injection
vulnerabilities in DBMS_CDC_SUBSCRIBE
and DBMS_CDC_ISUBSCRIBE packages

[AppSecInc Team SHATTER Security
Advisory] Multiple SQL Injection
vulnerabilities in DBMS_CDC_SUBSCRIBE
and DBMS_CDC_ISUBSCRIBE packages 04/18/2005 06:59 PM
Posted by Team SHATTER, Apr 18 2005

[SECURITY] [DSA 533-1] New courier
packages fix cross-site scripting
vulnerability

[SECURITY] [DSA 533-1] New courier
packages fix cross-site scripting
vulnerability 07/23/2004 12:51 PM
Matt Zimmerman (Jul 22 2004)

[SECURITY] [DSA 627-1] New namazu2
packages fix cross-site scripting
vulnerability

[SECURITY] [DSA 627-1] New namazu2
packages fix cross-site scripting
vulnerability 01/06/2005 03:07 PM
Martin Schulze (Jan 06 2005)

[SECURITY] [DSA 700-1] New mailreader
packages fix cross-site scripting
vulnerability

[SECURITY] [DSA 700-1] New mailreader
packages fix cross-site scripting
vulnerability 03/30/2005 05:16 PM
Martin Schulze (Mar 30 2005)

ZH2004-07SA (security advisory):
Multiple Sql injection vulnerabilities
in Online Store Kit 3.0 Products (Lite -
Standard and Pro)

ZH2004-07SA (security advisory):
Multiple Sql injection vulnerabilities
in Online Store Kit 3.0 Products (Lite -
Standard and Pro) 02/18/2004 12:11 PM
ZetaLabs (Feb 17 2004)

@(#)Mordred Security Labs - RSA
ClearTrust Cross Site Scripting issues

@(#)Mordred Security Labs - RSA
ClearTrust Cross Site Scripting issues 03/15/2003 03:51 PM
sir.mordred_at_hushmail.com (Mar 14 2003)

Trusted Site Cross Site Scripting
Elevation of Privilege in Musicmatch

Trusted Site Cross Site Scripting
Elevation of Privilege in Musicmatch 04/14/2005 10:14 PM
Posted by Hyperdose Security, Apr 14 2005

The Cross Site Scripting FAQ

The Cross Site Scripting FAQ 06/06/2002 06:01 AM
Websites today are more complex than ever, containing a lot of dynamic content making the experience for the user more enjoyable. Dynamic content is achieved through the use of web applications which can deliver different output to a user depending on their settings and needs.

Dynamic websites have a threat that static websites don't, called "Cross Site Scripting" (or XSS dubbed by other security professionals). Currently small informational tidbits about Cross Site Scripting holes exist but none really explain them to an average person or administrator. This FAQ was written to provide a better understanding of this emerging threat, and to give guidance on detection and prevention.

"tri" Link thx to http://phpdeveloper.org/

"zeldman.b3"

Cross Site Scripting in VP-ASP

Cross Site Scripting in VP-ASP 12/05/2003 01:53 PM
Xnuxer Research Laboratory (Dec 05 2003)

Cross Site Scripting in Moodle < 1.3

Cross Site Scripting in Moodle < 1.3 04/30/2004 03:07 PM
Bartek Nowotarski (Apr 30 2004)

Cross-Site Scripting CuteNews

Cross-Site Scripting CuteNews 06/28/2004 01:06 PM
DarkBicho (Jun 27 2004)

Re: Cross-Site Scripting (XSS) in
Php-Nuke 7.1.0

Re: Cross-Site Scripting (XSS) in
Php-Nuke 7.1.0 08/20/2004 06:34 AM
Anthony Petito (Aug 18 2004)

PostCalendar Cross-Site Scripting

PostCalendar Cross-Site Scripting 05/24/2002 11:27 AM

WoltLab BB Cross-Site Scripting

WoltLab BB Cross-Site Scripting 05/24/2002 11:27 AM

phpMyDirectory 10.1.3-rel Cross site
scripting

phpMyDirectory 10.1.3-rel Cross site
scripting 03/25/2005 03:01 PM
mircia mircia (Mar 25 2005)

Re: Mailman: cross-site scripting bug

Re: Mailman: cross-site scripting bug 01/01/2004 04:31 AM
Axel Beckert - ecos gmbh (Jan 27 2003)

mcNews Cross-Site Scripting

mcNews Cross-Site Scripting 05/29/2002 02:26 PM

php(Reactor) Cross-Site Scripting

php(Reactor) Cross-Site Scripting 06/10/2002 10:25 AM

PHP Classifieds Cross-site Scripting

PHP Classifieds Cross-site Scripting 06/19/2002 08:56 AM

[bWM#017] Cross-Site-Scripting @ PHPKIT

[bWM#017] Cross-Site-Scripting @ PHPKIT 11/06/2003 01:30 PM
ben moeckel (Nov 05 2003)

phpBB Cross-Site Scripting

phpBB Cross-Site Scripting 06/03/2002 12:05 PM

php(Reactor) Cross-Site Scripting

php(Reactor) Cross-Site Scripting 06/10/2002 10:25 AM

Cross-Site Scripting (XSS) in Php-Nuke
7.1.0

Cross-Site Scripting (XSS) in Php-Nuke
7.1.0 08/17/2004 07:27 PM
Abu Lafy (Aug 17 2004)

Cross-Site Scripting and PHP Babes

Cross-Site Scripting and PHP Babes 06/05/2002 07:44 AM

Cross-site scripting vulnerability in
SARA v<=4.2.7

Cross-site scripting vulnerability in
SARA v<=4.2.7 12/17/2003 04:56 PM
Thomas M. Payerle (Dec 17 2003)

Kayako eSupport Cross Site Scripting

Kayako eSupport Cross Site Scripting 03/22/2005 05:13 PM
GulfTech Security Research (Mar 22 2005)

Cross-Site Scripting (XSS) in Nihuo Web
Log Analyzer

Cross-Site Scripting (XSS) in Nihuo Web
Log Analyzer 08/20/2004 11:38 PM
Audun Larsen (Aug 20 2004)

WebcamXP v1.06.945 Cross Site Scripting
Vulnerabillity

WebcamXP v1.06.945 Cross Site Scripting
Vulnerabillity 01/22/2004 02:58 AM
Rafel Ivgi, The-Insider (Jan 20 2004)
Grok Description matches for STG Security Advisory: [SSA-20041220-16] PHP source injection and cross-site scripting vulnerabilities in ZeroBoard
GrokA matches for STG Security Advisory: [SSA-20041220-16] PHP source injection and cross-site scripting vulnerabilities in ZeroBoard

STG Security Advisory: [SSA-20041220-16] PHP source injection and cross-site scripting vulnerabilities in ZeroBoard

The following phrases have been identified by the grok system as matching this entry: