Trusted Site Cross Site Scripting Elevation of Privilege in Musicmatch
Grok Headline matches for Trusted Site Cross Site Scripting Elevation of Privilege in Musicmatch
The Cross Site Scripting FAQ
The Cross Site Scripting FAQ
06/06/2002 06:01 AMWebsites today are more complex than ever, containing a lot of dynamic
content making the
experience for the user more enjoyable. Dynamic content is achieved
through the use of web
applications which can deliver different output to a user depending on
their settings and needs.
Dynamic websites have a threat that static websites don't, called
"Cross Site Scripting" (or XSS
dubbed by other security professionals). Currently small informational
tidbits about Cross Site
Scripting holes exist but none really explain them to an average
person or administrator. This
FAQ was written to provide a better understanding of this emerging
threat, and to give guidance
on detection and prevention.
"tri" Link thx to http://phpdeveloper.org/
"zeldman.b3"
Cross Site Scripting in VP-ASP
Cross Site Scripting in VP-ASP
12/05/2003 01:53 PMXnuxer Research Laboratory (Dec 05 2003)
Re: Mailman: cross-site scripting bug
Re: Mailman: cross-site scripting bug
01/01/2004 04:31 AMAxel Beckert - ecos gmbh (Jan 27 2003)
PHP Classifieds Cross-site Scripting
PHP Classifieds Cross-site Scripting
06/19/2002 08:56 AMCross-Site Scripting CuteNews
Cross-Site Scripting CuteNews
06/28/2004 01:06 PMDarkBicho (Jun 27 2004)
phpMyDirectory 10.1.3-rel Cross site
scripting
phpMyDirectory 10.1.3-rel Cross site
scripting
03/25/2005 03:01 PMmircia mircia (Mar 25 2005)
Re: Cross-Site Scripting (XSS) in
Php-Nuke 7.1.0
Re: Cross-Site Scripting (XSS) in
Php-Nuke 7.1.0
08/20/2004 06:34 AMAnthony Petito (Aug 18 2004)
php(Reactor) Cross-Site Scripting
php(Reactor) Cross-Site Scripting
06/10/2002 10:25 AMphp(Reactor) Cross-Site Scripting
php(Reactor) Cross-Site Scripting
06/10/2002 10:25 AMCross-Site Scripting (XSS) in Php-Nuke
7.1.0
Cross-Site Scripting (XSS) in Php-Nuke
7.1.0
08/17/2004 07:27 PMAbu Lafy (Aug 17 2004)
WoltLab BB Cross-Site Scripting
WoltLab BB Cross-Site Scripting
05/24/2002 11:27 AMPostCalendar Cross-Site Scripting
PostCalendar Cross-Site Scripting
05/24/2002 11:27 AMmcNews Cross-Site Scripting
mcNews Cross-Site Scripting
05/29/2002 02:26 PMphpBB Cross-Site Scripting
phpBB Cross-Site Scripting
06/03/2002 12:05 PMCross Site Scripting in Moodle < 1.3
Cross Site Scripting in Moodle < 1.3
04/30/2004 03:07 PMBartek Nowotarski (Apr 30 2004)
Cross-Site Scripting and PHP Babes
Cross-Site Scripting and PHP Babes
06/05/2002 07:44 AM[bWM#017] Cross-Site-Scripting @ PHPKIT
[bWM#017] Cross-Site-Scripting @ PHPKIT
11/06/2003 01:30 PMben moeckel (Nov 05 2003)
WebcamXP v1.06.945 Cross Site Scripting
Vulnerabillity
WebcamXP v1.06.945 Cross Site Scripting
Vulnerabillity
01/22/2004 02:58 AMRafel Ivgi, The-Insider (Jan 20 2004)
WebCT: Cross Site Scripting
Vulnerability
WebCT: Cross Site Scripting
Vulnerability
05/17/2004 01:39 PMspiffomatic 64 (May 16 2004)
Gallery v1.3.3 Cross Site Scripting
Vulnerabillity
Gallery v1.3.3 Cross Site Scripting
Vulnerabillity
12/30/2003 02:58 PMThe-Insider (Dec 30 2003)
Geeklog Web Portal Cross-Site Scripting
Geeklog Web Portal Cross-Site Scripting
06/13/2002 08:59 AMCross-site scripting vulnerability in
SARA v<=4.2.7
Cross-site scripting vulnerability in
SARA v<=4.2.7
12/17/2003 04:56 PMThomas M. Payerle (Dec 17 2003)
osCommerce SQL Injection && DoS && Cross
Site Scripting
osCommerce SQL Injection && DoS && Cross
Site Scripting
12/22/2003 05:21 PMJeiAr (Dec 22 2003)
DevShed: A Quick Look at Cross Site
Scripting
DevShed: A Quick Look at Cross Site
Scripting
01/04/2005 11:24 AMSomething that's becoming more and more of an issue with the web today
is a scary little thing called "cross-site scripting". It is an,
unfortunately, all too simple way for someone to figure out how to
bypass certain restrictions on your site. Fortunately,
DevShed has
a new article that covers this topic and provides some
helpful hints on how to protect you and your data.
Zaep AntiSpam Cross Site Scripting
Zaep AntiSpam Cross Site Scripting
04/19/2004 07:07 PMAviram Jenik (Apr 19 2004)
Re: Hotmail Cross Site Scripting
Vulnerability
Re: Hotmail Cross Site Scripting
Vulnerability
07/17/2004 01:07 PMGreyMagic Security (Jul 17 2004)
Hotmail Cross Site Scripting
Vulnerability
Hotmail Cross Site Scripting
Vulnerability
07/17/2004 08:20 AMPaul (Jul 15 2004)
Liferay Cross Site Scripting Flaw
Liferay Cross Site Scripting Flaw
05/22/2004 07:59 PMGiri, Sandeep (May 22 2004)
Cross Site Scripting Vulnerability in
Sympa
Cross Site Scripting Vulnerability in
Sympa
08/21/2004 06:57 PMJose Antonio (Aug 20 2004)
Cross-Site Scripting (XSS) in Nihuo Web
Log Analyzer
Cross-Site Scripting (XSS) in Nihuo Web
Log Analyzer
08/20/2004 11:38 PMAudun Larsen (Aug 20 2004)
Re: Cross-site scripting vulnerability
in SARA v<=4.2.7
Re: Cross-site scripting vulnerability
in SARA v<=4.2.7
12/18/2003 03:29 PMtoddr_at_arc.com (Dec 17 2003)
Kayako eSupport Cross Site Scripting
Kayako eSupport Cross Site Scripting
03/22/2005 05:13 PMGulfTech Security Research (Mar 22 2005)
Re: Gallery v1.3.3 Cross Site Scripting
Vulnerabillity
Re: Gallery v1.3.3 Cross Site Scripting
Vulnerabillity
12/30/2003 07:37 PMBharat Mediratta (Dec 30 2003)
NOCC Webmail Cross-Site Scripting
NOCC Webmail Cross-Site Scripting
05/24/2002 11:27 AMphpMyAdmin Cross-site Scripting
Vulnerability
phpMyAdmin Cross-site Scripting
Vulnerability
04/05/2005 01:35 AMOriol Torrent Santiago
Simple Yahoo! Mail Cross-Site Scripting
(GM#006-MC)
Simple Yahoo! Mail Cross-Site Scripting
(GM#006-MC)
06/03/2004 12:02 PMGreyMagic Software (Jun 03 2004)
[SNS Advisory No.73] Usermin Cross-site
Scripting Vulnerability
[SNS Advisory No.73] Usermin Cross-site
Scripting Vulnerability
06/21/2004 07:33 AMsnsadv (Jun 11 2004)
e107 web portal user.php XSS (Cross Site
Scripting)
e107 web portal user.php XSS (Cross Site
Scripting)
05/24/2004 12:35 PMChris Norton (May 22 2004)
IRM 008: Citrix Metaframe XP is
vulnerable to Cross Site Scripting
IRM 008: Citrix Metaframe XP is
vulnerable to Cross Site Scripting
10/31/2003 12:49 PMIRM Advisories (Oct 31 2003)
Grok Description matches for Trusted Site Cross Site Scripting Elevation of Privilege in Musicmatch
GrokA matches for Trusted Site Cross Site Scripting Elevation of Privilege in Musicmatch
DevShed: Regaining Control of Your
PHPNuke Site
DevShed: Regaining Control of Your
PHPNuke Site
05/19/2004 07:28 AMAnyone that's used the
PHPNuke
for the content management of their website might have heard about all
of the security holes occurring in some of the latest versions, and
you're a bit concerned. So, what happens if someone does use one of
those holes - how do you get back into control? Well,
this new DevShed article seeks to help you do
just that.
Webmail.us Releases Webmail Version 3.1,
Adding Dozens of New Features and System
Improvements
Webmail.us Releases Webmail Version 3.1,
Adding Dozens of New Features and System
Improvements
03/22/2005 04:55 PMLatest Version Provides New Security Features, Additional Web Browser
Support and Webmail Client User Interface Enhancements [PRWEB Mar 21,
2005]
[waraxe-2004-SA#026 - Multiple
vulnerabilities in Coppermine Photo
Gallery for PhpNuke]
[waraxe-2004-SA#026 - Multiple
vulnerabilities in Coppermine Photo
Gallery for PhpNuke]
05/03/2004 01:59 PMJanek Vind (May 02 2004)
[waraxe-2005-SA#041] - Critical Sql
Injection in PhpNuke 6.x-7.6 Top module
[waraxe-2005-SA#041] - Critical Sql
Injection in PhpNuke 6.x-7.6 Top module
04/06/2005 05:45 PMPosted by Janek Vind, Apr 06 2005
[waraxe-2004-SA#016 - Cross-Site
Scripting aka XSS in phpnuke 6.x-7.2
part 3]
[waraxe-2004-SA#016 - Cross-Site
Scripting aka XSS in phpnuke 6.x-7.2
part 3]
04/13/2004 12:43 AMJanek Vind (Apr 12 2004)
Re: [Squid 2004-Nuke-001] Inadequate
Security Checking in PHPNuke v7.3 and
earlier
Re: [Squid 2004-Nuke-001] Inadequate
Security Checking in PHPNuke v7.3 and
earlier
06/05/2004 01:15 PMRemy Wetzels (Jun 05 2004)
[Squid 2004-Nuke-001] Inadequate
Security Checking in PHPNuke v7.3 and
earlier
[Squid 2004-Nuke-001] Inadequate
Security Checking in PHPNuke v7.3 and
earlier
06/01/2004 03:27 PMSquid (Jun 01 2004)
RSS DB for PHPNuke
RSS DB for PHPNuke
07/08/2004 08:34 PMVersión 1.0 Alpha
Re: Possible bug in PHPNuke and other
CMS
Re: Possible bug in PHPNuke and other
CMS
06/01/2004 01:42 PMPeter Hagstrøm (Jun 01 2004)
Possible bug in PHPNuke and other CMS
Possible bug in PHPNuke and other CMS
05/31/2004 03:41 PMLuca Falavigna (May 30 2004)
PHPNuke Hybrid
PHPNuke Hybrid
07/14/2004 01:50 PMVacaciones
PHPnuke and E-Learning
PHPnuke and E-Learning
03/08/2004 11:22 PM
Submission by Claudio Erba
PHPNuke The most used CMS in the world has been integrated with
spaghettilearning. Now you can have School / University / Business /
Government portal integrated with Learning Management system
Spaghettilearning.
Every user can enter in both reserved areas with the same password
using a single database.
System works as a user syncronizer and use PHPNuke 6.9 + NSN Your
Account Modification + Spaghettileanring 1.1 Release candidate.
A special syncronizer for already existing installation has been
included. Read the README file before using it!.
DOWNLOAD IT FROM HERE
PHPNuke Francophone
PHPNuke Francophone
12/27/2004 05:31 PMphpSysInfo & PHPNuke
PHPNUKE FRANCE
PHPNUKE FRANCE
09/04/2004 06:26 AMPHPNUKE 7.3.1 FR
CPG for PHPnuke/Postnuke
CPG for PHPnuke/Postnuke
12/04/2003 07:12 PMThe most recent release (cpg1.2.0RC4) of the coppermine nuke team
features support for PHPnuke as well as Postnuke. Coppermine is an
easily set-up, fast, feature-rich photo gallery script with mySQL
database, user management, private galleries, automatic thumbnail
creation, ecard feature and a template system for easy customization
to match the rest of a site.
See http://coppermine.sourceforge.net/board/viewtopic.php?t=1980 for
dull details...
GauGau
Top Music Module for PHPNuke
Top Music Module for PHPNuke
07/03/2004 08:00 PMAuthor's web page
Re: [Full-Disclosure] Possible bug in
PHPNuke and other CMS
Re: [Full-Disclosure] Possible bug in
PHPNuke and other CMS
06/01/2004 03:27 PMSam Bashton (Jun 01 2004)
Directory Addon for PHPNuke
Directory Addon for PHPNuke
12/31/2003 06:09 PMError discovered in README-DIRECTORY
PhpNuke Portal for Canada
PhpNuke Portal for Canada
11/04/2003 07:09 PM
Submission by julie
Hello Nukers,
Now you can visit the first phpnuke Portal
For canada.
Security Alert: PHPNuke Strikes Again
Security Alert: PHPNuke Strikes Again
02/04/2003 08:40 AMInteractive Crossword Module for PHPNuke
Interactive Crossword Module for PHPNuke
06/29/2004 03:30 PMAuthor's web page
phpnuke 6.9 search module exploit.
phpnuke 6.9 search module exploit.
02/12/2004 06:15 PMpokley (Feb 11 2004)
[waraxe-2004-SA#030 - Multiple
vulnerabilities in PhpNuke 6.x - 7.3]
[waraxe-2004-SA#030 - Multiple
vulnerabilities in PhpNuke 6.x - 7.3]
05/17/2004 05:58 PMJanek Vind (May 17 2004)
[waraxe-2004-SA#027 - Once again -
critical vulnerabilities in PhpNuke 6.x
- 7.2]
[waraxe-2004-SA#027 - Once again -
critical vulnerabilities in PhpNuke 6.x
- 7.2]
05/05/2004 05:09 PMJanek Vind (May 05 2004)
Re: [SECURITYREASON.COM] PhpNuke 7.6=>x
Multiple vulnerabilities cXIb8O3.12
Re: [SECURITYREASON.COM] PhpNuke 7.6=>x
Multiple vulnerabilities cXIb8O3.12
04/12/2005 11:07 PMPosted by Paul Laudanski, Apr 08 2005
Vulnerabilidad en PHPNuke: Cómo
convertirse en Dios con un click
Vulnerabilidad en PHPNuke: Cómo
convertirse en Dios con un click
05/10/2004 11:34 AM[waraxe-2004-SA#029 - Possible remote
file inclusion in PhpNuke 6.x - 7.3]
[waraxe-2004-SA#029 - Possible remote
file inclusion in PhpNuke 6.x - 7.3]
05/17/2004 05:58 PMJanek Vind (May 17 2004)
[waraxe-2004-SA#032 - Multiple security
flaws in PhpNuke 6.x - 7.3]
[waraxe-2004-SA#032 - Multiple security
flaws in PhpNuke 6.x - 7.3]
06/13/2004 07:52 PMJanek Vind (Jun 11 2004)
[waraxe-2004-SA#028 - Multiple
vulnerabilities in NukeJokes module for
PhpNuke]
[waraxe-2004-SA#028 - Multiple
vulnerabilities in NukeJokes module for
PhpNuke]
05/08/2004 04:15 PMJanek Vind (May 08 2004)
Trusted Site Cross Site Scripting Elevation of Privilege in Musicmatch
