exploits , vulnerabilities , articles , Cerberus Helpdesk Spellwin.PHP Cross-Site Scripting Vulnerability

Title	Cerberus Helpdesk Spellwin.PHP Cross-Site Scripting Vulnerability
Published	2006-12-04-12:00AM
Updated	2006-12-04-09:54PM
Class	Input Validation Error
CVE
Remote	Yes
Local	No
Credit	En Douli is credited with the discovery of this vulnerability.
Vulnerable	Cerberus Helpdesk 3.3 Cerberus Helpdesk 3.2.1 Cerberus Helpdesk 2.7.1 Development Release Cerberus Helpdesk 2.7 Cerberus Helpdesk 2.6.1 Cerberus Helpdesk 2.5 Cerberus Helpdesk 2.4 Cerberus Helpdesk 2.3 Cerberus Helpdesk 2.2 Cerberus Helpdesk 2.1 Cerberus Helpdesk 2.0 Cerberus Helpdesk 0.97.3 Cerberus Helpdesk 3.2.Build 317
Not Vulnerable
Code	Attackers can exploit this issue by enticing an unsuspected victim into following a malicious URI. An example URI has been provided: http://www.example.com/includes/elements/spellcheck/spellwin.php?pspell_loaded=1&js=<http://www.example2.com/cerberus/includes/elements/spellchec k/spellwin.php?pspell_loaded=1&js=><script src=JS_FILE></script>
TXT

Vulnerabilities - newest 10 RSS | More

2009-01-09 MODx Prior to 0.9.6.3 Multiple Cross Site Scripting Vulnerabilities
2009-01-09 Check Point SecurePlatform Unspecified Remote Security Vulnerability
2009-01-09 Sun Java Web Start and Java Plug-in JAR File Privilege Escalation Vulnerability
2009-01-09 NetGear WG102 SNMP Write Community String Information Disclosure Vulnerability
2009-01-09 Serv-U Remote Denial of Service Vulnerabilities
2009-01-09 QuoteBook Information Disclosure, SQL Injection and HTML Injection Vulnerabilities
2009-01-08 Oracle January 2009 Oracle Critical Patch Update Pre-Release Announcement Multiple Vulnerabilities
2009-01-08 Microsoft January 2009 Advance Notification Multiple Vulnerabilities
2009-01-08 IBM WebSphere DataPower XML Security Gateway XS40 Remote Denial Of Service Vulnerability
2009-01-08 Drupal Project Release Module Multiple Remote Vulnerabilities

SECURITY RSS FEEDS

Advertising

Copyright 2007, SecurityDot
Sat, 10 Jan 2009 01:55:38 +0000

Friends : milw0rm.com , secunia.com , securityfocus.com
GOOGLE
NEWS EXPLOITS VULNS
exploits , 0day exploits , newest exploits , vulnerabilities , newest vulnerabilities , 0day vulnerabilities , newest articles , linux articles , articles
www.sexige wwwsexwome sexs vedo DEM wwwsex4000 clipe sexi xvideos.co victoria.h shaila nai Www.sex ir Www.xxxpow Student se 80008.cn mambots/co Www xxx wo mybb 1 Www video worlld,sex news for c Sex ger im Sexactres 2044 port news for c hOt sex vedio dragon fab www.sexhot nen thara SMF 1.1.3. Tamil actr monicabell Crack for news for c ArticleBea www.indias wwwvideopo NIPPLE SHO CMS is Fre vergas Chang mang mambo Remo guest book nenagh Video porn web deface girls Sexyvidiok o com cava Arab porno tony lane