Web App Vulnerabilities

1. Introduction FTP Credentials Disclosure is a vulnerability where FTP configuration files on a web server are publicly accessible. These...

1. Introduction FtpLocate is a web search engine for FTP sites written in Perl that contains a vulnerability allowing arbitrary...

1. Introduction The Fusebox index.cfm fuseaction Parameter XSS vulnerability allows an attacker to inject malicious scripts into web pages viewed...

1. Introduction The FuseTalk categories.aspx FTVAR_SORTORDER Parameter XSS vulnerability allows an attacker to inject malicious script into a web page...

1. Introduction FuseTalk Detection identifies instances of the FuseTalk discussion forum software running on a web server. This software, used...

1. Introduction The FuseTalk Forum img src Tag XSS vulnerability allows an attacker to inject malicious scripts into a web...

1. Introduction FuseTalk is vulnerable to a SQL injection attack via the index.cfm script’s txForumID parameter. This means an attacker...

1. Introduction FuseTalk Multiple Script XSS is a vulnerability affecting the FuseTalk discussion forum software, implemented in ColdFusion. It allows...

1. Introduction The FuseTalk usersearchresults.cfm keyword Parameter XSS vulnerability allows an attacker to inject malicious scripts into a web page...

1. Introduction The remote web server contains a photo album application written in PHP, known as Gallery Detection. This is...