Free Reprintables ArticleFR Cross-Site Scripting Vulnerability

ArticleFR is an article directory and content catalog system. Multiple cross-site scripting vulnerabilities exist in Free Reprintables ArticleFR version 3.0.6, which stem from the dashboard/settings/categories/ URI not sufficiently filtering the 'name' parameter, the dashboard/settings/links/ URI...

WordPress plugin church_admin cross-site scripting vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports personal blog sites set up on PHP and MySQL servers. churchadmin is one of the address book, attendance tracking, group management plugin. A cross-site scripting...

CVE-2015-4127

Cross-site scripting XSS vulnerability in the churchadmin plugin before 0.810 for WordPress allows remote attackers to inject arbitrary web script or HTML via the address parameter, as demonstrated by a request to index.php/2015/05/21/churchadmin-registration-form/...

CVE-2015-0522

Cross-site scripting XSS vulnerability in EMC RSA Certificate Manager RCM before 6.9 build 558 and RSA Registration Manager RRM before 6.9 build 558 allows remote attackers to inject arbitrary web script or HTML via vectors related to the email address parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in EMC RSA Certificate Manager RCM before 6.9 build 558 and RSA Registration Manager RRM before 6.9 build 558 allows remote attackers to inject arbitrary web script or HTML via vectors related to the email address parameter...

CVE-2015-0522

Cross-site scripting XSS vulnerability in EMC RSA Certificate Manager RCM before 6.9 build 558 and RSA Registration Manager RRM before 6.9 build 558 allows remote attackers to inject arbitrary web script or HTML via vectors related to the email address parameter...

CVE-2015-0522

EMC RSA Certificate Manager (RCM) and RSA Registration Manager (RRM) are affected by a stored cross-site scripting (XSS) vulnerability (CVE-2015-0522) in the email address parameter. Products affected: RCM and RRM prior to version 6.9 Build 558. An unauthenticated remote attacker could inject arb...

Drupal Global Redirect Module Open Redirect Feature Vulnerability

Drupal is an open source CMS that can be used as a content management platform for various websites. An open redirect functionality vulnerability exists in the Drupal Global Redirect module, which can be exploited to allow an attacker to redirect a user to an arbitrary website via a URL parameter...

u5CMS Open Redirect Vulnerability

u5CMS is a content management system CMS based on PHP, MySQL and Apache for medium-sized websites, conferences, audit processes, PayPal payments and online surveys. The system supports WYSIWYG editor, creating survey forms and data storage. An open redirect vulnerability exists in u5CMS. A remote...

NYU OpenSSO Integration Redirection Vulnerability

NYU OpenSSO Integration is a system that integrates PDS and Sun OpenSSO identity management applications. A redirection vulnerability exists in NYU OpenSSO Integration 2.1 and earlier, which allows remote attackers to redirect a user to an arbitrary web site via a redirection in the url parameter...

CVE-2014-8751

Multiple cross-site scripting XSS vulnerabilities in goYWP WebPress 13.00.06 allow remote attackers to inject arbitrary web script or HTML via the 1 searchparam parameter to search.php or 2 name, 3 address, or 4 comment parameter to forms.php...

Open Web Analytics 1.5.4 - (owa_email_address param) - SQL Injection Vulnerability

No description provided by source...

Redmine vulnerable to open redirect

Overview Redmine is a project management software. Redmine contains an open redirect vulnerability due to insufficient checking of the URL parameter. Minoru Sakai of SCSK Corporation reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early...

CVE-2011-5079

Open redirect vulnerability in the Modern FAQ irfaq extension 1.1.2 and other versions before 1.1.4 for TYPO3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL, probably in the "return url parameter."...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in index.php in TomatoCMS 2.0.6 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 keyword or 2 article-id parameter in conjunction with a /admin/news/article/list PATHINFO; the 3 keyword parameter in conjunction...

CVE-2010-1707

Multiple cross-site scripting XSS vulnerabilities in register.php in Piwigo 2.0.9 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 login and 2 mailaddress parameters...

Cross site scripting

Cross-site scripting XSS vulnerability in signup.asp in Pre Classified Listings ASP allows remote attackers to inject arbitrary web script or HTML via the address parameter...

CVE-2010-1371

Cross-site scripting XSS vulnerability in signup.asp in Pre Classified Listings ASP allows remote attackers to inject arbitrary web script or HTML via the address parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in signup.asp in Pre Classified Listings 1.0 allows remote attackers to inject arbitrary web script or HTML via the address parameter...

CVE-2009-2134

pivot/tb.php in Pivot 1.40.4 and 1.40.7 allows remote attackers to obtain sensitive information via an invalid url parameter, which reveals the installation path in an error message...