SkaDate Lite 2.0 CSRF / Cross Site Scripting

SkaDate Lite 2.0 Mu...

WordPress ActiveHelper LiveHelp Live Chat Plugin Cross Site Scripting Vulnerability

WordPress ActiveHelper LiveHelp Live Chat Plugin is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

Omeka 2.2 - Cross-Site Request Forgery / Persistent Cross-Site Scripting

html...

Omeka 2.2 - CSRF And Stored XSS Vulnerability

Omeka version 2.2 suffers from cross site request forgery and cross site scripting vulnerabilities. !-- Omeka 2.2 CSRF And Stored XSS Vulnerability Vendor: Omeka Team CHNM GMU Product web page: http://www.omeka.org Affected version: 2.2 Summary: Omeka is a free, flexible, and open source...

WordPress Game-Tabs plugin 'n' Parameter Cross Site Scripting Vulnerability

WordPress Game-Tabs Plugin is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Code-Crafters Ability Mail Server 1.18 errormsg Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/10695/info Ability Mail Server is reported prone to multiple vulnerabilities that may allow a remote attacker to carry out cross-site scripting and denial of service attacks. The server is prone to a cross-site scripting...

Helios Calendar 1.1/1.2 Admin/Index.PHP Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/26312/info Helios Calendar is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue allows attackers to execute arbitrary HTML or script code in ...

Macromedia Sitespring 1.2 Default Error Page Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5249/info Macromedia Sitespring is a J2EE-compliant product for managing website production. The Macromedia Sitespring server runs on Microsoft Windows operating systems. A cross-site scripting issue has been reported in...

Seyeon Technology FlexWATCH Server 2.2 Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9739/info It has been reported that FlexWATCH may be prone to a cross-site scripting vulnerability that may allow a remote attacker to execute arbitrary HTML or script code in a user's browser. These issues have been...

TIPS MailPost 5.1.1 Error Message Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/11598/info MailPost is reported prone to a cross-site scripting vulnerability. This issue presents itself due to insufficient sanitization of user-supplied data and can allow an attacker to execute arbitrary HTML and scri...

vBulletin 2.2.7/2.2.8 HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6337/info Problems with vBulletin could make it possible for an attacker to inject arbitrary HTML in vBulletin forum messages. vBulletin does not sufficiently filter potentially malicious HTML code from posted messages. A...

SSGBook 1.0 Image Tag HTML Injection Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/5915/info SSGbook includes codes for allowing users to specify HTML formatting and layout inside of guestbook entries. For example, a user can include an image by including it inside of image or img tags. However, arbitra...

Hummingbird Collaboration Application Cookie Internal Network Information Disclosure

No description provided by source. source: http://www.securityfocus.com/bid/16195/info Hummingbird Enterprise Collaboration is prone to multiple vulnerabilities. The following specific issues were identified: The application reportedly allows remote attackers to upload arbitrary HTML files and...

MTP Poll 1.0 - Multiple XSS Vulnerabilities

No description provided by source. ?!-- MTP Poll 1.0 Multiple Remote Script Insertion Vulnerabilities Vendor: MTP Scripts Product web page: http://www.morephp.net Affected version: 1.0 Summary: More than poll is a polling system with a powerful administration tool. It features: multiple pools,...

Honey Soft Web Solution Multiple Vulnerabilities

No description provided by source. ----------------------------------------------------------------------------------------- Honey Soft detail.php?proddetail= & products.php?catid= SQL-i/XSS Multiple Vulnerabilities...

GNU Mailman 2.0.x Admin Login Variant Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5299/info GNU Mailman is prone to a cross-site scripting vulnerability. An attacker may construct a malicious link to the administrative login page, which contains arbitrary HTML and script code. A user visiting the link...

Five Star Review Script 0 index2.php sort Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/18390/info Five Star Review Script is prone to multiple input-validation vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these issues to run arbitrary HTML a...

phpldapadmin 0.9.8 copy_form.php dn Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/17643/info PHPLDAPAdmin is prone to multiple input-validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these issues to execute...

Computer Associates SiteMinder Web Agent Smpwservices.FCC Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/26375/info Computer Associates SiteMinder Web Agent is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue allows attackers to execute arbitrar...

docuFORM Mercury WebApp 6.16a/5.20 Multiple XSS Vulnerabilities

No description provided by source. !-- docuFORM Mercury WebApp 6.16a/5.20 Multiple Cross-Site Scripting Vulnerabilities Vendor: docuFORM GmbH Product web page: http://www.docuform.de Affected version: 6.16a and 5.20 Summary: Unlimited options for production printing and customer solutions. Desc:...