WordPress Register Plus Plugin Multiple Vulnerabilities

WordPress Register Plus Plugin is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Drupal Embedded Media Field Cross Site Scripting

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Details of this disclosure are also available at http://www.madirish.net/?article=472 Description of Vulnerability: - ----------------------------- Drupal http://drupal.org is a robust content management system CMS written in PHP and MySQL. The Drupal...

jSchool Advanced Cross Site Scripting

TITLE: jSchool Advanced "action" Cross-Site Scripting PRODUCT: jSchool Advanced PRODUCT URL: http://jogjacamp.com/script4jSchoolAdvanced.html RESEARCHERS: underground-stockholm.com RESEARCHERS URL: http://underground-stockholm.com/ BUG: Input passed via the "action" parameter to index.php is not...

Script Insertion Vulnerability in Textpattern CMS

High-Tech Bridge SA Security Research Lab has discovered vulnerability in Textpattern CMS which could be exploited to perform script insertion attacks. 1 Script insertion vulnerability in Textpattern CMS An input sanitation error exists in the comment field. A remote attacker can insert arbitrary...

Multiple Vulnerabilities in eoCMS

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in eoCMS which could be exploited to perform script insertion and SQL injection attacks, gain access to sensitive information and compromise vulnerable system. 1 Script insertion vulnerability in eoCMS An input...

Cross-site Scripting (XSS) Vulnerability in NinkoBB

High-Tech Bridge SA Security Research Lab has discovered vulnerability in NinkoBB which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in NinkoBB: CVE-2010-4874 The vulnerability exists due to input sanitation error in parameters...

Joomla JS Calendar 1.5.1 SQL Injection / Cross Site Scripting

JS Calendar 1.5.1 Joomla Component Multiple Remote Vulnerabilities Name JS Calendar Vendor http://www.joomlaseller.com Versions Affected 1.5.1 Author Salvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact salvatorefresta at gmail dot com Date 2010-10-09 X. INDEX I. ABOUT T...

TikiWiki 'tiki-edit_wiki_section.php' type Parameter XSS

The installed version of TikiWiki fails to sanitize user-supplied input to the 'type' parameter in the 'tiki-editwikisection.php' script before using it to generate dynamic HTML content. An unauthenticated, remote attacker may be able to leverage this issue to inject arbitrary HTML or script code...

Micro CMS v1.0 b1 Persistent XSS Vulnerability

Exploit for php platform in category web applications ============================================== Micro CMS v1.0 b1 Persistent XSS Vulnerability ============================================== Class: Persistent Cross-Site Scripting Severity: High Overview: --------- Micro CMS is prone to...

Cross-site Scripting (XSS) Vulnerabilities in Expression CMS

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Expression CMS which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in Expression CMS 1.1 The vulnerability exists due to input sanitation error in the...

Mailman -- cross-site scripting in web interface

Secunia reports: Two vulnerabilities have been reported in Mailman, which can be exploited by malicious users to conduct script insertion attacks. Certain input passed via the list descriptions is not properly sanitised before being displayed to the user. This can be exploited to insert arbitrary...

phpCAS Session Hijacking and Cross-Site Scripting Vulnerabilities

This host is installed with phpCAS and is prone to session hijacking and cross-site scripting vulnerabilities. OpenVAS Vulnerability Test $Id: gbphpcassessionhijacknxssvuln.nasl 7823 2017-11-20 08:54:04Z cfischer $ phpCAS Session Hijacking and Cross-Site Scripting Vulnerabilities Authors: Madhuri...

phpCAS Session Hijacking and Cross-Site Scripting Vulnerabilities

phpCAS is prone to session hijacking and cross-site scripting vulnerabilities. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Cross-site Request Forgery (CSRF) Vulnerabilities in Amiro.CMS

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Amiro.CMS which could be exploited to perform cross-site request forgery attacks. 1 Cross-site request forgery CSRF in Amiro.CMS 1.1 The vulnerability exists due to insufficient validation of the request origin i...

Script Insertion Vulnerabilities in ArtGK CMS

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in ArtGK CMS which could be exploited to perform script insertion attacks. 1 Script insertion vulnerabilities in ArtGK CMS 1.1 Input passed to the "content" parameter in cms/classes/CForm.php is not properly sanitiz...

Sun Java System Portal Server Multiple Cross Site Scripting Vulnerabilities

This host is running Sun Java System Portal Server and is prone to multiple unspecified Cross site scripting vulnerabilities. OpenVAS Vulnerability Test $Id: gbsunjavasystemportalserverxssvuln.nasl 5373 2017-02-20 16:27:48Z teissa $ Sun Java System Portal Server Multiple Cross Site Scripting...

osCSS 'page' Parameter Cross Site Scripting Vulnerability

The host is running osCSS and is prone to cross site scripting vulnerability. OpenVAS Vulnerability Test $Id: secpodoscssxssvuln.nasl 5401 2017-02-23 09:46:07Z teissa $ osCSS 'page' Parameter Cross Site Scripting Vulnerability Authors: Sooraj KS Copyright: Copyright c 2010 SecPod,...

Cross-site Scripting (XSS) Vulnerability in Edit-X CMS

High-Tech Bridge SA Security Research Lab has discovered vulnerability in Edit-X CMS which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in Edit-X CMS The vulnerability exists due to input sanitation error in the "searchtext" parameter in...

Mako 'cgi.escape()' Cross-Site Scripting Vulnerability

Mako is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2010-2479

Cross-site scripting XSS vulnerability in HTML Purifier before 4.1.1, as used in Mahara and other products, when the browser is Internet Explorer, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...