Multiple Vulnerabilities in Pixie

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Pixie which could be exploited to perform cross-site scripting, script insertions and cross-site request forgery attacks. 1 Cross-site scripting XSS vulnerability in Pixie The vulnerability exists due to input...

Cross-site Scripting (XSS) Vulnerabilities in synType CMS

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in synType CMS which could be exploited to perform cross-site scripting and script insertion attacks. 1 Cross-site scripting XSS vulnerability in synType CMS The vulnerability exists due to input sanitation error in...

Cross-site Scripting (XSS) Vulnerabilities in FlatNux CMS

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in FlatNux CMS which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerabilities in FlatNux CMS 1.1 The vulnerability exists due to input sanitation error in the "body"...

Damianov.net Shoutbox 1.0 Cross Site Scripting

Exploit Title: damianov.net Shoutbox XSS Vulnerability Date: 13.05.2010 Author: Valentin Category: webapps/0day Version: 1.0 Tested on: Debian, Apache2, PHP5 CVE : Code : :::::::::::::::::::::::::::::::::::::: 0x1 :::::::::::::::::::::::::::::::::::::: General Information Advisory/Exploit Title =...

osCommerce 3.0a5 - Local File Inclusion HTML Injection

osCommerce 3.0a5 - Local File Inclusion HTML Injection source: https://www.securityfocus.com/bid/39820/info osCommerce is prone to a local file-include vulnerability and an HTML-injection vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit the local...

Cross-site Scripting Vulnerability in Acuity CMS

High-Tech Bridge SA Security Research Lab has discovered a vulnerability in Acuity CMS which could be exploited to perform cross-site scripting XSS attacks. 1 Cross-site scripting vulnerability in Acuity CMS Input sanitation error was found in the "page" parameter in /admin/pages/addpage.asp. A...

Mort Bay Jetty 6.x <= 6.1.21 Multiple XSS Vulnerabilities - Active Check

Mort Bay Jetty is prone to multiple cross-site scripting XSS vulnerabilities. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

SQL-Ledger Multiple Vulnerabilities

This host is running SQL-Ledger and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: secpodsqlledgermultvuln.nasl 5122 2017-01-27 12:16:00Z teissa $ SQL-Ledger Multiple Vulnerabilities Authors: Sharath S Copyright: Copyright c 2009 SecPod, http://www.secpod.com This program i...

Clixint DPI Image Hosting Script Cross Site Scripting Vulnerability

This host is running Flashlight Free Edition and is prone to Cross Site Scripting Vulnerability. OpenVAS Vulnerability Test $Id: gbimagehostingscriptdpixssvuln.nasl 4869 2016-12-29 11:01:45Z teissa $ Clixint DPI Image Hosting Script Cross Site Scripting Vulnerability Authors: Antu Sanadi Copyrigh...

moziloCMS Multiple Cross Site Scripting Vulnerabilities

The host is running moziloCMS and is prone to Multiple Cross Site Scripting Vulnerabilities OpenVAS Vulnerability Test $Id: gbmoziloCMSmultxssvuln.nasl 4869 2016-12-29 11:01:45Z teissa $ moziloCMS Multiple Cross Site Scripting Vulnerabilities Authors: Antu Sanadi Copyright: Copyright c 2009...

Opera Information Disclosure and Unspecified Vulnerabilities - (Linux)

The host is installed with Opera Web Browser and is prone to Information Disclosure and other unspecified vulnerabilities. OpenVAS Vulnerability Test $Id: secpodoperainfodiscunspecifiedvulnlin.nasl 5122 2017-01-27 12:16:00Z teissa $ Opera Information Disclosure and Unspecified Vulnerabilities -...

phpMyFAQ GET Variable Cross-Site-Scripting Vulnerability

This host is installed with phpMyFAQ and is prone to Cross Site Scripting vulnerability. OpenVAS Vulnerability Test $Id: secpodphpmyfaqgetxssvuln.nasl 5122 2017-01-27 12:16:00Z teissa $ phpMyFAQ GET Variable Cross-Site-Scripting Vulnerability Authors: Nikita MR Copyright: Copyright c 2009 SecPod,...

Shibboleth Service Provider Multiple XSS Vulnerabilities (Windows)

The host has Shibboleth Service Provider installed and is prone to multiple Cross-Site Scripting vulnerabilities. OpenVAS Vulnerability Test $Id: gbshibbolethspmultxssvulnwin.nasl 4869 2016-12-29 11:01:45Z teissa $ Shibboleth Service Provider Multiple XSS Vulnerabilities Windows Authors: Sharath ...

Oracle Application Server Portal Cross Site Scripting

Oracle Application Server is a multi-platform solution for developing and deploying enterprise applications and web sites. The server ships with several additional components that extend its functionality. Oracle's Single Sign-On Server SSO was part of Oracle Application Server till version...

Fedora Core 10 FEDORA-2009-9799 (rubygem-activesupport)

The remote host is missing an update to rubygem-activesupport announced via advisory FEDORA-2009-9799. OpenVAS Vulnerability Test $Id: fcore20099799.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-9799 rubygem-activesupport Authors: Thomas Reinke...

Cross site scripting

Cross-site scripting XSS vulnerability in merchandise.php in BandSite CMS 1.1.4 allows remote attackers to inject arbitrary HTML or web script via the type parameter...

CVE-2008-7060

Multiple cross-site scripting XSS vulnerabilities in One-News Beta 2 allow remote attackers to inject arbitrary HTML and web script via the 1 title or 2 content parameters in a news item to add.php, and the 3 itemnum, 4 author, or 5 comment parameters in a comment to index.php. NOTE: vectors 1 an...

CVE-2008-7060

CVE-2008-7060 concerns One-News Beta 2 and involves multiple cross-site scripting (XSS) vulnerabilities. The XSS can be triggered via the title or content fields of a news item (add.php) and via itemnum, author, or comment fields of a comment (index.php). Vectors 1 and 2 require user authenticati...

Sun Java Web Console Multiple XSS Vulnerabilities

The host is running Java Web Console and is prone to Multiple Cross-Site Scripting Vulnerabilities. OpenVAS Vulnerability Test $Id: gbsunjavawebconsolexssvuln.nasl 4892 2016-12-30 15:39:07Z teissa $ Sun Java Web Console Multiple XSS Vulnerabilities Authors: Sharath S Copyright: Copyright c 2009...

Pivot Cross Site Scripting Vulnerability

This host is installed with Pivot and is prone to Cross Site Scripting vulnerability. OpenVAS Vulnerability Test $Id: secpodpivotxssvuln.nasl 5122 2017-01-27 12:16:00Z teissa $ Pivot Cross Site Scripting Vulnerability Authors: Nikita MR Copyright: Copyright c 2009 SecPod, http://www.secpod.com Th...