phpMyChat 0.14.6 start_page.css.php medium Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/15679/info phpMyChat is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code...

Active Calendar 1.2 data/flatevents.php css Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/22705/info Active Calendar is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the...

Mega File Hosting Script 1.2 'emaillinks.php' Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/36413/info Mega File Hosting Script is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...

Homes 4 Sale 'results.php' Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/30517/info Homes 4 Sale is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

Openfire <= 3.6.2 'group-summary.jsp' Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/32937/info Openfire is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute arbitrary script code in the browser ...

vBulletin 4.0.2 Search Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/38895/info vBulletin is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

MyBulletinBoard 1.x UserCP.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/19193/info MyBulletinBoard is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code execute in the brows...

SamTodo 1.1 - 'tid' Parameter Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/29568/info SamTodo is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

ViArt Shop 3.5 manuals_search.php manuals_search Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/33043/info ViArt Shop is prone to multiple remote vulnerabilities: - Multiple cross-site scripting vulnerabilities - An information-disclosure vulnerability - An authentication-bypass vulnerability An attacker can exploit...

Docebo CMS 3.0.x index.php searchkey Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/22719/info Docebo is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser ...

Drupal 4.0 News Message HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5801/info Problems with Drupal could allow an attacker to execute arbitrary script code in a vulnerable client. Drupal fails to sufficiently filter potentially malicious HTML code from news posts. As a result, when a user...

Invision Power Board 3.0 Multiple HTML-Injection and Information Disclosure Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/34725/info Invision Power Board is prone to an information-disclosure issue and multiple HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to...

OpenNMS 1.5.x notification/list.jsp username Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/31410/info OpenNMS is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser...

PHP 4.x Transparent Session ID Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7761/info A cross-site scripting vulnerability has been discovered in PHP. The problem occurs due to insufficient sanitization of the PHPSESSID URI parameter. An attacker may be capable of exploiting this vulnerability by...

XAMPP Phonebook.PHP Multiple Remote HTML Injection Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/13127/info XAMPP is prone to multiple remote HTML-injection vulnerabilities because the software fails to properly sanitize user-supplied input before including it in dynamically generated web content. An attacker may...

Openfire <= 3.6.2 'user-properties.jsp' Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/32938/info Openfire is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute arbitrary script code in the browser ...

Coppermine Photo Gallery <= 1.4.21 'css' Parameter Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/34782/info Coppermine Photo Gallery is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script...

Liferay Enterprise Portal 4.3.6 User-Agent HTTP Header Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/27547/info Liferay Enterprise Portal is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...

Joomla! 'com_marketplace' Component 1.2 'catid' Parameter Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/37819/info The Joomla! 'commarketplace' component is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script...

AShop Deluxe 4.5 shipping.php Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/21845/info AShop Deluxe and AShop Administration Panel are prone to multiple cross-site scripting vulnerabilities because they fail to sufficiently sanitize user-supplied input data. An attacker may leverage these issues ...