AppServ Open Project <= 2.5.10 - 'appservlang' Parameter Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/29291/info AppServ Open Project is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the brows...

Qto File Manager 1.0 index.php Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/18510/info Qto file manager is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitra...

Plunet BusinessManager 4.1 pagesUTF8/auftrag_allgemeinauftrag.jsp Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/33153/info Plunet BusinessManager is prone to multiple security-bypass and HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitra...

Atlassian JIRA 3.4.2 IssueNavigator.JSPA Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/23244/info Atlassian JIRA is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script...

Microsoft Office 2003 Embedded Shockwave Flash Object Security Bypass Weakness

No description provided by source. source: http://www.securityfocus.com/bid/18583/info Microsoft Office is prone to a weakness that may allow remote attackers to execute arbitrary script code contained in Shockwave Flash Objects without first requiring confirmation from users. A successful attack...

Invision Power Services Invision Board 2.0.4 Help Action HID Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/17144/info Invision Power Board is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issu...

EsContacts 1.0 - login.php msg Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/28825/info EsContacts is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. Attackers may leverage these issues to execute arbitrary script code in the browse...

PHPCart 3.1.2 'search.php' Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/37567/info PHPCart is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the brows...

Starsgames Control Panel 4.6.2 - 'index.php' Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/29295/info Starsgames Control Panel is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...

Tiny Portal 1.0 - 'shouts' Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/28630/info Tiny Portal is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

XMB Forum 1.8 member.php member Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/8013/info XMB Forum has been reported prone to multiple cross-site scripting and HTML-injection vulnerabilities because the application fails to sanitize user-supplied data. An attacker may exploit any one of these...

TimeTrex Time 2.2 and Attendance Module - Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/30789/info TimeTrex is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code ...

Horde <= 3.3.5 Administration Interface admin/sqlshell.php PATH_INFO Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/37351/info Horde Framework is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser...

PHP-Fusion 5.0 BBCode IMG Tag Script Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/12751/info PHP-Fusion is reported prone to a script injection vulnerability. This issue is due to the application failing to properly sanitize user-supplied input prior to including it in dynamically generated content. An...

Datalife Engine CMS 7.2 'admin.php' Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/31335/info Datalife Engine CMS is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the...

Benja CMS 0.1 /admin/admin_edit_topmenu.php URL XSS

No description provided by source. source: http://www.securityfocus.com/bid/29884/info The 'benja CMS' program is prone to multiple vulnerabilities because it fails to adequately validate input and restrict access. These issues include three cross-site scripting issues, an arbitrary-file-upload...

InnovaPortal msg.jsp msg Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/26084/info InnovaShop is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script cod...

phpFreeChat 1.1 'demo21_with_hardocded_urls.php' Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/30292/info phpFreeChat is prone to an unspecified cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...

Spectrum Software WebManager CMS 'pojam' Parameter Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/38573/info Spectrum Software WebManager CMS is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary...

Eggblog 3.1 admin/users.php add Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/21134/info Eggblog is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in the...