PHP-Nuke 6.x/7.x Your_Account Module Avatarcategory Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13010/info It is reported that the PHP-Nuke 'YourAccount' module is affected by a cross-site scripting vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied URI input. This...

A+ PHP Scripts News Management System 0.3 Multiple Input Validation Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/29912/info A+ PHP Scripts News Management System is prone to multiple input-validation vulnerabilities, including a remote file-include issue, multiple local file-include issues, and a cross-site scripting issue. An...

GeeCarts - show.php id Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/28470/info GeeCarts is prone to multiple input-validation vulnerabilities, including remote file-include and cross-site scripting issues, because it fails to sufficiently sanitize user-supplied data. Exploiting these issu...

Dreamcost HostAdmin 3.1 'index.php' Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/31538/info Dreamcost HostAdmin is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute arbitrary script code in t...

AderSoftware CFBB 1.1 Index.CFM Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/14440/info CFBB is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script co...

Drupal 4.0 News Message HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5801/info Problems with Drupal could allow an attacker to execute arbitrary script code in a vulnerable client. Drupal fails to sufficiently filter potentially malicious HTML code from news posts. As a result, when a user...

Openfire <= 3.6.2 'group-summary.jsp' Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/32937/info Openfire is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute arbitrary script code in the browser ...

EveryAuction 1.53 Auction.PL Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/15824/info EveryAuction is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to run arbitrary script code in the browser of an...

EziScript Google Page Rank 1.1 Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/38266/info EziScript Google Page Rank is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in...

PHP <= 5.2.11 'htmlspecialcharacters()' Malformed Multibyte Character Cross Site Scripting Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/37389/info PHP is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

PortWise SSL VPN 4.6 'reloadFrame' Parameter Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/38308/info PortWise SSL VPN is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser o...

Elastic Path 4.1 - manager/getImportFileRedirect.jsp file Parameter Traversal Arbitrary File Access

No description provided by source. source: http://www.securityfocus.com/bid/28352/info Elastic Path is prone to multiple input-validation vulnerabilities because it fails to properly sanitize user-supplied input. These issues include: - A local file-include vulnerability. - An arbitrary file-uplo...

Joomla MS Comment Component 0.8.0b Security Bypass and Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/38250/info The MS Comment component for Joomla! is prone to a security-bypass vulnerability because it fails to properly sanitize user-supplied input. The component is also prone to a security-bypass vulnerability because...

WordPress <= 2.5.1 'press-this.php' Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/30238/info WordPress is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the brows...

MyBulletinBoard 1.x UserCP.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/19193/info MyBulletinBoard is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code execute in the brows...

Joomla! ProofReader 1.0 RC9 Component Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/37145/info The Joomla! ProofReader component is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrar...

evalSMSI 2.1.3 Multiple Input Validation Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/38116/info evalSMSI is prone to multiple vulnerabilities, including an authentication-bypass issue, an SQL-Injection issue, and an HTML-Injection issue. Attackers can exploit these issues to gain administrative access to...

Zeeways ZeeJobsite 'basic_search_result.php' Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/37290/info ZeeJobsite is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

BookReview 1.0 add_classification.htm isbn Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/13783/info BookReview is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have...

Opial AV Download Management 1.0 Index.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/20174/info Opial Audio/Visual Download Management is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to have arbitrary...