Grayscale BandSite CMS 1.1 links_content.php the_band Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/20137/info Grayscale BandSite CMS is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied input data. These issues may allow an attacker to access sensitive informatio...

XAMPP Phonebook.PHP Multiple Remote HTML Injection Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/13127/info XAMPP is prone to multiple remote HTML-injection vulnerabilities because the software fails to properly sanitize user-supplied input before including it in dynamically generated web content. An attacker may...

Indexu 5.0/5.3 power_search.php Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/22084/info Indexu is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in the...

Juniper Networks Secure Access 2000 - 'rdremediate.cgi' Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/28034/info Juniper Networks Secure Access 2000 is prone to a cross-site scripting vulnerability because it fails to adequately sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script...

FireStats WordPress Plugin 1.0.2 Multiple Cross Site Scripting and Authentication Bypass Vulnerabilities (2)

No description provided by source. source: http://www.securityfocus.com/bid/37099/info The FireStats plugin for WordPress is prone to multiple cross-site scripting vulnerabilities and an authentication-bypass vulnerability. An attacker may leverage these issues to gain unauthorized access to the...

Simple PHP Gallery 1.1 System SP_Index.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/21278/info Simple PHP Gallery is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code...

Conkurent PHPMyCart 1.3 Cross Site Scripting and Authentication Bypass Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/37553/info Conkurent PHPMyCart is prone to a cross-site scripting vulnerability and an authentication-bypass vulnerability. An attacker may leverage these issues to gain unauthorized access to the affected application and...

FireStats WordPress Plugin 1.0.2 Multiple Cross Site Scripting and Authentication Bypass Vulnerabilities (1)

No description provided by source. source: http://www.securityfocus.com/bid/37099/info The FireStats plugin for WordPress is prone to multiple cross-site scripting vulnerabilities and an authentication-bypass vulnerability. An attacker may leverage these issues to gain unauthorized access to the...

CruxCMS 3.0 'search.php' Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/27588/info CruxCMS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

AIOCP 1.3.x cp_show_ec_products.php Path Disclosure

No description provided by source. source: http://www.securityfocus.com/bid/20931/info All In One Control Panel AIOCP is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied input data. Exploiting these issues could allow an attacker to steal...

PHP <= 5.3.1 'session_save_path()' 'safe_mode' Restriction-Bypass Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/38182/info PHP is prone to a 'safemode' restriction-bypass vulnerability. Successful exploits could allow an attacker to write session files in arbitrary directions. This vulnerability would be an issue in shared-hosting...

SocketKB 1.1.5 Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/26136/info SocketKB is prone to multiple cross-site scripting vulnerabilities. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected...

miniCWB 2.1.1 - 'connector.php' Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/29368/info miniCWB is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser...

phpSQLiteCMS 1 RC2 - cms/includes/header.inc.php Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/29338/info phpSQLiteCMS is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the...

phpMyAdmin <= 3.3.0 'db' Parameter Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/35531/info phpMyAdmin is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of a...

DCForum 1-6 DCBoard Script Page Parameter Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/15885/info DCForum is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script...

contentserver 5.6.2929 errors/transaction.asp msg Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/24895/info activeWeb contentserver is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitra...

Nortel Networks SRG V16 modules.php module Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/30687/info Navboard is prone to multiple local file-include vulnerabilities and a cross-site scripting vulnerability. An attacker can exploit the local file-include vulnerability using directory-traversal strings to execu...

ownCloud Multiple Cross-Site Scripting & Directory Traversal Vulnerabilities

ownCloud is prone to session fixation vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:owncloud:owncloud"; if...

PrestaShop - getSimilarManufacturer.php?id_manufacturer SQL Injection

PrestaShop - getSimilarManufacturer.php?idmanufacturer SQL Injection source: https://www.securityfocus.com/bid/67249/info PrestaShop is prone to an SQL-injection vulnerability and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may...