Eclipse BIRT 2.2.1 - 'run?__report' Cross-Site Scripting

source: https://www.securityfocus.com/bid/36674/info Eclipse BIRT Business Intelligence and Reporting Tools is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the brows...

OpenSolution Quick.Cart - Local File Inclusion Cross-Site Scripting

OpenSolution Quick.Cart - Local File Inclusion Cross-Site Scripting source: https://www.securityfocus.com/bid/42182/info Quick.Cart is prone to multiple local file-include vulnerabilities and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attack...

OpenSolution Quick.Cart - Local File Inclusion / Cross-Site Scripting

source: https://www.securityfocus.com/bid/42182/info Quick.Cart is prone to multiple local file-include vulnerabilities and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit the local file-include vulnerability using...

Activedition - '/activedition/aelogin.asp' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/42164/info Activedition is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in t...

PaoBacheca 2.1 - scrivi.php URI Cross-Site Scripting

PaoBacheca 2.1 - scrivi.php URI Cross-Site Scripting source: https://www.securityfocus.com/bid/42423/info PaoBacheca is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary scri...

RSSMediaScript - index.php Cross-Site Scripting

RSSMediaScript - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/42421/info RSSMediaScript is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in t...

TuttoPHP Morris Guestbook - 'view.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/36415/info Morris Guestbook is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...

SZNews 2.7 - printnews.php3 Remote File Inclusion

SZNews 2.7 - printnews.php3 Remote File Inclusion source: https://www.securityfocus.com/bid/42974/info SZNews is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive...

Datemill - photo_view.php?return Cross-Site Scripting

Datemill - photoview.php?return Cross-Site Scripting source: https://www.securityfocus.com/bid/42896/info Datemill is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script...

KingCMS 0.6 - 'CONFIG[AdminPath]' Remote File Inclusion

source: https://www.securityfocus.com/bid/42924/info KingCMS is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive information or to execute arbitrary script code in the...

Omnistar Recruiting - resume_register.php Cross-Site Scripting

Omnistar Recruiting - resumeregister.php Cross-Site Scripting source: https://www.securityfocus.com/bid/43163/info Omnistar Recruiting is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute...

Webformatique Reservation Manager 2.4 - index.php Cross-Site Scripting

Webformatique Reservation Manager 2.4 - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/43003/info Webformatique Reservation Manager is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage thi...

Apache Tomcat 3.2 - 404 Error Page Cross-Site Scripting

source: https://www.securityfocus.com/bid/37149/info Apache Tomcat is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context...

Beex - partneralle.php?navaction Cross-Site Scripting

Beex - partneralle.php?navaction Cross-Site Scripting source: https://www.securityfocus.com/bid/42451/info Beex is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script co...

Property Watch - email.php?videoid Cross-Site Scripting

Property Watch - email.php?videoid Cross-Site Scripting source: https://www.securityfocus.com/bid/42453/info Property Watch is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitra...

PHPMass Real Estate - view_map.php Cross-Site Scripting

PHPMass Real Estate - viewmap.php Cross-Site Scripting source: https://www.securityfocus.com/bid/42452/info PHPMass Real Estate is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary scri...

LiveStreet 0.2 - includeajaxblogInfo.php?asd Cross-Site Scripting

LiveStreet 0.2 - includeajaxblogInfo.php?asd Cross-Site Scripting source: https://www.securityfocus.com/bid/42422/info LiveStreet is prone to an HTML-injection vulnerability and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverag...

LiveStreet 0.2 - '/include/ajax/blogInfo.php?asd' Cross-Site Scripting

source: https://www.securityfocus.com/bid/42422/info LiveStreet is prone to an HTML-injection vulnerability and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage the issues to execute arbitrary script code in the browser of an...

x10 MP3 Automatic Search Engine 1.6.5b - embed.php?name Cross-Site Scripting

x10 MP3 Automatic Search Engine 1.6.5b - embed.php?name Cross-Site Scripting source: https://www.securityfocus.com/bid/43336/info x10 Media Automatic MP3 Search Engine is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker...

WebStatCaffe - statmostvisitpagechart.php?nopagesmost Cross-Site Scripting

WebStatCaffe - statmostvisitpagechart.php?nopagesmost Cross-Site Scripting source: https://www.securityfocus.com/bid/43339/info Gonafish WebStatCaffe is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these...