7610 matches found
SWFupload - movieName Cross-Site Scripting
SWFupload - movieName Cross-Site Scripting source: https://www.securityfocus.com/bid/54245/info SWFUpload is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...
TEMENOS T24 - Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/54235/info TEMENOS T24 is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in th...
TEMENOS T24 - Multiple Cross-Site Scripting Vulnerabilities
TEMENOS T24 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/54235/info TEMENOS T24 is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute...
Oracle iPlanet Web Server 7.0.x < 7.0.15 Multiple Vulnerabilities
According to its self-reported version, the Oracle iPlanet Web Server formerly Sun Java System Web Server running on the remote host is 7.0.x prior to 7.0.15. It is, therefore, affected by the following vulnerabilities : - Multiple cross-site scripting vulnerabilities exist due to parameter...
Schoolhos CMS - HTML Injection
Schoolhos CMS - HTML Injection source: https://www.securityfocus.com/bid/54204/info Schoolhos CMS is prone to an arbitrary file-upload vulnerability and multiple HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input. An attacker could exploit these issues to...
Opera Web Browser 11.65之前版本多个漏洞
BUGTRAQ ID: 54011 Opera为来自挪威的一个浏览器。 Opera Web Browser 11.65之前版本在实现上存在多个漏洞,攻击者可利用这些漏洞执行任意脚本代码,泄露敏感信息或欺骗可信站点的原始URL,进行网络钓鱼攻击。 0 Opera Software Opera Web Browser 9.x Opera Software Opera Web Browser 11.x Opera Software Opera Web Browser 10.x 厂商补丁: Opera Software --------------...
FCKEditor Core - Editor spellchecker.php Cross-Site Scripting
FCKEditor Core - Editor spellchecker.php Cross-Site Scripting source: https://www.securityfocus.com/bid/54188/info FCKEditor is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in t...
MS12-040: Vulnerability in Microsoft Dynamics AX Enterprise Portal Could Allow Elevation of Privilege (MSSQL check)
Binary data ms12-040mssql.nbin...
Adiscan LogAnalyzer 3.4.3 - Cross-Site Scripting
Adiscan LogAnalyzer 3.4.3 - Cross-Site Scripting source: https://www.securityfocus.com/bid/54117/info Adiscan LogAnalyzer is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script cod...
Commentics - index.php Cross-Site Scripting
Commentics - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/54111/info Commentics is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...
WEB PATIO vulnerable to cross-site scripting
Overview WEB PATIO contains a cross-site scripting vulnerability. WEB PATIO is a bulletin-board software. WEB PATIO contains a vulnerability in handling web form entries, which may result in cross-site scripting. Yuji Tounai of bogus.jp reported this vulnerability to IPA. JPCERT/CC coordinated wi...
AdaptCMS 2.0.2 - 'index.php' Script Cross-Site Scripting
source: https://www.securityfocus.com/bid/54097/info AdaptCMS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of t...
MediaWiki 1.x - uselang Cross-Site Scripting
MediaWiki 1.x - uselang Cross-Site Scripting source: https://www.securityfocus.com/bid/53998/info MediaWiki is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the brows...
MediaWiki 1.x - 'uselang' Cross-Site Scripting
source: https://www.securityfocus.com/bid/53998/info MediaWiki is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of...
vBSEO - u Cross-Site Scripting
vBSEO - u Cross-Site Scripting source: https://www.securityfocus.com/bid/55908/info vBSEO is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user ...
Juniper Networks Mobility System Software - aaawba_login.html Cross-Site Scripting
Juniper Networks Mobility System Software - aaawbalogin.html Cross-Site Scripting source: https://www.securityfocus.com/bid/54075/info Mobility System Software is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to...
SPIP 2.x - Multiple Cross-Site Scripting Vulnerabilities
SPIP 2.x - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/53983/info SPIP is prone to multiple unspecified cross-site-scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute...
FeedDemon vulnerable to arbitrary script execution
Overview FeedDemon is vulnerable to arbitrary script execution. FeedDemon is an RSS/Atom feed reader. FeedDemon is vulnerable to arbitrary script execution due to the improper processing during HTML page output based on feed information when using the "feed preview" option. Daiki Fukumori of Cybe...
JVN#18397171: FeedDemon vulnerable to arbitrary script execution
FeedDemon is an RSS/Atom feed reader. FeedDemon is vulnerable to arbitrary script execution due to the improper processing during HTML page output based on feed information when using the "feed preview" option. Impact An arbitrary script embedded in an RSS/Atom feed may be executed on the user's...
Vanilla Forums 2.0.18.4 Tagging Stored XSS
Exploit for php platform in category web applications Title: Vanilla Tagging Stored XSS Date: 1/6/12 Author: Henry Hoggard Author URL: henryhoggard.co.uk Author Twitter: @henryhoggard Software: Vanilla Version 2.0.18.4 http://vanillaforums.org/download Create a new thread and post your XSS as tag...