WordPress Zingiri Web Shop Plugin <= 2.4.2 - Persistent XSS

WordPress Zingiri Web Shop plugin is prone to persistent cross-site scripting vulnerabilities. It fails to properly clean up user-supplied input. An attacker may execute arbitrary script code in the browser of an user in the context of the affected site. In this way the attacker can steal...

MySQLDumper 1.24.4 - main.php Multiple Cross-Site Request Forgery Vulnerabilities

MySQLDumper 1.24.4 - main.php Multiple Cross-Site Request Forgery Vulnerabilities source: https://www.securityfocus.com/bid/53306/info MySQLDumper is prone to multiple security vulnerabilities, including: 1. Multiple cross-site scripting vulnerabilities. 2. A local file-include vulnerability. 3...

MySQLDumper 1.24.4 - Multiple Script Direct Request Information Disclosures

MySQLDumper 1.24.4 - Multiple Script Direct Request Information Disclosures source: https://www.securityfocus.com/bid/53306/info MySQLDumper is prone to multiple security vulnerabilities, including: 1. Multiple cross-site scripting vulnerabilities. 2. A local file-include vulnerability. 3. Multip...

MySQLDumper 1.24.4 - &#039;install.php&#039; Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/53306/info MySQLDumper is prone to multiple security vulnerabilities, including: 1. Multiple cross-site scripting vulnerabilities. 2. A local file-include vulnerability. 3. Multiple cross-site request-forgery vulnerabilities. 4. Multiple...

gpEasy 2.3.3 - jsoncallback Cross-Site Scripting

gpEasy 2.3.3 - jsoncallback Cross-Site Scripting source: https://www.securityfocus.com/bid/53269/info gpEasy is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

Concrete5 CMS 5.5.2.1 - Information Disclosure / SQL Injection / Cross-Site Scripting

source: https://www.securityfocus.com/bid/53268/info concrete5 is prone to information-disclosure, SQL-injection and cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. An attacker may leverage these issues to harvest sensitive information, compromi...

gpEasy 2.3.3 - &#039;jsoncallback&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/53269/info gpEasy is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected...

RealNetworks Helix Server Multiple Remote Vulnerabilities

RealNetworks Helix Server is prone to multiple remote vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in ownCloud before 3.0.3 allow remote attackers to inject arbitrary web script or HTML via 1 an arbitrary field to apps/contacts/ajax/addcard.php, 2 the parameter parameter to apps/contacts/ajax/addproperty.php, 3 the name parameter to...

XOOPS 2.5.4 - &#039;/tiny_mce/plugins/xoopsimagemanager/xoopsimagebrowser.php&#039; Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/53143/info XOOPS is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...

Vulnerabilities in RealNetworks Helix Server Could Allow Arbitrary Script Execution

Executive Summary Microsoft is providing notification of the discovery and remediation of multiple vulnerabilities affecting RealNetworks Helix Server software version 14.2.0.212 and earlier. Microsoft discovered and disclosed these vulnerabilities under coordinated vulnerability disclosure to th...

Joomla! Plugin Beatz 1.1 - Multiple Cross-Site Scripting Vulnerabilities

Joomla! Plugin Beatz 1.1 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/53030/info Joomla! Beatz Plugin is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker could leverage these...

Joomla! Plugin Beatz 1.1 - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/53030/info Joomla! Beatz Plugin is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker could leverage these issues to execute arbitrary script code in the browser of an unsuspecting...

WordPress Plugin All-in-One Event Calendar 1.4 - &#039;box_publish_button.php?button_value&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/52986/info All-in-One Event Calendar plugin for WordPress is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the...

WordPress Plugin All-in-One Event Calendar 1.4 - agenda-widget-form.php?title Cross-Site Scripting

WordPress Plugin All-in-One Event Calendar 1.4 - agenda-widget-form.php?title Cross-Site Scripting source: https://www.securityfocus.com/bid/52986/info All-in-One Event Calendar plugin for WordPress is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize...

Arbor Networks Peakflow SP 3.6.1 - index Cross-Site Scripting

Arbor Networks Peakflow SP 3.6.1 - index Cross-Site Scripting source: https://www.securityfocus.com/bid/52881/info Peakflow SP is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in...

McAfee WebShield UI ProcessTextFile bodyStyle Parameter XSS (SB10020)

The version of WebShield UI hosted on the remote web server has a reflected cross-site scripting vulnerability. Input to the 'bodyStyle' parameter of ProcessTextFiles is not properly sanitized. A remote attacker could exploit this by tricking a user into requesting a maliciously crafted URL,...

CVE-2011-5084

Cross-site scripting XSS vulnerability in Movable Type 4.x before 4.36 and 5.x before 5.05 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

JBMC Software DirectAdmin 1.403 - domain Cross-Site Scripting

JBMC Software DirectAdmin 1.403 - domain Cross-Site Scripting source: https://www.securityfocus.com/bid/52845/info DirectAdmin is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in...

ManageEngine Firewall Analyzer 7.2 - fwmindex.do?url Cross-Site Scripting

ManageEngine Firewall Analyzer 7.2 - fwmindex.do?url Cross-Site Scripting source: https://www.securityfocus.com/bid/52841/info Firewall Analyzer is prone to multiple cross-site scripting vulnerabilities because it fails to sanitize user-supplied input. An attacker may leverage these issues to...