project-open 3.4.x - account-closed.tcl Cross-Site Scripting

project-open 3.4.x - account-closed.tcl Cross-Site Scripting source: https://www.securityfocus.com/bid/51842/info project-open is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary...

Cross site scripting

Cross-site scripting XSS vulnerability in admin/EditForm in SilverStripe 2.4.6 allows remote authenticated users with Content Authors privileges to inject arbitrary web script or HTML via the Title parameter. NOTE: some of these details are obtained from third party information...

GForge 5.7.1 - Multiple Cross-Site Scripting Vulnerabilities

GForge 5.7.1 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/51799/info GForge is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to execu...

iknSupport search Module - Cross-Site Scripting

iknSupport search Module - Cross-Site Scripting source: https://www.securityfocus.com/bid/51803/info iknSupport is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...

Joomla! Component Currency Converter 1.0.0 - from Cross-Site Scripting

Joomla! Component Currency Converter 1.0.0 - from Cross-Site Scripting source: https://www.securityfocus.com/bid/51804/info The Currency Converter component for Joomla! is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may...

GForge 5.7.1 - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/51799/info GForge is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to execute arbitrary script on the affected server and steal...

iknSupport 'search' Module - Cross-Site Scripting

source: https://www.securityfocus.com/bid/51803/info iknSupport is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of...

phpLDAPadmin 1.2.0.5-2 - server_id Cross-Site Scripting

phpLDAPadmin 1.2.0.5-2 - serverid Cross-Site Scripting source: https://www.securityfocus.com/bid/51794/info phpLDAPadmin is prone to cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script co...

phpLDAPadmin 1.2.0.5-2 - 'server_id' Cross-Site Scripting

source: https://www.securityfocus.com/bid/51794/info phpLDAPadmin is prone to cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the contex...

4Images 1.7.10 - admincategories.php?cat_parent_id Cross-Site Scripting

4Images 1.7.10 - admincategories.php?catparentid Cross-Site Scripting source: https://www.securityfocus.com/bid/51774/info 4images is prone to multiple input-validation vulnerabilities including: 1. A cross-site scripting vulnerability. 2. An open-redirection vulnerability. 3. An SQL-injection...

4Images 1.7.10 - '/admin/categories.php?cat_parent_id' Cross-Site Scripting

source: https://www.securityfocus.com/bid/51774/info 4images is prone to multiple input-validation vulnerabilities including: 1. A cross-site scripting vulnerability. 2. An open-redirection vulnerability. 3. An SQL-injection vulnerability. An attacker may leverage these issues to perform spoofing...

4Images 1.7.10 - admincategories.php?cat_parent_id SQL Injection

4Images 1.7.10 - admincategories.php?catparentid SQL Injection source: https://www.securityfocus.com/bid/51774/info 4images is prone to multiple input-validation vulnerabilities including: 1. A cross-site scripting vulnerability. 2. An open-redirection vulnerability. 3. An SQL-injection...

CVE-2011-5074

Multiple cross-site request forgery CSRF vulnerabilities in Support Incident Tracker aka SiT! before 3.65 allow remote attackers to hijack the authentication of administrators for requests that change administrator email, add a new administrator, or insert arbitrary script via 1 userprofileedit.p...

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in Support Incident Tracker aka SiT! before 3.65 allow remote attackers to hijack the authentication of administrators for requests that change administrator email, add a new administrator, or insert arbitrary script via 1 userprofileedit.p...

Cisco Collaboration Server 'LoginPage.jhtml' Cross Site Scripting Vulnerability

Cisco Collaboration Server is prone to a cross-site scripting vulnerability because it fails to properly sanitize user- supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow t...

WordPress Plugin Slideshow Gallery 1.1.x - border Cross-Site Scripting

WordPress Plugin Slideshow Gallery 1.1.x - border Cross-Site Scripting source: https://www.securityfocus.com/bid/51678/info Slideshow Gallery for WordPress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this iss...

WordPress Plugin Slideshow Gallery 1.1.x - 'border' Cross-Site Scripting

source: https://www.securityfocus.com/bid/51678/info Slideshow Gallery for WordPress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting...

WordPress Plugin YouSayToo auto-publishing 1.0 - 'submit' Cross-Site Scripting

source: https://www.securityfocus.com/bid/51649/info YouSayToo auto-publishing for WordPress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

glucose 2 vulnerable to arbitrary script execution

Overview glucose 2 is vulnerable to arbitrary script execution. glucose 2 is an RSS reader. glucose 2 is vulnerable to arbitrary script execution which is inserted in RSS feed, due to the improper processing of RSS feed output. Daiki Fukumori of Cyber Defense Institute, Inc. reported this...

JVN#65869891: glucose 2 vulnerable to arbitrary script execution

glucose 2 is an RSS reader. glucose 2 is vulnerable to arbitrary script execution which is inserted in RSS feed, due to the improper processing of RSS feed output. Impact An arbitrary script may be executed on the vulnerable system. Solution Update the software Update to the latest version...