WordPress Plugin WP Ajax Recent Posts 1.0.1 - 'do' Cross-Site Scripting

source: https://www.securityfocus.com/bid/47579/info The WP Ajax Recent Posts WordPress Plugin is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

Collaborative Passwords Manager (cPassMan) 'path' Local File Inclusion Vulnerability

Collaborative Passwords Manager cPassMan is prone to local file inclusion vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

WordPress Plugin WP Ajax Recent Posts 1.0.1 - do Cross-Site Scripting

WordPress Plugin WP Ajax Recent Posts 1.0.1 - do Cross-Site Scripting source: https://www.securityfocus.com/bid/47579/info The WP Ajax Recent Posts WordPress Plugin is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage...

html-edit CMS 3.1.x - 'html_output' Cross-Site Scripting

source: https://www.securityfocus.com/bid/47576/info html-edit CMS is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...

Dolibarr ERPCRM 3.0 - Local File Inclusion Cross-Site Scripting

Dolibarr ERPCRM 3.0 - Local File Inclusion Cross-Site Scripting source: https://www.securityfocus.com/bid/47542/info Dolibarr is prone to a local file-include vulnerability and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit...

Automagick Tube Script 1.4.4 - 'module' Cross-Site Scripting

source: https://www.securityfocus.com/bid/47519/info Automagick Tube Script is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in...

webSPELL 4.2.2a - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/47500/info webSPELL is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...

Oracle JD Edwards EnterpriseOne 8.9x Tools Web Runtime SEC - jdeMafletClose.mafService?RENDER_MAFLET Cross-Site Scripting

Oracle JD Edwards EnterpriseOne 8.9x Tools Web Runtime SEC - jdeMafletClose.mafService?RENDERMAFLET Cross-Site Scripting source: https://www.securityfocus.com/bid/47479/info Oracle JD Edwards EnterpriseOne is prone to multiple cross-site scripting vulnerabilities. An attacker may leverage these...

Oracle JD Edwards EnterpriseOne 8.9x Tools Web Runtime SEC - '/jde/E1Menu_OCL.mafService?e1.namespace' Cross-Site Scripting

source: https://www.securityfocus.com/bid/47479/info Oracle JD Edwards EnterpriseOne is prone to multiple cross-site scripting vulnerabilities. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This m...

webSPELL 4.2.2a - Multiple Cross-Site Scripting Vulnerabilities

webSPELL 4.2.2a - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/47500/info webSPELL is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute...

Oracle JD Edwards EnterpriseOne 8.9x Tools Web Runtime SEC - '/jde/E1Menu_Menu.mafService?e1.namespace' Cross-Site Scripting

source: https://www.securityfocus.com/bid/47479/info Oracle JD Edwards EnterpriseOne is prone to multiple cross-site scripting vulnerabilities. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This m...

Cross site scripting

Cross-site scripting XSS vulnerability in webdesktop/app in the BlackBerry Web Desktop Manager component in Research In Motion RIM BlackBerry Enterprise Server BES software before 5.0.2 MR5 and 5.0.3 before MR1, and BlackBerry Enterprise Server Express software 5.0.1 and 5.0.2, allows remote...

ChillyCMS 1.2.1 - Multiple Remote File Inclusions

ChillyCMS 1.2.1 - Multiple Remote File Inclusions source: https://www.securityfocus.com/bid/47395/info chillyCMS is prone to multiple remote file-include vulnerabilities because the application fails to sufficiently sanitize user-supplied input. Exploiting these issues may allow a remote attacker...

ChillyCMS 1.2.1 - Multiple Remote File Inclusions

source: https://www.securityfocus.com/bid/47395/info chillyCMS is prone to multiple remote file-include vulnerabilities because the application fails to sufficiently sanitize user-supplied input. Exploiting these issues may allow a remote attacker to obtain sensitive information or to execute...

Technicolor THOMSON TG585v7 Wireless Router - url Cross-Site Scripting

Technicolor THOMSON TG585v7 Wireless Router - url Cross-Site Scripting source: https://www.securityfocus.com/bid/47390/info Technicolor THOMSON TG585v7 Wireless Router is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. Attacker...

Technicolor THOMSON TG585v7 Wireless Router - 'url' Cross-Site Scripting

source: https://www.securityfocus.com/bid/47390/info Technicolor THOMSON TG585v7 Wireless Router is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. Attackers may exploit this issue by enticing victims into visiting a malicious...

Qianbo Enterprise Web Site Management System - 'Keyword' Cross-Site Scripting

source: https://www.securityfocus.com/bid/47375/info Qianbo Enterprise Web Site Management System is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of a...

Plogger 1.0 RC1 - 'gallery_name' Cross-Site Scripting

source: https://www.securityfocus.com/bid/47329/info Plogger is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of...

CVE-2011-1662

Cross-site scripting XSS vulnerability in Translation Management module 6.x before 6.x-1.21 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Password Vault Web Access vulnerable to cross-site scripting

Overview Password Vault Web Access PVWA provided by Cyber-Ark Software, Ltd. contains a cross-site scripting vulnerability. Password Vault Web Access PVWA is a module in the Privileged Identity Management Suite that allows access via a web portal. PVWA contains a cross-site scripting vulnerabilit...