7610 matches found
WordPress Plugin Feature Slideshow 1.0.6 - src Cross-Site Scripting
WordPress Plugin Feature Slideshow 1.0.6 - src Cross-Site Scripting source: https://www.securityfocus.com/bid/46004/info The Feature Slideshow Plugin for WordPress is prone to a cross-site-scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage...
WordPress Plugin RSS Feed Reader 0.1 - rss_url Cross-Site Scripting
WordPress Plugin RSS Feed Reader 0.1 - rssurl Cross-Site Scripting source: https://www.securityfocus.com/bid/45997/info The RSS Feed Reader WordPress Plugin is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this...
WordPress Plugin WP Featured Post with Thumbnail 3.0 - 'src' Cross-Site Scripting
source: https://www.securityfocus.com/bid/45998/info The WP Featured Post with Thumbnail Plugin for WordPress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...
WordPress Plugin RSS Feed Reader 0.1 - 'rss_url' Cross-Site Scripting
source: https://www.securityfocus.com/bid/45997/info The RSS Feed Reader WordPress Plugin is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Seo Panel 2.2.0 allow remote attackers to inject arbitrary web script or HTML via the 1 defaultnews or 2 sponsors cookies, which are not properly handled by a controllers/index.ctrl.php or b controllers/settings.ctrl.php...
Fisheye Multiple Vulnerabilities
Fisheye and Crucible are prone to cross-site scripting, security- bypass, and information-disclosure vulnerabilities. Attackers can exploit these issues to execute arbitrary script code in the context of the website, steal cookie-based authentication information, disclose sensitive information, o...
Atlassian Fisheye < 2.4.4Multiple Vulnerabilities
Fisheye and Crucible are prone to cross-site scripting, security- bypass, and information disclosure vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
WordPress < 3.0.4 KSES Library XSS Vulnerability - Active Check
WordPress is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Joostina 1.3 - 'index.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/45732/info Joostina is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of t...
Ignition 'comment.php' Local File Include Vulnerability
Ignition is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
Joomla! 1.0.x - ordering Cross-Site Scripting
Joomla! 1.0.x - ordering Cross-Site Scripting source: https://www.securityfocus.com/bid/45679/info The Joomla! Search component is prone to a cross-site-scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute...
Sahana Agasti Multiple Remote File Include Vulnerabilities
Sahana Agasti is prone to multiple remote file-include vulnerabilities because the application fails to sufficiently sanitize user-supplied input. Exploiting these issues may allow a remote attacker to obtain sensitive information or to execute arbitrary script code in the context of the webserve...
Sahana Agasti Multiple Remote File Include Vulnerabilities
Sahana Agasti is prone to multiple remote file-include vulnerabilities because the application fails to sufficiently sanitize user-supplied input. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective...
PHPB2B 4.1 - 'q' Cross-Site Scripting
source: https://www.securityfocus.com/bid/51221/info PHPB2B is prone to a cross-site-scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the...
Cross site scripting
Cross-site scripting XSS vulnerability in the lztrackingsetsessid function in templates/jscript/jstrack.tpl in LiveZilla 3.2.0.2 allows remote attackers to inject arbitrary web script or HTML via the livezilla parameter in a track action to server.php...
WordPress Register Plus Plugin Multiple Vulnerabilities
WordPress Register Plus Plugin is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Appweb Web Server 3.2.2-1 - Cross-Site Scripting
Appweb Web Server 3.2.2-1 - Cross-Site Scripting source: https://www.securityfocus.com/bid/45568/info Appweb is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...
CVE-2010-4114
Cross-site scripting XSS vulnerability in HP Discovery & Dependency Mapping Inventory DDMI 2.5x, 7.5x, and 7.6x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
WordPress Plugin Accept Signups 0.1 - email Cross-Site Scripting
WordPress Plugin Accept Signups 0.1 - email Cross-Site Scripting source: https://www.securityfocus.com/bid/45548/info The Accept Signups Plugin for WordPress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this...
Calibre 0.7.34 - Cross-Site Scripting / Directory Traversal
source: https://www.securityfocus.com/bid/45532/info Calibre is prone to a cross-site scripting vulnerability and a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting these issues will allow an attacker to execute arbitrary script code in t...