7610 matches found
PowerEasy 2006 - 'ComeUrl' Cross-Site Scripting
source: https://www.securityfocus.com/bid/39696/info PowerEasy is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context ...
vBulletin Two-Step External Link Module - externalredirect.php Cross-Site Scripting
vBulletin Two-Step External Link Module - externalredirect.php Cross-Site Scripting source: https://www.securityfocus.com/bid/39597/info Two-Step External Link module for vBulletin is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied...
Atlassian JIRA 500page.jsp Referer XSS
"The Atlassian JIRA installation hosted on the remote web server is affected by a cross-site scripting XSS vulnerability in the 500page.jsp file due to an HTTP 'referer' field not being properly sanitized before being displayed in the page. A remote attacker can exploit this, by tricking a user...
Kleophatra CMS 0.1.1 - 'module' Cross-Site Scripting
source: https://www.securityfocus.com/bid/39593/info Kleophatra CMS is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...
Ziggurat Farsi CMS - 'id' Cross-Site Scripting
source: https://www.securityfocus.com/bid/39311/info Ziggurat Farsi CMS is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...
Axon Virtual PBX 2.13 Multiple Remote Vulnerabilities
NCH Software Axon virtual PBX is prone to multiple remote vulnerabilities, including: - A cross-site scripting vulnerability. - A cross-site request forgery vulnerability. - An arbitrary file deletion vulnerability. - A directory traversal vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG...
Ziggurat Farsi CMS - id Cross-Site Scripting
Ziggurat Farsi CMS - id Cross-Site Scripting source: https://www.securityfocus.com/bid/39311/info Ziggurat Farsi CMS is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code ...
Zikula Application Framework 1.2.2 - 'ZLanguage.php?lang' Cross-Site Scripting
source: https://www.securityfocus.com/bid/39717/info Zikula Application Framework is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting...
PotatoNews 1.0.2 - nid Multiple Local File Inclusions
PotatoNews 1.0.2 - nid Multiple Local File Inclusions source: https://www.securityfocus.com/bid/39276/info PotatoNews is prone to multiple local file-include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these vulnerabilities to obtain...
Istgah For Centerhost - 'view_ad.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/39330/info Istgah for Centerhost is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...
Compiere vulnerable to cross-site scripting
Overview Compiere provided by Almas Inc. contains a cross-site scripting vulnerability. Compiere provided by Almas Inc. is an Enterprise Resource Planning ERP and Customer Relationship Management CRM software. Compiere contains a cross-site scripting vulnerability. This vulnerability is different...
PrettyFormMail vulnerable to cross-site scripting
Overview PrettyFormMail from PrettyBook contains a cross-site scripting vulnerability. PrettyFormMail from PrettyBook is a software that sends emails with contents that are input into a HTML form. PrettyFormMail contains a cross-site scripting vulnerability. Masako Ohono reported this vulnerabili...
JVN#41842181 PrettyFormMail vulnerable to cross-site scripting
PrettyFormMail from PrettyBook is a software that sends emails with contents that are input into a HTML form. PrettyFormMail contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Do not use PrettyFormMail As patches will not ...
Piwik 0.5.5 - 'form_url' Cross-Site Scripting
source: https://www.securityfocus.com/bid/39144/info Piwik is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of t...
Astaro Security Linux 5 - index.fpl Cross-Site Scripting
Astaro Security Linux 5 - index.fpl Cross-Site Scripting source: https://www.securityfocus.com/bid/38893/info Astaro Security Linux is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary...
vBulletin 4.0.2 - Search Cross-Site Scripting
vBulletin 4.0.2 - Search Cross-Site Scripting source: https://www.securityfocus.com/bid/38895/info vBulletin is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...
PHPWind 6.0 - Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/38867/info PHPWind is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting...
PHPWind 6.0 - Multiple Cross-Site Scripting Vulnerabilities
PHPWind 6.0 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/38867/info PHPWind is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execu...
(Multiple Products) - banner.swf Cross-Site Scripting
Multiple Products - banner.swf Cross-Site Scripting source: https://www.securityfocus.com/bid/38732/info Multiple products are prone to a cross-site scripting vulnerability because the applications fail to properly sanitize user-supplied input. An attacker may leverage this issue to execute...
Dojo Toolkit 1.4.1 - dijittests_testCommon.js?theme Cross-Site Scripting
Dojo Toolkit 1.4.1 - dijitteststestCommon.js?theme Cross-Site Scripting source: https://www.securityfocus.com/bid/38739/info Dojo is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execut...