Clixint Technologies DPI - Cross-Site Scripting

source: https://www.securityfocus.com/bid/41986/info DPI is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the...

Firefox Sage extension RSS feeds cross-domain scripting vulnerability-vulnerability warning-the black bar safety net

Affected version: Mozilla Sage 1.4.3 vulnerability description: BUGTRAQ ID: 3 7 1 2 0 CVECAN ID: CVE-2 0 0 9-4 1 0 2 Sage is a Firefox the use of lightweight RSS and Atom aggregator Controller extension. Sage does not correctly filter the RSS feeds in the description tag input will be used to...

phpMyFAQ <= 2.5.4 Multiple Unspecified XSS Vulnerabilities

phpMyFAQ is prone to multiple cross-site scripting XSS vulnerabilities. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

phpMyFAQ 2.5.4 and Prior Multiple Unspecified Cross Site Scripting Vulnerabilities

phpMyFAQ is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may...

Apache Tomcat v3.2.1 404 Error Page Cross Site Scripting Vulnerability

No description provided by source. Apache Tomcat is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected...

Joomla ProofReader Component 1.0 RC6 Cross-Site Scripting Vulnerability

Exploit for unknown platform in category web applications ======================================================================= Joomla ProofReader Component 1.0 RC6 Cross-Site Scripting Vulnerability ======================================================================= The Joomla! ProofReader...

phpMyFAQ &lt; 2.5.4 - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/37180/info phpMyFAQ is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting...

SmartMedia Module 0.85 Beta for XOOPS - categoryId Cross-Site Scripting

SmartMedia Module 0.85 Beta for XOOPS - categoryId Cross-Site Scripting source: https://www.securityfocus.com/bid/37156/info The SmartMedia module for XOOPS is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this...

WordPress WP-PHPList Plugin 2.10.2 - Cross-Site Scripting Vulnerability

WP-PHPList plugin is prone to a cross-site scripting vulnerability. Application fails to properly clean up user-supplied input. An attacker may execute arbitrary script code in the browser of an user in the context of the affected site. In this way the attacker can steal cookie-based authenticati...

WordPress Plugin WP-phpList 2.10.2 - &#039;unsubscribeemail&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/37096/info The WP-PHPList plugin for WordPress is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of ...

WordPress Plugin Firestats 1.0.2 - Multiple Cross-Site Scripting Authentication Bypass Vulnerabilities (1)

WordPress Plugin Firestats 1.0.2 - Multiple Cross-Site Scripting Authentication Bypass Vulnerabilities 1 source: https://www.securityfocus.com/bid/37099/info The FireStats plugin for WordPress is prone to multiple cross-site scripting vulnerabilities and an authentication-bypass vulnerability. An...

WordPress Plugin Firestats 1.0.2 - Multiple Cross-Site Scripting Authentication Bypass Vulnerabilities (2)

WordPress Plugin Firestats 1.0.2 - Multiple Cross-Site Scripting Authentication Bypass Vulnerabilities 2 source: https://www.securityfocus.com/bid/37099/info The FireStats plugin for WordPress is prone to multiple cross-site scripting vulnerabilities and an authentication-bypass vulnerability. An...

WordPress Plugin Firestats 1.0.2 - Multiple Cross-Site Scripting / Authentication Bypass Vulnerabilities (2)

source: https://www.securityfocus.com/bid/37099/info The FireStats plugin for WordPress is prone to multiple cross-site scripting vulnerabilities and an authentication-bypass vulnerability. An attacker may leverage these issues to gain unauthorized access to the affected application and execute...

CVE-2009-4047

Multiple cross-site scripting XSS vulnerabilities in PHD Help Desk 1.43 allow remote attackers to inject arbitrary web script or HTML via 1 the PATHINFO to area.php; the 2 pagina, 3 sentido, 4 qregistros, and 5 orden parameters to area.php; 6 the qregistros parameter to solicdisplay.php; 7 the...

JVN#01245481 Redmine vulnerable to cross-site scripting

Redmine is a project management software. Redmine contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. As a result, cookie information may be leaked and could lead to session hijacking or user impersonation. Solution Update the...

CUPS - kerberos Cross-Site Scripting

CUPS - kerberos Cross-Site Scripting Attackers can exploit this issue by enticing an unsuspecting victim into following a malicious URI. The following example URI is available: http://www.example.com/admin/?kerberos=onmouseover=alert source: https://www.securityfocus.com/bid/36958/info CUPS is...

CuteNews 1.4.6 - from_date_day Full Path Disclosure

CuteNews 1.4.6 - fromdateday Full Path Disclosure source: https://www.securityfocus.com/bid/36971/info CuteNews and UTF-8 CuteNews are prone to multiple vulnerabilities, including cross-site scripting, HTML-injection, information-disclosure, arbitrary-script-injection, and security-bypass issues...

CuteNews 1.4.6 - search.php Multiple Cross-Site Scripting Vulnerabilities

CuteNews 1.4.6 - search.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/36971/info CuteNews and UTF-8 CuteNews are prone to multiple vulnerabilities, including cross-site scripting, HTML-injection, information-disclosure, arbitrary-script-injection, and...

CuteNews 1.4.6 - &#039;result&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/36971/info CuteNews and UTF-8 CuteNews are prone to multiple vulnerabilities, including cross-site scripting, HTML-injection, information-disclosure, arbitrary-script-injection, and security-bypass issues. Note that exploits for some of the issues may...

CuteNews 1.4.6 - index.php Multiple Cross-Site Scripting Vulnerabilities

CuteNews 1.4.6 - index.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/36971/info CuteNews and UTF-8 CuteNews are prone to multiple vulnerabilities, including cross-site scripting, HTML-injection, information-disclosure, arbitrary-script-injection, and...