CuteNews 1.4.6 - result Cross-Site Scripting

CuteNews 1.4.6 - result Cross-Site Scripting source: https://www.securityfocus.com/bid/36971/info CuteNews and UTF-8 CuteNews are prone to multiple vulnerabilities, including cross-site scripting, HTML-injection, information-disclosure, arbitrary-script-injection, and security-bypass issues. Note...

CuteNews 1.4.6 - 'search.php' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/36971/info CuteNews and UTF-8 CuteNews are prone to multiple vulnerabilities, including cross-site scripting, HTML-injection, information-disclosure, arbitrary-script-injection, and security-bypass issues. Note that exploits for some of the issues may...

CuteNews 1.4.6 - 'from_date_day' Full Path Disclosure

source: https://www.securityfocus.com/bid/36971/info CuteNews and UTF-8 CuteNews are prone to multiple vulnerabilities, including cross-site scripting, HTML-injection, information-disclosure, arbitrary-script-injection, and security-bypass issues. Note that exploits for some of the issues may...

CuteNews 1.4.6 editnews Module - doeditnews Action Admin Moderation Bypass

CuteNews 1.4.6 editnews Module - doeditnews Action Admin Moderation Bypass source: https://www.securityfocus.com/bid/36971/info CuteNews and UTF-8 CuteNews are prone to multiple vulnerabilities, including cross-site scripting, HTML-injection, information-disclosure, arbitrary-script-injection, an...

CuteNews 1.4.6 - index.php Cross-Site Request Forgery (New User Creation)

CuteNews 1.4.6 - index.php Cross-Site Request Forgery New User Creation source: https://www.securityfocus.com/bid/36971/info CuteNews and UTF-8 CuteNews are prone to multiple vulnerabilities, including cross-site scripting, HTML-injection, information-disclosure, arbitrary-script-injection, and...

CuteNews 1.4.6 editnews Module - doeditnews Action Admin Moderation Bypass

source: https://www.securityfocus.com/bid/36971/info CuteNews and UTF-8 CuteNews are prone to multiple vulnerabilities, including cross-site scripting, HTML-injection, information-disclosure, arbitrary-script-injection, and security-bypass issues. Note that exploits for some of the issues may...

CuteNews 1.4.6 - 'index.php' Cross-Site Request Forgery (New User Creation)

source: https://www.securityfocus.com/bid/36971/info CuteNews and UTF-8 CuteNews are prone to multiple vulnerabilities, including cross-site scripting, HTML-injection, information-disclosure, arbitrary-script-injection, and security-bypass issues. Note that exploits for some of the issues may...

CuteNews 1.4.6 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/36971/info CuteNews and UTF-8 CuteNews are prone to multiple vulnerabilities, including cross-site scripting, HTML-injection, information-disclosure, arbitrary-script-injection, and security-bypass issues. Note that exploits for some of the issues may...

Mahara Multiple Vulnerabilities (Nov 2009)

Mahara is prone to a security bypass and cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Stratek Web Design Twilight CMS 4.0 - calendar Cross-Site Scripting

Stratek Web Design Twilight CMS 4.0 - calendar Cross-Site Scripting source: https://www.securityfocus.com/bid/41895/info Twilight CMS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrar...

Stratek Web Design Twilight CMS 4.0 - 'calendar' Cross-Site Scripting

source: https://www.securityfocus.com/bid/41895/info Twilight CMS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context ...

TFTgallery 0.13 - sample Cross-Site Scripting

TFTgallery 0.13 - sample Cross-Site Scripting source: https://www.securityfocus.com/bid/36898/info TFTgallery is prone to a cross-site scripting vulnerability because the application fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary scrip...

TFTgallery 'album' Parameter Cross Site Scripting Vulnerability

TFTgallery is prone to a cross-site scripting vulnerability because the application fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the...

Wowd - 'index.html' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/42327/info Wowd search client is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting use...

Piwigo 2.0 - comments.php Multiple Cross-Site Scripting Vulnerabilities

Piwigo 2.0 - comments.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/41897/info Piwigo is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. An attacker may leverage these issues to...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in sample code in the XenServer Resource Kit in Citrix XenCenterWeb allow remote attackers to inject arbitrary web script or HTML via the 1 username parameter to config/edituser.php; 2 location, 3 sessionid, and 4 vmname parameters to console.php;...

Canon IT Solutions Inc. ACCESSGUARDIAN vulnerable to cross-site scripting

Overview Canon IT Solutions Inc. ACCESSGUARDIAN contains a cross-site scripting vulnerability. Canon IT Solutions Inc. ACCESSGUARDIAN is a web security gateway. ACCESSGUARDIAN contains a cross-site scripting vulnerability. Ohji Kashiwazaki of GLOBAL SECURITY EXPERTS Inc. reported this vulnerabili...

Amiro.CMS 5.4 - Multiple Input Validation Vulnerabilities

Amiro.CMS 5.4 - Multiple Input Validation Vulnerabilities source: https://www.securityfocus.com/bid/42430/info Amiro.CMS is prone to multiple input-validation vulnerabilities including multiple cross-site scripting issues, an HTML-injection issue, and an information-disclosure issue. An attacker...

CVE-2009-3719

Cross-site scripting XSS vulnerability in comment.asp in Battle Blog 1.25 and 1.30 build 2 allows remote attackers to inject arbitrary web script or HTML via a comment...

Skybluecanvas 1.1 r237 - admin.php Multiple Cross-Site Scripting Vulnerabilities

Skybluecanvas 1.1 r237 - admin.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/44225/info SkyBlueCanvas is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these...