AdaptBB 1.0 - 'q' Cross-Site Scripting

source: https://www.securityfocus.com/bid/42930/info AdaptBB is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of...

Eclipse BIRT 2.2.1 - 'run?__report' Cross-Site Scripting

source: https://www.securityfocus.com/bid/36674/info Eclipse BIRT Business Intelligence and Reporting Tools is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the brows...

Zainu 1.0 - searchSongKeyword Cross-Site Scripting

Zainu 1.0 - searchSongKeyword Cross-Site Scripting source: https://www.securityfocus.com/bid/36701/info Zainu is prone to a cross-site scripting vulnerability in the Contact module because the application fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to...

OpenSolution Quick.Cart - Local File Inclusion Cross-Site Scripting

OpenSolution Quick.Cart - Local File Inclusion Cross-Site Scripting source: https://www.securityfocus.com/bid/42182/info Quick.Cart is prone to multiple local file-include vulnerabilities and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attack...

OpenSolution Quick.Cart - Local File Inclusion / Cross-Site Scripting

source: https://www.securityfocus.com/bid/42182/info Quick.Cart is prone to multiple local file-include vulnerabilities and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit the local file-include vulnerability using...

Palm WebOS 1.01.1 - Email Arbitrary Script Injection

Palm WebOS 1.01.1 - Email Arbitrary Script Injection source: https://www.securityfocus.com/bid/36592/info Palm WebOS is prone to an arbitrary-script-injection vulnerability because the integrated email application fails to properly sanitize user-supplied input. An attacker can exploit this issue ...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in CMSphp 0.21 allow remote attackers to inject arbitrary web script or HTML via the 1 cookuser parameter to index.php and the 2 name parameter to modules.php...

Activedition - '/activedition/aelogin.asp' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/42164/info Activedition is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in t...

Opera Multiple Cross-Site Scripting Vulnerabilities (Sep 2009) - Linux

Opera is prone to multiple Cross-Site Scripting vulnerabilities. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Check Point Connectra R62 - LoginLogin Arbitrary Script Injection

Check Point Connectra R62 - LoginLogin Arbitrary Script Injection source: https://www.securityfocus.com/bid/36466/info Check Point Connectra is prone to an arbitrary-script-injection vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to...

Check Point Connectra R62 - '/Login/Login' Arbitrary Script Injection

source: https://www.securityfocus.com/bid/36466/info Check Point Connectra is prone to an arbitrary-script-injection vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to execute arbitrary script code in the context of the webserver...

Cross-site scripting vulnerability in multiple phpspot products

Overview Multiple products provided by phpspot contain a cross-site scripting vulnerablility. Multiple products BBS Software etc. provided by phpspot contain a cross-site scripting vulnerablility. Takayoshi Isayama of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Stiva Forum 1.0 allow remote attackers to inject arbitrary web script or HTML via the id parameter to 1 demo.php and 2 forum.php, and the PATHINFO to 3 includeforum.php...

RSSMediaScript - index.php Cross-Site Scripting

RSSMediaScript - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/42421/info RSSMediaScript is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in t...

PaoBacheca 2.1 - scrivi.php URI Cross-Site Scripting

PaoBacheca 2.1 - scrivi.php URI Cross-Site Scripting source: https://www.securityfocus.com/bid/42423/info PaoBacheca is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary scri...

TuttoPHP Morris Guestbook - 'view.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/36415/info Morris Guestbook is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...

CVE-2009-2947

Cross-site scripting XSS vulnerability in Xapian Omega before 1.0.16 allows remote attackers to inject arbitrary web script or HTML via unspecified CGI parameter values, which are sometimes included in exception messages...

SZNews 2.7 - printnews.php3 Remote File Inclusion

SZNews 2.7 - printnews.php3 Remote File Inclusion source: https://www.securityfocus.com/bid/42974/info SZNews is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive...

Datemill - photo_view.php?return Cross-Site Scripting

Datemill - photoview.php?return Cross-Site Scripting source: https://www.securityfocus.com/bid/42896/info Datemill is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script...

CVE-2009-3114

The RSS reader widget in IBM Lotus Notes 8.0 and 8.5 saves items from an RSS feed as local HTML documents, which allows remote attackers to execute arbitrary script in Internet Explorer's Local Machine Zone via a crafted feed, aka SPR RGAU7RDJ9K...