RazorCMS 0.3RC2 - Multiple Vulnerabilities

RazorCMS 0.3RC2 - Multiple Vulnerabilities source: https://www.securityfocus.com/bid/34566/info razorCMS is prone to a local information-disclosure vulnerability, a local access-validation vulnerability, a security-bypass vulnerability, and multiple cross-site-scripting vulnerabilities. Attackers...

Novell Teaming 1.0 - User Enumeration Multiple Cross-Site Scripting Vulnerabilities

Novell Teaming 1.0 - User Enumeration Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/34531/info Novell Teaming is prone to a user-enumeration weakness and multiple cross-site scripting vulnerabilities. A remote attacker can exploit the user-enumeration...

Microsoft ISA Server and Forefront Threat Management Gateway Cross-Site Scripting Vulnerability

Description Microsoft ISA Internet Security and Acceleration Server and Forefront Threat Management Gateway TMG are prone to a cross-site scripting vulnerability because the software fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script co...

Banshee 1.4.2 DAAP Extension - appswebvs_diag.cgi Cross-Site Scripting

Banshee 1.4.2 DAAP Extension - appswebvsdiag.cgi Cross-Site Scripting source: https://www.securityfocus.com/bid/34507/info Banshee DAAP Extension is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to...

Banshee 1.4.2 DAAP Extension - '/apps/web/vs_diag.cgi' Cross-Site Scripting

source: https://www.securityfocus.com/bid/34507/info Banshee DAAP Extension is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in th...

MoziloCMS Local File Include and Cross Site Scripting Vulnerabilities

MoziloCMS is prone to a local file-include vulnerability and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit the local file-include vulnerability using directory-traversal strings to view and execute local files within the...

MoziloCMS Local File Include and Cross Site Scripting Vulnerabilities

MoziloCMS is prone to a local file-include vulnerability and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

LinPHA 1.3.2/1.3.3 new_images.php XSS

LinPHA 1.3.2/1.3.3 newimages.php XSS. CVE-2008-6571. Webapps exploit for php platform source: http://www.securityfocus.com/bid/34500/info LinPHA is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input data. Attackers can leverage the...

PPLive Multiple Argument Injection Vulnerabilities

This host has PPLive installed and is prone to multiple argument injection vulnerabilities. OpenVAS Vulnerability Test $Id: secpodpplivecodeexevuln.nasl 5122 2017-01-27 12:16:00Z teissa $ PPLive Multiple Argument Injection Vulnerabilities Authors: Nikita MR Copyright: Copyright c 2009 SecPod,...

Turnkey eBook Store 1.1 - 'keywords' Cross-Site Scripting

source: https://www.securityfocus.com/bid/34324/info Turnkey eBook Store is prone to a cross-site scripting vulnerability. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site and to steal cookie-based...

Sun Java System Calendar Server 6 - 'command.shtml' Cross-Site Scripting

source: https://www.securityfocus.com/bid/34153/info Sun Java System Calendar Server is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspectin...

Turnkey eBook Store 1.1 - keywords Cross-Site Scripting

Turnkey eBook Store 1.1 - keywords Cross-Site Scripting source: https://www.securityfocus.com/bid/34324/info Turnkey eBook Store is prone to a cross-site scripting vulnerability. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...

CVE-2009-1081

Multiple cross-site scripting XSS vulnerabilities in Sun Java System Identity Manager IdM 7.0 through 8.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug IDs 19595 and 19661...

Imera TeamLinks ImeraIEPlugin.dll ActiveX Control DoS Vulnerability

This host is installed with Imera ImeraIEPlugin ActiveX and is prone to denial of service vulnerability. OpenVAS Vulnerability Test $Id: secpodimeraiepluginactvxctrlvuln.nasl 5369 2017-02-20 14:48:07Z cfi $ Imera TeamLinks ImeraIEPlugin.dll ActiveX Control DoS Vulnerability Authors: Nikita MR...

BitDefender Internet Security 2009 XSS Vulnerability

BitDefender Internet Security is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescripti...

Sun Java System Messenger Express 6.3-0.15 - 'error' Cross-Site Scripting

source: https://www.securityfocus.com/bid/34140/info Sun Java System Messenger Express is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in login.php in webshell4 in Parallels H-Sphere 3.0.0 P9 and 3.1 P1 allow remote attackers to inject arbitrary web script or HTML via the 1 err, 2 errorcode, and 3 login parameters...

CVE-2008-6448

Cross-site scripting XSS vulnerability in install.cgi in SKYARC System MTCMS WYSIWYG Editor allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Cross site scripting

Cross-site scripting XSS vulnerability in install.cgi in SKYARC System MTCMS WYSIWYG Editor allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Novaboard 1.0 - HTML Injection / Cross-Site Scripting

source: https://www.securityfocus.com/bid/33968/info NovaBoard is prone to an HTML-injection vulnerability and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage the issues to execute arbitrary script code in the browser of an...