LemonLDAP:NG 0.9.3.1 - User Enumeration Cross-Site Scripting

LemonLDAP:NG 0.9.3.1 - User Enumeration Cross-Site Scripting source: https://www.securityfocus.com/bid/33312/info LemonLDAP:NG is prone to a user-enumeration weakness and a cross-site scripting vulnerability. A remote attacker can exploit the user-enumeration weakness to enumerate valid usernames...

Cisco IOS cross-site scripting vulnerability

Overview The web-based interface implemented in Cisco IOS is vulnerable to cross-site scripting. Some versions of the Cisco IOS provide a web-based interface to configure the device. This web-based interface contains a cross-site scripting vulnerability. A wide range of versions are affected. If...

MKPortal 1.2.1 - modulesrsshandler_image.php?i Cross-Site Scripting

MKPortal 1.2.1 - modulesrsshandlerimage.php?i Cross-Site Scripting source: https://www.securityfocus.com/bid/33300/info MKPortal is prone to multiple security vulnerabilities, including SQL-injection, HTML-injection, cross-site scripting, arbitrary-file-upload, and insecure-temporary-file-creatio...

MKPortal 1.2.1 - '/modules/blog/index.php' Home Template Textarea SQL Injection

source: https://www.securityfocus.com/bid/33300/info MKPortal is prone to multiple security vulnerabilities, including SQL-injection, HTML-injection, cross-site scripting, arbitrary-file-upload, and insecure-temporary-file-creation vulnerabilities. Attackers can exploit these issues to execute...

Cisco IOS 12.x - HTTP Server Multiple Cross-Site Scripting Vulnerabilities

Cisco IOS 12.x - HTTP Server Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/33260/info Cisco IOS HTTP Server is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage...

Cisco IOS 12.x - HTTP Server Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/33260/info Cisco IOS HTTP Server is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecti...

MODx cross-site scripting vulnerability

Overview MODx, an open source contents management system, contains a cross-site scripting vulnerability. MODx, an open source contents management system, contains multiple cross-site scripting vulnerabilities. Gaku Mochizuki of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to...

MyNETS cross-site scripting vulnerability

Overview MyNETS, an open source SNS software, contains a cross-site scripting vulnerability. MyNETS from Usagi Project is an open source SNS Social Networking Service software. MyNETS contains a cross-site scripting vulnerability. Impact If a user views a specially crafted web page, an arbitrary...

JVN#71945722 Movable Type Enterprise cross-site scripting vulnerability

Movable Type Enterprise, a web log system from Six Apart KK for business users, contains a cross-site scripting vulnerability. This vulnerability is different from JVN02216739. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the latest...

Openfire 3.6.2 - 'group-summary.jsp' Cross-Site Scripting

source: https://www.securityfocus.com/bid/32937/info Openfire is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...

Plunet BusinessManager 4.1 - pagesUTF8Sys_DirAnzeige.jsp?Pfad Direct Request Information Disclosure

Plunet BusinessManager 4.1 - pagesUTF8SysDirAnzeige.jsp?Pfad Direct Request Information Disclosure source: https://www.securityfocus.com/bid/33153/info Plunet BusinessManager is prone to multiple security-bypass and HTML-injection vulnerabilities because it fails to properly sanitize user-supplie...

JVN#36802959 MyNETS cross-site scripting vulnerability

MyNETS from Usagi Project is an open source SNS Social Networking Service software. MyNETS contains a cross-site scripting vulnerability. Impact If a user views a specially crafted web page, an arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the...

Plunet BusinessManager 4.1 - 'pagesUTF8/Sys_DirAnzeige.jsp?Pfad' Direct Request Information Disclosure

source: https://www.securityfocus.com/bid/33153/info Plunet BusinessManager is prone to multiple security-bypass and HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of a...

KDE Konqueror 4.1 - Multiple Cross-Site Scripting / Denial of Service Vulnerabilities

source: https://www.securityfocus.com/bid/33085/info KDE Konqueror is prone to multiple cross-site scripting vulnerabilities and multiple denial-of-service vulnerabilities because the application fails to sufficiently sanitize user-supplied input. An attacker may leverage these issues to execute...

ViArt Shop 3.5 - manuals_search.php?manuals_search Cross-Site Scripting

ViArt Shop 3.5 - manualssearch.php?manualssearch Cross-Site Scripting source: https://www.securityfocus.com/bid/33043/info ViArt Shop is prone to multiple remote vulnerabilities: - Multiple cross-site scripting vulnerabilities - An information-disclosure vulnerability - An authentication-bypass...

ViArt Shop 3.5 - 'manuals_search.php?manuals_search' Cross-Site Scripting

source: https://www.securityfocus.com/bid/33043/info ViArt Shop is prone to multiple remote vulnerabilities: - Multiple cross-site scripting vulnerabilities - An information-disclosure vulnerability - An authentication-bypass vulnerability An attacker can exploit these issues to execute arbitrary...

COMTREND CT-536 / HG-536 Routers - Multiple Remote Vulnerabilities

source: https://www.securityfocus.com/bid/32975/info COMTREND CT-536 and HG-536 are prone to multiple remote vulnerabilities: - Multiple unauthorized-access vulnerabilities - An information-disclosure vulnerability - Multiple cross-site scripting vulnerabilities - A denial-of-service vulnerabilit...

PHPcksec 0.2 - PHPcksec.php Cross-Site Scripting

PHPcksec 0.2 - PHPcksec.php Cross-Site Scripting source: https://www.securityfocus.com/bid/32890/info The 'phpcksec' script is prone to a cross-site scripting vulnerability. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context ...

TWiki < 4.2.4 Multiple XSS / Command Execution Vulnerabilities

TWiki is prone to multiple cross-site scripting XSS and command execution vulnerabilities. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE ...

PHPepperShop 1.4 - shopkontakt.php Cross-Site Scripting

PHPepperShop 1.4 - shopkontakt.php Cross-Site Scripting source: https://www.securityfocus.com/bid/32690/info PhPepperShop is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute...