Softbiz Classifieds Script - Cross-Site Scripting

Softbiz Classifieds Script - Cross-Site Scripting source: https://www.securityfocus.com/bid/32375/info Softbiz Classifieds Script is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary...

Kimson CMS - id Cross-Site Scripting

Kimson CMS - id Cross-Site Scripting source: https://www.securityfocus.com/bid/32343/info Kimson CMS is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser o...

CVE-2008-5023

Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to bypass the protection mechanism for codebase principals and execute arbitrary script via the -moz-binding CSS property in a signed JAR file...

CVE-2008-5061

Cross-site scripting XSS vulnerability in php/caldefault.php in Mini Web Calendar mwcal 1.2 allows remote attackers to inject arbitrary web script or HTML via the URL...

CVE-2008-5022

The nsXMLHttpRequest::NotifyEventListeners method in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to bypass the same-origin policy and execute arbitrary script via multiple listeners, which bypass t...

Authentication flaw

Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to bypass the protection mechanism for codebase principals and execute arbitrary script via the -moz-binding CSS property in a signed JAR file...

Mozilla -moz-binding property bypasses security checks on codebase principals

Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to bypass the protection mechanism for codebase principals and execute arbitrary script via the -moz-binding CSS property in a signed JAR file...

nsXMLHttpRequest:: NotifyEventListeners() same-origin violation

The nsXMLHttpRequest::NotifyEventListeners method in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to bypass the same-origin policy and execute arbitrary script via multiple listeners, which bypass t...

MoinMoin 1.5.81.9 - Cross-Site Scripting Information Disclosure

MoinMoin 1.5.81.9 - Cross-Site Scripting Information Disclosure source: https://www.securityfocus.com/bid/32208/info MoinMoin is prone to cross-site scripting and information-disclosure vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issue...

SonicWALL - Content Filtering Blocked Site Error Page Cross-Site Scripting

SonicWALL - Content Filtering Blocked Site Error Page Cross-Site Scripting source: https://www.securityfocus.com/bid/31998/info SonicWALL Content Filtering is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input when displaying URI...

SonicWALL - Content Filtering Blocked Site Error Page Cross-Site Scripting

source: https://www.securityfocus.com/bid/31998/info SonicWALL Content Filtering is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input when displaying URI address data in a blocked-site error page. An attacker may leverage this iss...

Opera < 9.62 Multiple Vulnerabilities

Binary data 4729.prm...

Extrakt Framework 0.7 - index.php Cross-Site Scripting

Extrakt Framework 0.7 - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/31971/info Extrakt Framework is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary...

Extrakt Framework 0.7 - &#039;index.php&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/31971/info Extrakt Framework is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...

iPeGuestbook 1.72.0 - pg Cross-Site Scripting

iPeGuestbook 1.72.0 - pg Cross-Site Scripting source: https://www.securityfocus.com/bid/31911/info iPei Guestbook is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute arbitrary script co...

ClipShare Pro 4.0 - &#039;fullscreen.php&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/31898/info ClipShare Pro is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context...

Jetbox CMS 2.1 - &#039;liste&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/31890/info Jetbox CMS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of...

Cross site scripting

Cross-site scripting XSS vulnerability in wp-admin/wp-blogs.php in Wordpress MU WPMU before 2.6 allows remote attackers to inject arbitrary web script or HTML via the 1 s and 2 ipaddress parameters...

Google Chrome 0.2.149 - ftp:// URL Multiple File Format Handling XSS

Google Chrome 0.2.149 ftp:// URL Multiple File Format Handling XSS. CVE-2008-4724 . Remote exploit for windows platform source: http://www.securityfocus.com/bid/31855/info Google Chrome 0.2.149 is prone to a cross-site scripting weakness that arises because the software fails to handle specially...

Microsoft Internet Explorer HTML Element Cross Domain Security Bypass Vulnerability

Description Microsoft Internet Explorer is prone to a cross-domain security-bypass vulnerability because the application fails to properly enforce the same-origin policy. An attacker can exploit this issue to execute arbitrary script code in another browser window's security zone. This may allow...