QwikiWiki cross-site scripting vulnerability

Overview QwikiWiki, one of Wiki clones, contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. User credentials could be leaked as a result. Solution None...

Owl cross-site scripting vulnerability

Overview Owl, an open source document management and publishing system, contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. As a result, web pages could be spoofed. Solution...

Mozilla Firefox cross-site scripting vulnerability

Overview Mozilla Firefox web browser contains a cross-site scripting vulnerability. Mozilla Firefox does not properly handle certain HTML documents in ShiftJIS encoding. According to MFSA 2008-13, this flaw could potentially be used to evade web-site input filters and result in a XSS attack hazar...

Feed2JS cross-site scripting vulnerability

Overview Feed2JS Feed to JavaScript, an open source web application, contains a cross-site scripting vulnerability. Feed2JS Feed to JavaScript is an open source web application which converts RSS feeds into JavaScript. Feed2JS contains a cross-site scripting vulnerability. Impact An attacker coul...

Dokeos cross-site scripting vulnerability

Overview Dokeos, an open source e-learning content management system, contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. In particular, if session information from a cookie is leaked, an attacker could possibly conduct session...

Starsgames Control Panel 4.6.2 - index.php Cross-Site Scripting

Starsgames Control Panel 4.6.2 - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/29295/info Starsgames Control Panel is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in admin/inc/header.php in Maian Greeting 2.1 allow remote attackers to inject arbitrary web script or HTML via the 1 msgscript and 2 msgscript2 parameters...

PicsEngine 1.0 - index.php Cross-Site Scripting

PicsEngine 1.0 - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/29214/info PicsEngine is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...

Cross site scripting

Cross-site scripting XSS vulnerability in index.php in Chilek Content Management System aka ChiCoMaS 2.0.4 allows remote attackers to inject arbitrary web script or HTML via the q parameter...

CVE-2008-2179

Cross-site scripting XSS vulnerability in SystemList.jsp in SysAid 5.1.08 allows remote attackers to inject arbitrary web script or HTML via the searchField parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

Cisco BBSM Captive Portal 5.3 - 'AccesCodeStart.asp' Cross-Site Scripting Vulnerability

Cisco BBSM Captive Portal 5.3 'AccesCodeStart.asp' Cross-Site Scripting Vulnerability. CVE-2008-2165. Webapps exploit for asp platform source: http://www.securityfocus.com/bid/29191/info Cisco BBSM Building Broadband Service Manager is prone to a cross-site scripting vulnerability because the...

Cross site scripting

The WHM interface 11.15.0 for cPanel 11.18 before 11.18.4 and 11.22 before 11.22.3 allows remote attackers to bypass XSS protection and inject arbitrary script or HTML via repeated, improperly-ordered "" characters in the 1 issue parameter to scripts2/knowlegebase, 2 user parameter to...

CVE-2008-2070

The WHM interface 11.15.0 for cPanel 11.18 before 11.18.4 and 11.22 before 11.22.3 allows remote attackers to bypass XSS protection and inject arbitrary script or HTML via repeated, improperly-ordered "" characters in the 1 issue parameter to scripts2/knowlegebase, 2 user parameter to...

cPanel 11.x - '/scripts2/changeip?user' Cross-Site Scripting

source: https://www.securityfocus.com/bid/29125/info cPanel is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting us...

cPanel 11.x - scripts2changeip?user Cross-Site Scripting

cPanel 11.x - scripts2changeip?user Cross-Site Scripting source: https://www.securityfocus.com/bid/29125/info cPanel is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute...

SonicWALL Email Security 6.1.1 - Error Page Cross-Site Scripting

SonicWALL Email Security 6.1.1 - Error Page Cross-Site Scripting source: https://www.securityfocus.com/bid/29107/info SonicWALL Email Security is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input when displaying URI address data i...

SAP Internet Transaction Server 6200.1017.50954.0 Bu (WGate) - 'wgate.dll?~service' Cross-Site Scripting

source: https://www.securityfocus.com/bid/29103/info SAP Internet Transaction Server is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the...

SonicWALL Email Security 6.1.1 - Error Page Cross-Site Scripting

source: https://www.securityfocus.com/bid/29107/info SonicWALL Email Security is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input when displaying URI address data in an error page. An attacker may leverage this issue to execute...

Sphider 1.3.4 - query Cross-Site Scripting

Sphider 1.3.4 - query Cross-Site Scripting source: https://www.securityfocus.com/bid/29074/info Sphider is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in...

Maian Uploader 4.0 - keywords Cross-Site Scripting

Maian Uploader 4.0 - keywords Cross-Site Scripting source: https://www.securityfocus.com/bid/29051/info Maian Uploader is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary...