@lex Poll 1.2 - setup.php Cross-Site Scripting

@lex Poll 1.2 - setup.php Cross-Site Scripting source: https://www.securityfocus.com/bid/28520/info @lex Poll is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...

Jack (tR) Jax LinkLists 1.00 - jax_linklists.php Cross-Site Scripting

Jack tR Jax LinkLists 1.00 - jaxlinklists.php Cross-Site Scripting source: https://www.securityfocus.com/bid/28518/info Jax LinkLists is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrar...

@lex Guestbook 4.0.5 - 'index.php?test' Cross-Site Scripting

source: https://www.securityfocus.com/bid/28519/info @lex Guestbook is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in...

@lex Guestbook 4.0.5 - index.php?test Cross-Site Scripting

@lex Guestbook 4.0.5 - index.php?test Cross-Site Scripting source: https://www.securityfocus.com/bid/28519/info @lex Guestbook is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute...

JVN#76669770 PerlMailer cross-site scripting vulnerability

PerlMailer is a mail form CGI provided by "Homepage Decorator". It is used to send mail from a form on a web page. A cross-site scripting vulnerabiltiy exists in PerlMailer. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the latest...

JVN#58803701 DesignForm cross-site scripting vulnerability

DesignForm is a mail form CGI provided by GNB. It is used to send mail from a form on a web page. A cross-site scripting vulnerabiltiy exists in DesignForm. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the latest version according to...

DigiDomain 2.2 - 'suggest_result.asp' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/28475/info DigiDomain is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...

BlackBoard Academic Suite 6/7 - '/webapps/BlackBoard/execute/viewCatalog?searchText' Cross-Site Scripting

source: https://www.securityfocus.com/bid/28455/info Blackboard Academic Suite is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of...

GeeCarts - view.php?id Cross-Site Scripting

GeeCarts - view.php?id Cross-Site Scripting source: https://www.securityfocus.com/bid/28470/info GeeCarts is prone to multiple input-validation vulnerabilities, including remote file-include and cross-site scripting issues, because it fails to sufficiently sanitize user-supplied data. Exploiting...

GeeCarts - search.php?id Cross-Site Scripting

GeeCarts - search.php?id Cross-Site Scripting source: https://www.securityfocus.com/bid/28470/info GeeCarts is prone to multiple input-validation vulnerabilities, including remote file-include and cross-site scripting issues, because it fails to sufficiently sanitize user-supplied data. Exploitin...

BlackBoard Academic Suite 67 - bincommonannouncement.pl?data__announcements___pk1_pk2__subject Cross-Site Scripting

BlackBoard Academic Suite 67 - bincommonannouncement.pl?dataannouncementspk1pk2subject Cross-Site Scripting source: https://www.securityfocus.com/bid/28455/info Blackboard Academic Suite is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize...

GeeCarts - show.php?id Cross-Site Scripting

GeeCarts - show.php?id Cross-Site Scripting source: https://www.securityfocus.com/bid/28470/info GeeCarts is prone to multiple input-validation vulnerabilities, including remote file-include and cross-site scripting issues, because it fails to sufficiently sanitize user-supplied data. Exploiting...

cPanel 11.18.311.21 - manpage.html Cross-Site Scripting

cPanel 11.18.311.21 - manpage.html Cross-Site Scripting source: https://www.securityfocus.com/bid/28403/info cPanel is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary...

JVN#00892830 Namazu cross-site scripting vulnerability

Namazu, Japanese full-text search engine does not specify charset in the ContentType header that could allow a remote attacker to execute an arbitrary script on the user's web browser. Impact An arbitrary script could be executed on the user's web browser. Solution Update the Software Update to t...

Elastic Path 4.1 - managerFileManager.jsp?dir Traversal Arbitrary Directory Listing

Elastic Path 4.1 - managerFileManager.jsp?dir Traversal Arbitrary Directory Listing source: https://www.securityfocus.com/bid/28352/info Elastic Path is prone to multiple input-validation vulnerabilities because it fails to properly sanitize user-supplied input. These issues include: - A local...

News-Template 0.5beta - print.php Multiple Cross-Site Scripting Vulnerabilities

News-Template 0.5beta - print.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/28353/info News-Template is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these...

News-Template 0.5beta - 'print.php' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/28353/info News-Template is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user ...

MyBlog 1.x - SQL Injection / Remote File Inclusion

source: https://www.securityfocus.com/bid/28313/info MyBlog is prone to multiple input-validation vulnerabilities, including: - Multiple SQL-injection vulnerabilities - Multiple remote file-include vulnerabilities - A privilege-escalation vulnerability An attacker may exploit these issues to...

CVE-2008-0060

CVE-2008-0060 affects Apple Mac OS X 10.4.11 and 10.5.2. The issue in Help Viewer allows remote attackers to execute arbitrary Applescript by exploiting a crafted help:topic_list URL that injects HTML or JavaScript into a topic list page, demonstrated via a help:runscript link. This vulnerability...

phpStats 0.1_alpha - 'phpStats.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/28291/info The 'phpstats' program is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage this issue to execute arbitrary script...