7610 matches found
RSA WebID 5.3 - IISWebAgentIF.dll Cross-Site Scripting
RSA WebID 5.3 - IISWebAgentIF.dll Cross-Site Scripting source: https://www.securityfocus.com/bid/28277/info RSA WebID is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary...
RSA WebID 5.3 - 'IISWebAgentIF.dll' Cross-Site Scripting
source: https://www.securityfocus.com/bid/28277/info RSA WebID is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in th...
SNewsCMS 2.x - search.php Cross-Site Scripting
SNewsCMS 2.x - search.php Cross-Site Scripting source: https://www.securityfocus.com/bid/28262/info SNewsCMS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage this...
Chris LaPointe Download Center 1.2 - login Action Multiple Cross-Site Scripting Vulnerabilities
Chris LaPointe Download Center 1.2 - login Action Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/28219/info Download Center is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker...
Chris LaPointe Download Center 1.2 - search Cross-Site Scripting
Chris LaPointe Download Center 1.2 - search Cross-Site Scripting source: https://www.securityfocus.com/bid/28219/info Download Center is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to...
EasyImageCatalogue 1.31 - 'thumber.php?dir' Cross-Site Scripting
source: https://www.securityfocus.com/bid/28164/info onlinetools.org EasyImageCatalogue is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an...
EasyImageCatalogue 1.31 - 'addcomment.php?d' Cross-Site Scripting
source: https://www.securityfocus.com/bid/28164/info onlinetools.org EasyImageCatalogue is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an...
EasyImageCatalogue 1.31 - 'describe.php?d' Cross-Site Scripting
source: https://www.securityfocus.com/bid/28164/info onlinetools.org EasyImageCatalogue is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an...
Gallarific - search.php?query Cross-Site Scripting
Gallarific - search.php?query Cross-Site Scripting source: https://www.securityfocus.com/bid/28163/info Gallarific is prone to a cross-site scripting vulnerability and multiple authentication-bypass vulnerabilities. An attacker may leverage these issues to execute arbitrary script code in the...
EncapsGallery 1.11.2 - catalog_watermark.php?file Cross-Site Scripting
EncapsGallery 1.11.2 - catalogwatermark.php?file Cross-Site Scripting source: https://www.securityfocus.com/bid/28178/info EncapsGallery is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to...
F5 BIG-IP 9.4.3 - Web Management Interface Console HTML Injection
source: https://www.securityfocus.com/bid/28151/info F5 BIG-IP Web Management Interface is prone to a HTML-injection vulnerability because the web management interface fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the brows...
WordPress 2.3.2 - wp-admininvites.php?to Cross-Site Scripting
WordPress 2.3.2 - wp-admininvites.php?to Cross-Site Scripting source: https://www.securityfocus.com/bid/28139/info WordPress is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute...
Neptune Web Server 3.0 - 404 Error Page Cross-Site Scripting
Neptune Web Server 3.0 - 404 Error Page Cross-Site Scripting source: https://www.securityfocus.com/bid/28148/info Neptune Web Server is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary...
ImageVue 1.7 - 'upload.php?path' Cross-Site Scripting
source: https://www.securityfocus.com/bid/28138/info Imagevue is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting...
JVN#95014590 Zimbra Collaboration Suite script execution vulnerability
Zimbra Collaboration Suite is a web collaboration tool that provides calendar, address book, webmail, and other functions. Zimbra Collaboration Suite 4.0.3 and 4.5.6 contain a vulnerability that could allow a remote attacker to execute an arbitrary script on the user's web browser. Impact If a us...
WordPress Core 2.3.2 - '/wp-admin/users.php?inviteemail' Cross-Site Scripting
source: https://www.securityfocus.com/bid/28139/info WordPress is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...
ImageVue 1.7 - dir2.php?path Cross-Site Scripting
ImageVue 1.7 - dir2.php?path Cross-Site Scripting source: https://www.securityfocus.com/bid/28138/info Imagevue is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute...
Design/Logic Flaw
Opera before 9.26 allows user-assisted remote attackers to execute arbitrary script via images that contain custom comments, which are treated as script when the user displays the image properties...
CVE-2008-1081
Opera before 9.26 allows user-assisted remote attackers to execute arbitrary script via images that contain custom comments, which are treated as script when the user displays the image properties...
CVE-2008-1081
Opera prior to 9.26 is affected by CVE-2008-1081, where image comments can be treated as scripts when viewing image properties, enabling a user‑assisted remote attacker to execute arbitrary script. The vulnerability arises from images containing custom comments that are executed as script in the ...