7610 matches found
Calimero.CMS 3.3 - 'id' Cross-Site Scripting
source: https://www.securityfocus.com/bid/27690/info Calimero.CMS is prone to a cross-site scripting vulnerability. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal...
MODx 0.9.6 - index.php Multiple Cross-Site Scripting Vulnerabilities
MODx 0.9.6 - index.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/27672/info MODx is prone to an HTML-injection vulnerability and multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may...
JVN#38893575 PC2M cross-site scripting vulnerability
PC2M is an open source web application which converts web pages and images to be available on web-capable mobile devices such as cellphones and PDAs. PC2M contains a cross-site scripting vulnerability. Impact An arbitrary script can be executed on the user's web browser. Solution Update the...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in the DMSGuestbook 1.7.0 plugin for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 file parameter to wp-admin/admin.php, or the 2 messagefield parameter in the guestbook page, and the 3 title parameter in the...
Pagetool 1.07 - 'search_term' Cross-Site Scripting
source: https://www.securityfocus.com/bid/27653/info Pagetool is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of t...
MyNews 1.6.x - 'hash' Cross-Site Scripting
source: https://www.securityfocus.com/bid/27652/info MyNews is prone to a cross-site scripting vulnerability. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal...
DevTracker Module For bcoos 1.1.11 and E-xoops 1.0.8 - Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/27619/info DevTracker module for bcoos and E-xoops is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser o...
CruxCMS 3.0 - 'search.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/27588/info CruxCMS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of th...
Liferay Enterprise Portal 4.3.6 - User-Agent HTTP Header Cross-Site Scripting
Liferay Enterprise Portal 4.3.6 - User-Agent HTTP Header Cross-Site Scripting source: https://www.securityfocus.com/bid/27547/info Liferay Enterprise Portal is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this...
SunGard Banner Student 7.3 - add1 Cross-Site Scripting
SunGard Banner Student 7.3 - add1 Cross-Site Scripting source: https://www.securityfocus.com/bid/27490/info Banner Student is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute arbitrary...
eTicket 1.5.6-RC4 - 'index.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/27473/info eTicket is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...
Mambo Module MOStlyCE 2.4 - connector.php Cross-Site Scripting
Mambo Module MOStlyCE 2.4 - connector.php Cross-Site Scripting source: https://www.securityfocus.com/bid/27470/info The MOStlyCE module for Mambo is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this...
F5 BIG-IP Application Security Manager 9.4.3 - report_type Cross-Site Scripting
F5 BIG-IP Application Security Manager 9.4.3 - reporttype Cross-Site Scripting source: https://www.securityfocus.com/bid/27462/info F5 BIG-IP Application Security Manager is prone to a cross-site scripting vulnerability because the web management interface fails to properly sanitize user-supplied...
F5 BIG-IP Application Security Manager 9.4.3 - 'report_type' Cross-Site Scripting
source: https://www.securityfocus.com/bid/27462/info F5 BIG-IP Application Security Manager is prone to a cross-site scripting vulnerability because the web management interface fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in...
Fonality trixbox 2.4.2 - Cross-Site Scripting (2)
Fonality trixbox 2.4.2 - Cross-Site Scripting 2 source: https://www.securityfocus.com/bid/27460/info The 'trixbox' product is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to...
Fonality trixbox 2.4.2 - Cross-Site Scripting (2)
source: https://www.securityfocus.com/bid/27460/info The 'trixbox' product is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an...
Cross site scripting
Cross-site scripting XSS vulnerability in templates/default/admincp/attachmentsheader.php in DeluxeBB 1.1 allows remote attackers to inject arbitrary web script or HTML via the langlistofmatches parameter...
Novemberborn sIFR 2.0.2/3 - 'txt' Cross-Site Scripting
source: https://www.securityfocus.com/bid/27394/info Novemberborn sIFR is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting us...
Novemberborn sIFR 2.0.23 - txt Cross-Site Scripting
Novemberborn sIFR 2.0.23 - txt Cross-Site Scripting source: https://www.securityfocus.com/bid/27394/info Novemberborn sIFR is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute...
DeluxeBB 1.1 - 'attachments_header.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/27401/info DeluxeBB is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...