Nucleus CMS 3.22 - action.php Cross-Site Scripting

Nucleus CMS 3.22 - action.php Cross-Site Scripting source: https://www.securityfocus.com/bid/27492/info Nucleus CMS is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary...

Nucleus CMS 3.22 - 'action.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/27492/info Nucleus CMS is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in...

Debian Security Advisory DSA 914-1 (horde2)

The remote host is missing an update to horde2 announced via advisory DSA 914-1. A vulnerability has been discovered in horde2, a web application suite, that allows attackers to insert arbitrary script code into the error web page. The old stable distribution woody does not contain horde2 package...

CVE-2008-0265

Multiple cross-site scripting XSS vulnerabilities in the Search function in the web management interface in F5 BIG-IP 9.4.3 allow remote attackers to inject arbitrary web script or HTML via the SearchString parameter to 1 listsystem.jsp, 2 listpktfilter.jsp, 3 listltm.jsp, 4 resourcesaudit.jsp, a...

PHP Running Management 1.0.2 - index.php Cross-Site Scripting

PHP Running Management 1.0.2 - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/27268/info PHP Running Management is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in cryptographp/admin.php in the Cryptographp 1.2 and earlier plugin for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 cryptwidth, 2 cryptheight, 3 bgimg, 4 charR, 5 charG, 6 charB, 7 charclear, 8 tfont, 9 chare...

CVE-2008-0206

Multiple cross-site scripting XSS vulnerabilities in captcha\captcha.php in the Captcha! 2.5d and earlier plugin for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 captchattffolder, 2 captchanumchars, 3 captchattfrange, or 4 captchasecret parameter...

CVE-2008-0206

Multiple cross-site scripting XSS vulnerabilities in captcha\captcha.php in the Captcha! 2.5d and earlier plugin for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 captchattffolder, 2 captchanumchars, 3 captchattfrange, or 4 captchasecret parameter...

Joomla! Component SMF Forum 1.1.4 - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/27218/info Joomla-SMF Forum is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user ...

CVE-2007-6388

Cross-site scripting XSS vulnerability in modstatus in the Apache HTTP Server 2.2.0 through 2.2.6, 2.0.35 through 2.0.61, and 1.3.2 through 1.3.39, when the server-status page is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

IceWarp Mail Server 9.1.1 - '/admin/index.html' Cross-Site Scripting

source: https://www.securityfocus.com/bid/27189/info IceWarp Mail Server is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...

eTicket 1.5.5.2 - admin.php Multiple SQL Injections

eTicket 1.5.5.2 - admin.php Multiple SQL Injections source: https://www.securityfocus.com/bid/27173/info eTicket is prone to multiple input-validation vulnerabilities because the application fails to properly sanitize user-supplied input. These vulnerabilities include multiple SQL-injection issue...

eTicket 1.5.5.2 - 'admin.php' Multiple SQL Injections

source: https://www.securityfocus.com/bid/27173/info eTicket is prone to multiple input-validation vulnerabilities because the application fails to properly sanitize user-supplied input. These vulnerabilities include multiple SQL-injection issues, a cross-site scripting issue, and an...

eTicket 1.5.5.2 - search.php Multiple SQL Injections

eTicket 1.5.5.2 - search.php Multiple SQL Injections source: https://www.securityfocus.com/bid/27173/info eTicket is prone to multiple input-validation vulnerabilities because the application fails to properly sanitize user-supplied input. These vulnerabilities include multiple SQL-injection...

eTicket 1.5.5.2 - 'view.php?s' Cross-Site Scripting

source: https://www.securityfocus.com/bid/27173/info eTicket is prone to multiple input-validation vulnerabilities because the application fails to properly sanitize user-supplied input. These vulnerabilities include multiple SQL-injection issues, a cross-site scripting issue, and an...

Snitz Forums 2000 3.4.5/3.4.6 - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/27162/info Snitz Forums 2000 is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user...

Snitz Forums 2000 3.4.53.4.6 - Multiple Cross-Site Scripting Vulnerabilities

Snitz Forums 2000 3.4.53.4.6 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/27162/info Snitz Forums 2000 is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these...

NetRisk 1.9.7 - 'index.php' Remote File Inclusion

source: https://www.securityfocus.com/bid/27136/info netRisk is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code on an affected computer with the privileges of the webserver...

NetRisk 1.9.7 - index.php Remote File Inclusion

NetRisk 1.9.7 - index.php Remote File Inclusion source: https://www.securityfocus.com/bid/27136/info netRisk is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code on an affect...

WordPress 2.2.3 - wp-adminpost.php?popuptitle Cross-Site Scripting

WordPress 2.2.3 - wp-adminpost.php?popuptitle Cross-Site Scripting source: https://www.securityfocus.com/bid/27123/info WordPress is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute...