Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in uddigui/navigateTree.do in the UDDI user console in IBM WebSphere Application Server WAS before 6.1.0 Fix Pack 13 6.1.0.13 allow remote attackers to inject arbitrary web script or HTML via the 1 keyField, 2 nameField, 3 valueField, and 4...

CVE-2007-5728

Cross-site scripting XSS vulnerability in phpPgAdmin 3.5 to 4.1.1, and possibly 4.1.2, allows remote attackers to inject arbitrary web script or HTML via certain input available in PHPSELF in 1 redirect.php, possibly related to 2 login.php, different vectors than CVE-2007-2865...

CVE-2002-2341

CVE-2002-2341 affects SonicWALL SOHO3 version 6.3.0.0 and is described as a cross-site scripting (XSS) vulnerability in content blocking. The issue allows remote attackers to inject arbitrary web script or HTML by supplying a specially crafted blocked URL, enabling potential session or credential...

Omnistar Live - 'KB.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/26234/info Omnistar Live is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user i...

Omnistar Live - KB.php Cross-Site Scripting

Omnistar Live - KB.php Cross-Site Scripting source: https://www.securityfocus.com/bid/26234/info Omnistar Live is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script...

WordPress 2.3 - Edit-Post-Rows.php Cross-Site Scripting

WordPress 2.3 - Edit-Post-Rows.php Cross-Site Scripting source: https://www.securityfocus.com/bid/26228/info WordPress is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary...

CVE-2003-1509

Real Networks RealOne Enterprise Desktop 6.0.11.774, RealOne Player 2.0, and RealOne Player 6.0.11.818–6.0.11.853 are affected by CVE-2003-1509. The issue allows remote attackers to execute arbitrary script in the local security zone by embedding a script in a temporary file before the temp file ...

SearchSimon Lite 1.0 - Filename.asp Cross-Site Scripting

SearchSimon Lite 1.0 - Filename.asp Cross-Site Scripting source: https://www.securityfocus.com/bid/26142/info SearchSimon Lite is prone to a cross-site scripting vulnerability because the application fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execut...

Socketmail 2.2.1 - lostpwd.php Cross-Site Scripting

Socketmail 2.2.1 - lostpwd.php Cross-Site Scripting source: https://www.securityfocus.com/bid/26138/info SocketMail is prone to a cross-site scripting vulnerability because the application fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary...

SiteBar 3.3.8 - integrator.php?lang Cross-Site Scripting

SiteBar 3.3.8 - integrator.php?lang Cross-Site Scripting source: https://www.securityfocus.com/bid/26126/info SiteBar is prone to multiple input-validation vulnerabilities because it fails to properly sanitize user-supplied input. These issues include: - A local file-include vulnerability -...

SiteBar 3.3.8 - index.php?target Cross-Site Scripting

SiteBar 3.3.8 - index.php?target Cross-Site Scripting source: https://www.securityfocus.com/bid/26126/info SiteBar is prone to multiple input-validation vulnerabilities because it fails to properly sanitize user-supplied input. These issues include: - A local file-include vulnerability - Multiple...

SiteBar 3.3.8 - translator.php?updcmdActionedit Arbitrary PHP Code Execution

SiteBar 3.3.8 - translator.php?updcmdActionedit Arbitrary PHP Code Execution source: https://www.securityfocus.com/bid/26126/info SiteBar is prone to multiple input-validation vulnerabilities because it fails to properly sanitize user-supplied input. These issues include: - A local file-include...

SiteBar 3.3.8 - 'command.php?Modify User Action uid' Cross-Site Scripting

source: https://www.securityfocus.com/bid/26126/info SiteBar is prone to multiple input-validation vulnerabilities because it fails to properly sanitize user-supplied input. These issues include: - A local file-include vulnerability - Multiple arbitrary-script-code-execution vulnerabilities -...

phpMyAdmin 2.11.1 - Server_Status.php Cross-Site Scripting

phpMyAdmin 2.11.1 - ServerStatus.php Cross-Site Scripting source: https://www.securityfocus.com/bid/26301/info phpMyAdmin is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script cod...

JVN#63304072 MouseoverDictionary vulnerable to arbitrary script execution

MouseoverDictionary, an add-on mouseover English-Japanese dictionary for Mozilla Firefox, contains a vulnerability that allows an attacker to execute an arbitrary script on the user's web browser as it does not handle the sidebar HTML page properly. Impact An attacker could execute an arbitrary...

Nucleus CMS 3.0.1 - index.php Cross-Site Scripting

Nucleus CMS 3.0.1 - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/26035/info Nucleus CMS is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary...

ActiveKB NX 2.6 - 'index.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/26027/info ActiveKB NX is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context o...

OpenBSD 4.1 - bgplg 'cmd' Cross-Site Scripting

source: https://www.securityfocus.com/bid/27535/info OpenBSD bgplg is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user i...

CVE-2007-5292

Cross-site scripting XSS vulnerability in photos.cfm in Directory Image Gallery 1.1 allows remote attackers to inject arbitrary web script or HTML via the backwardDirectory parameter...

phpMyAdmin 2.11.1 - setup.php Cross-Site Scripting

phpMyAdmin 2.11.1 - setup.php Cross-Site Scripting source: https://www.securityfocus.com/bid/26020/info phpMyAdmin is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in th...