phpMyAdmin 2.11.1 - setup.php Cross-Site Scripting

phpMyAdmin 2.11.1 - setup.php Cross-Site Scripting source: https://www.securityfocus.com/bid/26020/info phpMyAdmin is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in th...

NetWin DNews - 'Dnewsweb.exe' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/25981/info DNews is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting use...

DRBGuestbook 1.1.13 - index.php Cross-Site Scripting

DRBGuestbook 1.1.13 - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/25911/info DRBGuestbook is prone to a cross-site scripting vulnerability because the application fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in JSPWiki 2.4.103 and 2.5.139-beta allow remote attackers to inject arbitrary web script or HTML via the 1 group and 2 members parameters in a NewGroup.jsp; the 3 edittime parameter in b Edit.jsp; the 4 edittime, 5 author, and 6 link parameters i...

SimpNews 2.41.3 - backurl Cross-Site Scripting

SimpNews 2.41.3 - backurl Cross-Site Scripting source: https://www.securityfocus.com/bid/25809/info SimpNews is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied input. An attacker may leverage these issues to execute...

SimpNews 2.41.3 - l_username Cross-Site Scripting

SimpNews 2.41.3 - lusername Cross-Site Scripting source: https://www.securityfocus.com/bid/25809/info SimpNews is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied input. An attacker may leverage these issues to execute...

SimpGB 1.46.2 - admin?l_username Cross-Site Scripting

SimpGB 1.46.2 - admin?lusername Cross-Site Scripting source: https://www.securityfocus.com/bid/25808/info SimpGB is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied input. An attacker may leverage these issues to execute...

WordPress 2.0 - wp-register.php Multiple Cross-Site Scripting Vulnerabilities

WordPress 2.0 - wp-register.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/25769/info WordPress is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues t...

WebBatch - webbatch.exe Cross-Site Scripting

WebBatch - webbatch.exe Cross-Site Scripting source: https://www.securityfocus.com/bid/25744/info WebBatch is prone to a cross-site scripting vulnerability and an information-disclosure vulnerability because it fails to adequately sanitize user-supplied input. An attacker may leverage the...

Design/Logic Flaw

ipskernel/classupload.php in Invision Power Board IPB or IP.Board 2.3.1 up to 20070912 allows remote attackers to upload arbitrary script files with crafted image filenames to uploads/, where they are saved with a .txt extension and are not executable. NOTE: there are limited usage scenarios unde...

CVE-2007-4913

ipskernel/classupload.php in Invision Power Board IPB or IP.Board 2.3.1 up to 20070912 allows remote attackers to upload arbitrary script files with crafted image filenames to uploads/, where they are saved with a .txt extension and are not executable. NOTE: there are limited usage scenarios unde...

CVE-2007-4913

ipskernel/classupload.php in Invision Power Board IPB or IP.Board 2.3.1 up to 20070912 allows remote attackers to upload arbitrary script files with crafted image filenames to uploads/, where they are saved with a .txt extension and are not executable. NOTE: there are limited usage scenarios unde...

PHP-Stats 0.1.9.2 - Tracking.php Cross-Site Scripting

PHP-Stats 0.1.9.2 - Tracking.php Cross-Site Scripting source: https://www.securityfocus.com/bid/25674/info Php-Stats is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary...

BOINC 5.10.20 - 'forum_forum.php?id' Cross-Site Scripting

source: https://www.securityfocus.com/bid/25644/info BOINC Berkeley Open Infrastructure for Network Computing is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage these issues to execute arbitrary...

Toms Gastebuch 1.001.01 - header.php Multiple Cross-Site Scripting Vulnerabilities

Toms Gastebuch 1.001.01 - header.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/25598/info Toms Gastebuch is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage thes...

Arcadem 2.01 Remote SQL Injection / RFI Vulnerabilties

Exploit for unknown platform in category web applications ====================================================== Arcadem 2.01 Remote SQL Injection / RFI Vulnerabilties ====================================================== Arcadem Remote File Inclusion Flaw / SQL Injection Software: Arcadem 2.01...

AutoIndex PHP Script 2.2.2 - PHP_SELF index.php Cross-Site Scripting

AutoIndex PHP Script 2.2.2 - PHPSELF index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/26411/info AutoIndex PHP Script is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to...

JVN#82276964 Tuigwaa cross-site scripting vulnerability

Tuigwaa from the Tuigwaa Project is open source software to develop web applications. Tuigwaa contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Apply the latest update provided by the developer. For mo...

m-phorum 0.3 - 'index.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/25394/info m-phorum is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...

JVN#66303599 WebCart cross-site scripting vulnerability

WebCart provided by CGI's is shopping cart software. WebCart's management interface contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the latest version provided by the vendor. For more...