WebEvent 4.03 - Webevent.cgi Cross-Site Scripting

WebEvent 4.03 - Webevent.cgi Cross-Site Scripting source: https://www.securityfocus.com/bid/25148/info WebEvent is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in AlstraSoft Video Share Enterprise allow remote attackers to inject arbitrary web script or HTML via the 1 msg, 2 page, 3 viewkey, or 4 viewtype parameter to a viewvideo.php; the 5 next parameter to b signup.php; the 6 searchid parameter to c...

IT!CMS 0.2 - 'lang-en.php?wndtitle' Cross-Site Scripting

source: https://www.securityfocus.com/bid/25129/info IT!CMS is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage these issues to execute arbitrary script code ...

drupal -- Multiple cross-site scripting vulnerabilities

The Drupal Project reports: Some server variables are not escaped consistently. When a malicious user is able to entice a victim to visit a specially crafted link or webpage, arbitrary HTML and script code can be injected and executed in the context of the victim's session on the targeted website...

Nukedit 4.9.x - 'login.asp' Cross-Site Scripting

source: https://www.securityfocus.com/bid/25081/info Nukedit is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...

Nukedit 4.9.x - login.asp Cross-Site Scripting

Nukedit 4.9.x - login.asp Cross-Site Scripting source: https://www.securityfocus.com/bid/25081/info Nukedit is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code...

cPanel 10.9.1 - Resname Cross-Site Scripting

cPanel 10.9.1 - Resname Cross-Site Scripting source: https://www.securityfocus.com/bid/25047/info cPanel is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in...

Alstrasoft Video Share Enterprise 4.x - Multiple Input Validation Vulnerabilities

Alstrasoft Video Share Enterprise 4.x - Multiple Input Validation Vulnerabilities source: https://www.securityfocus.com/bid/25019/info AlstraSoft Video Share Enterprise is affected by multiple input-validation vulnerabilities. These issues include multiple cross-site scripting vulnerabilities and...

Alstrasoft Video Share Enterprise 4.x - Multiple Input Validation Vulnerabilities

source: https://www.securityfocus.com/bid/25019/info AlstraSoft Video Share Enterprise is affected by multiple input-validation vulnerabilities. These issues include multiple cross-site scripting vulnerabilities and multiple SQL-injection vulnerabilities. Exploiting these issues could allow an...

Alstrasoft Sms Text Messaging Enterprise 2.0 - adminedituser.php?userid Cross-Site Scripting

Alstrasoft Sms Text Messaging Enterprise 2.0 - adminedituser.php?userid Cross-Site Scripting source: https://www.securityfocus.com/bid/25022/info SMS Text Messaging Enterprise is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplie...

Dora Emlak 1.0 Script - Multiple Input Validation Vulnerabilities

source: https://www.securityfocus.com/bid/25004/info Dora Emlak Script is prone to multiple input-validation vulnerabilities, including HTML-injection and SQL-injection issues, because the application fails to properly sanitize user-supplied input. Exploiting these issues could allow an attacker ...

JVN#34058672 Nessus report function vulnerable to arbitrary script execution

Nessus, a vulnerability scanner from Tenable Network Security, Inc., is capable of providing test reports in HTML format. The report in HTML format contains the target server's responses against Nessus scanning. Nessus fails to properly handle the responses. This may cause a script to be executed...

Insanely Simple Blog 0.4/0.5 - Cross-Site Scripting

source: https://www.securityfocus.com/bid/24934/info Insanely Simple Blog is prone to multiple input-validation vulnerabilities, including cross-site scripting, HTML-injection, and SQL-injection issues, because the application fails to properly sanitize user-supplied input. Exploiting these issue...

contentserver 5.6.2929 - errorstransaction.asp?msg Cross-Site Scripting

contentserver 5.6.2929 - errorstransaction.asp?msg Cross-Site Scripting source: https://www.securityfocus.com/bid/24895/info activeWeb contentserver is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may...

contentserver 5.6.2929 - errorsrights.asp?msg Cross-Site Scripting

contentserver 5.6.2929 - errorsrights.asp?msg Cross-Site Scripting source: https://www.securityfocus.com/bid/24895/info activeWeb contentserver is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverag...

tim-xss.txt

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 TIM Telecom Italia Mobile is a big italian phone company. The web portal TIM.it is vulnerable to XSS attacks in search function http://www.tim.it/ricerca/d/areaconsumer/ricercasito.do. An attacker can steal cookie session and access with victim...

Helma 1.5.3 - Search Script Cross-Site Scripting

source: https://www.securityfocus.com/bid/24880/info Helma is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...

Helma 1.5.3 - Search Script Cross-Site Scripting

Helma 1.5.3 - Search Script Cross-Site Scripting source: https://www.securityfocus.com/bid/24880/info Helma is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code...

OpManager 67 - traceRoute.do?name Cross-Site Scripting

OpManager 67 - traceRoute.do?name Cross-Site Scripting source: https://www.securityfocus.com/bid/24767/info OpManager is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary...

NetFlow Analyzer 5 - jspuiapplicationList.jsp?alpha Cross-Site Scripting

NetFlow Analyzer 5 - jspuiapplicationList.jsp?alpha Cross-Site Scripting source: https://www.securityfocus.com/bid/24766/info NetFlow Analyzer is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues...