7610 matches found
OpManager 67 - ping.do?name Cross-Site Scripting
OpManager 67 - ping.do?name Cross-Site Scripting source: https://www.securityfocus.com/bid/24767/info OpManager is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script co...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in search.asp in rwAuction Pro 5.0 allow remote attackers to inject arbitrary web script or HTML via the 1 search, 2 show, 3 searchtype, 4 catid, and 5 searchtxt parameters, a different version and vectors than CVE-2005-4060...
Claroline 1.8.3 - $_SERVER[PHP_SELF] Multiple Cross-Site Scripting Vulnerabilities
Claroline 1.8.3 - $SERVERPHPSELF Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/24742/info Claroline is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues ...
LightBlog <= 5 Add_Comment.PHP Cross-Site Scripting Vulnerability
LightBlog 5 AddComment.PHP Cross-Site Scripting Vulnerability. Webapps exploit for php platform source: http://www.securityfocus.com/bid/24741/info LightBlog is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may...
Linksys WAG54GS 1.0.6 (Wireless-G ADSL Gateway) - 'setup.cgi' Cross-Site Scripting
source: https://www.securityfocus.com/bid/24682/info Linksys Wireless-G ADSL Gateway is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. Attackers may exploit this issue by enticing victims into opening a malicious URI...
ETicket 1.5.5 - 'Open.php' Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/24681/info eTicket is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage this issue to execute arbitrary...
Key Focus Web Server 3.1 - Index.WKF Cross-Site Scripting
source: https://www.securityfocus.com/bid/24623/info Key Focus Web Server is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting...
Key Focus Web Server 3.1 - Index.WKF Cross-Site Scripting
Key Focus Web Server 3.1 - Index.WKF Cross-Site Scripting source: https://www.securityfocus.com/bid/24623/info Key Focus Web Server is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execu...
[Full-disclosure] MS07-034: Executing arbitrary script with mhtml: protocol handler
MS07-034: Executing arbitrary script with mhtml: protocol handler Author:Yosuke HASEGAWA yosuke.hasegawa at gmail.com Date: Wed, 21 Jun 2007 CVE: CVE-2007-2225, CVE-2007-2227 Original advisory: http://openmya.hacker.jp/hasegawa/security/ms07-034.txt...
csc-sqlxss.txt
--- Comersus Shop Cart 7.07 SQL Injection & XSS Comersus is an active server pages asp software for running shopping stores, integrated with the rest of your web site. Comersus ASP Cart is free and IT CAN BE used for commercial purposes. An attacker may leverage this issue to have arbitrary scrip...
JVN#95019167 Internet Explorer vulnerable in handling MHTML protocol
When Internet Explorer accesses a website using MHTML MIME Encapsulation of Aggregate HTML, Internet Explorer processes the contents as MHTML data, ignoring their actual content types, and it does not properly handle the Content-Disposition header field. This could cause a dialog box not to be...
Joomla! Component Letterman Subscriber Module 1.2.4 - 'Mod_Lettermansubscribe.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/24479/info The Joomla! Letterman Subscriber module is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser...
Joomla! Component Letterman Subscriber Module 1.2.4 - Mod_Lettermansubscribe.php Cross-Site Scripting
Joomla! Component Letterman Subscriber Module 1.2.4 - ModLettermansubscribe.php Cross-Site Scripting source: https://www.securityfocus.com/bid/24479/info The Joomla! Letterman Subscriber module is prone to a cross-site scripting vulnerability because the application fails to properly sanitize...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Uebimiau Webmail allow remote attackers to inject arbitrary web script or HTML via 1 the PATHINFO to redirect.php or 2 the selectedtheme parameter to demo/pop3/error.php...
WmsCMS < = 2.0 Multiple XSS Vulnerabilities
Application: WmsCMS Vendors Url: http://www.web-master.biz Bug Type: Multiple URL Handling Remote Cross-Site Scripting Vulnerabilities Exploitation: Remote Severity: Less Critical Solution Status: Unpatched Introduction: WmsCMS is a web-based CMS system Google Dork: "Powered by WMS-CMS" Affected...
webstudio-xss.txt
Application: WebStudio CMS Vendors Url: http://www.bdigital.biz Bug Type: Multiple URL Handling Remote Cross-Site Scripting Vulnerabilities Exploitation: Remote Severity: Less Critical Solution Status: Unpatched Introduction: WebStudio CMS is a web-based CMS system Google Dork: "Powered by...
Okyanusmedya - 'index.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/24285/info Okyanusmedya is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in...
Linker 2.0.4 - index.php Cross-Site Scripting
Linker 2.0.4 - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/24277/info Codelib Linker is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary scrip...
PHPLive! 3.2.2 - '/super/info.php?BASE_URL' Cross-Site Scripting
source: https://www.securityfocus.com/bid/24276/info PHP Live! is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...
Evenzia Content Management Systems (CMS) - Cross-Site Scripting
source: https://www.securityfocus.com/bid/24270/info Evenzia CMS is prone to a cross-site script vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...