cPanel WebHost Manager 3.1 - 'park?ndomain' Cross-Site Scripting

source: https://www.securityfocus.com/bid/21288/info WebHost Manager is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in the browser of an unsuspecting...

cPanel WebHost Manager 3.1 - 'dochangeemail?email' Cross-Site Scripting

source: https://www.securityfocus.com/bid/21288/info WebHost Manager is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in the browser of an unsuspecting...

cPanel WebHost Manager 3.1 - editpkg?pkg Cross-Site Scripting

cPanel WebHost Manager 3.1 - editpkg?pkg Cross-Site Scripting source: https://www.securityfocus.com/bid/21288/info WebHost Manager is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to have...

PMOS Help Desk 2.3 - 'ticketview.php' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/21250/info InverseFlow Help Desk is prone to multiple cross-site scripting vulnerabilities. An attacker may leverage these issues to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site. This may he...

PMOS Help Desk 2.3 - 'ticket.php?email' Cross-Site Scripting

source: https://www.securityfocus.com/bid/21250/info InverseFlow Help Desk is prone to multiple cross-site scripting vulnerabilities. An attacker may leverage these issues to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site. This may he...

PMOS Help Desk 2.3 - ticketview.php Multiple Cross-Site Scripting Vulnerabilities

PMOS Help Desk 2.3 - ticketview.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/21250/info InverseFlow Help Desk is prone to multiple cross-site scripting vulnerabilities. An attacker may leverage these issues to have arbitrary script code execute in th...

CuteNews 1.4.5 - rss_title Cross-Site Scripting

CuteNews 1.4.5 - rsstitle Cross-Site Scripting source: https://www.securityfocus.com/bid/21233/info CuteNews is prone to multiple input-validation vulnerabilities, including an HTML-injection vulnerability, cross-site scripting vulnerabilities, and information-disclosure vulnerabilities. An...

CuteNews 1.4.5 - show_news.php Cross-Site Scripting

CuteNews 1.4.5 - shownews.php Cross-Site Scripting source: https://www.securityfocus.com/bid/21233/info CuteNews is prone to multiple input-validation vulnerabilities, including an HTML-injection vulnerability, cross-site scripting vulnerabilities, and information-disclosure vulnerabilities. An...

Blog:CMS 4.1.3 - 'list.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/21173/info BLOG:CMS is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user i...

Odysseus Blog 1.0 - blog.php Cross-Site Scripting

Odysseus Blog 1.0 - blog.php Cross-Site Scripting source: https://www.securityfocus.com/bid/21128/info Odysseus Blog is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code...

BlogTorrent Preview 0.92 - 'Announce.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/21125/info BlogTorrent Preview is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code execute in the browser of an...

Selenium Web Server 1.0 - Cross-Site Scripting

source: https://www.securityfocus.com/bid/21100/info Biba Selenium Web Server is prone to a cross-site scripting because the application fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting...

Selenium Web Server 1.0 - Cross-Site Scripting

Selenium Web Server 1.0 - Cross-Site Scripting source: https://www.securityfocus.com/bid/21100/info Biba Selenium Web Server is prone to a cross-site scripting because the application fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script...

cPanel 10 - newuser.html Multiple Cross-Site Scripting Vulnerabilities

cPanel 10 - newuser.html Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/21027/info cPanel is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to have...

DirectAdmin 1.28/1.29 - 'CMD_TICKET_CREATE' Cross-Site Scripting

source: https://www.securityfocus.com/bid/21049/info DirectAdmin is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in th...

DirectAdmin 1.281.29 - CMD_EMAIL_VACATION_MODIFY Cross-Site Scripting

DirectAdmin 1.281.29 - CMDEMAILVACATIONMODIFY Cross-Site Scripting source: https://www.securityfocus.com/bid/21049/info DirectAdmin is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute...

DirectAdmin 1.28/1.29 - 'CMD_EMAIL_LIST' Cross-Site Scripting

source: https://www.securityfocus.com/bid/21049/info DirectAdmin is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in th...

DirectAdmin 1.28/1.29 - 'CMD_TICKET' Cross-Site Scripting

source: https://www.securityfocus.com/bid/21049/info DirectAdmin is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in th...

LandShop 0.6.3 - ls.php Multiple Cross-Site Scripting Vulnerabilities

LandShop 0.6.3 - ls.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/20989/info LandShop is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied input data. Exploiting these issues could allow an...

LandShop 0.6.3 - 'ls.php' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/20989/info LandShop is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied input data. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, access or modif...