AIOCP 1.3.x - cp_login.php SQL Injection

AIOCP 1.3.x - cplogin.php SQL Injection source: https://www.securityfocus.com/bid/20931/info All In One Control Panel AIOCP is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied input data. Exploiting these issues could allow an attacker to...

AIOCP 1.3.x - cp_links.php SQL Injection

AIOCP 1.3.x - cplinks.php SQL Injection source: https://www.securityfocus.com/bid/20931/info All In One Control Panel AIOCP is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied input data. Exploiting these issues could allow an attacker to...

AIOCP 1.3.x - cp_show_ec_products.php Cross-Site Scripting

AIOCP 1.3.x - cpshowecproducts.php Cross-Site Scripting source: https://www.securityfocus.com/bid/20931/info All In One Control Panel AIOCP is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied input data. Exploiting these issues could allow...

IF-CMS - index.php Cross-Site Scripting

IF-CMS - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/20909/info IF-CMS is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code execute in...

ac4p Mobile - index.php Multiple Cross-Site Scripting Vulnerabilities

ac4p Mobile - index.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/20895/info Mobile is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues...

Exhibit Engine 1.22 - fstyles.php?toroot Remote File Inclusion

Exhibit Engine 1.22 - fstyles.php?toroot Remote File Inclusion source: https://www.securityfocus.com/bid/20793/info Exhibit Engine Software is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input. A successful exploit of these issues allo...

ASPPlayGround.NET Forum 2.4.5 - Calendar.asp Cross-Site Scripting

ASPPlayGround.NET Forum 2.4.5 - Calendar.asp Cross-Site Scripting source: https://www.securityfocus.com/bid/20335/info ASPPlayground.NET Forum Advanced Edition is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker may leverage...

Simpnews 2.x - 'pwlost.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/20714/info SimpNews is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage these issues to have arbitrary script code execute in the browser of an unsuspecting...

Webgenius Goop Gallery 2.0 - 'index.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/20554/info GOOP Gallery is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting us...

H-Sphere WebShell 2.x - login.php Cross-Site Scripting

H-Sphere WebShell 2.x - login.php Cross-Site Scripting source: https://www.securityfocus.com/bid/20532/info H-Sphere WebShell is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script co...

osCommerce 2.2 - adminreviews.php?page Cross-Site Scripting

osCommerce 2.2 - adminreviews.php?page Cross-Site Scripting source: https://www.securityfocus.com/bid/20343/info osCommerce is prone to multiple cross-site scripting vulnerabilities. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user i...

osCommerce 2.2 - '/admin/products_expected.php?page' Cross-Site Scripting

source: https://www.securityfocus.com/bid/20343/info osCommerce is prone to multiple cross-site scripting vulnerabilities. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site. This may help the attack...

osCommerce 2.2 - '/admin/reviews.php?page' Cross-Site Scripting

source: https://www.securityfocus.com/bid/20343/info osCommerce is prone to multiple cross-site scripting vulnerabilities. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site. This may help the attack...

Quickblogger 1.4 - Remote File Inclusion

source: https://www.securityfocus.com/bid/20210/info Quickblogger is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. A successful exploit of this issue allows an attacker to execute arbitrary server-side script code on an affected computer...

Photostore - details.php?gid Cross-Site Scripting

Photostore - details.php?gid Cross-Site Scripting source: https://www.securityfocus.com/bid/20172/info Photostore is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage these issues to have arbitrary...

BirdBlog 1.x - user.php?uid Cross-Site Scripting

BirdBlog 1.x - user.php?uid Cross-Site Scripting source: https://www.securityfocus.com/bid/20202/info BirdBlog is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage these issues to have arbitrary scri...

BirdBlog 1.x - 'comment.php?entryid' Cross-Site Scripting

source: https://www.securityfocus.com/bid/20202/info BirdBlog is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage these issues to have arbitrary script code execute in the browser of an unsuspecting...

CVE-2006-4958

Sun Secure Global Desktop (SSGD, Tarantella) contains multiple cross-site scripting vulnerabilities up to build 4.20.983. CERT details enumerate affected modules: taarchives.cgi, ttaAuthentication.jsp, ttalicense.cgi, ttawlogin.cgi, ttawebtop.cgi, ttaabout.cgi, and test-cgi, with the issue allowi...

Red Mombin 0.7 - 'index.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/20243/info Red Mombin is prone to multiple cross-site scripting vulnerabilities because the application fails to sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in the browser of an unsuspecting us...

BandSite CMS 1.1 - mp3_content.php Cross-Site Scripting

BandSite CMS 1.1 - mp3content.php Cross-Site Scripting source: https://www.securityfocus.com/bid/20137/info Grayscale BandSite CMS is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied input data. These issues may allow an attacker to access...