CVE-2006-2048

Multiple cross-site scripting XSS vulnerabilities in index.php in Edwin van Wijk phpWebFTP 2.3 allow remote attackers to inject arbitrary web script or HTML via the 1 port, 2 server, and 3 user parameters. NOTE: it is possible that the affected version is actually 3.2...

DevBB 1.0 - member.php Cross-Site Scripting

DevBB 1.0 - member.php Cross-Site Scripting source: https://www.securityfocus.com/bid/17703/info DevBB is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrar...

GLSA-200604-12 : Mozilla Firefox: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200604-12 Mozilla Firefox: Multiple vulnerabilities Several vulnerabilities were found in Mozilla Firefox. Versions 1.0.8 and 1.5.0.2 were released to fix them. Impact : A remote attacker could craft malicious web pages that would...

PhpWebFtp Cross Site Scripting Vulnerability

Summary =============================================== phpWebFTP enables connections to FTP servers, even behind a firewall not allowing traffic. phpWebFTP bypasses the firewall by making a FTP connection from your webserver to the FTP server and transfering the files to your webclient over the...

Mozilla Firefox: Multiple vulnerabilities

Background Mozilla Firefox is the next-generation web browser from the Mozilla project. Description Several vulnerabilities were found in Mozilla Firefox. Versions 1.0.8 and 1.5.0.2 were released to fix them. Impact A remote attacker could craft malicious web pages that would leverage these issue...

CVE-2006-1960

Cross-site scripting XSS vulnerability in the appliance web user interface in Cisco CiscoWorks Wireless LAN Solution Engine WLSE and WLSE Express before 2.13 allows remote attackers to inject arbitrary web script or HTML, possibly via the displayMsg parameter to archiveApplyDisplay.jsp, aka bug I...

ThWboard 3.0 - index.php Cross-Site Scripting

ThWboard 3.0 - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/17627/info ThWboard is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have...

Portal Pack 6.0 - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/17628/info Portal Pack is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code executed i...

JVN#84091359 Trac cross-site scripting vulnerability

Impact A remote attacker could possibly execute an arbitrary script on the user's web browser. Solution Products Affected Trac 0.94 and earlier versions of 0.9 series Trac-ja 0.94 and earlier versions of 0.9 series...

BannerFarm 2.3 - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/17613/info BannerFarm is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code executed in...

IntelliLink Pro 5.06 - 'addlink_lwp.cgi?url' Cross-Site Scripting

source: https://www.securityfocus.com/bid/17605/info IntelliLink Pro is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execut...

CutePHP CuteNews 1.4.1 Editnews Module - Cross-Site Scripting

CutePHP CuteNews 1.4.1 Editnews Module - Cross-Site Scripting source: https://www.securityfocus.com/bid/17592/info CuteNews is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this...

Manila 9.0.1 - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/17563/info Manila is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code executed in the...

DbbS 2.0 - Multiple Input Validation Vulnerabilities

DbbS 2.0 - Multiple Input Validation Vulnerabilities source: https://www.securityfocus.com/bid/17559/info DbbS is prone to multiple input-validation vulnerabilities. The issues include cross-site scripting and command-execution vulnerabilities. These issues are due to a failure in the application...

PHPFaber TopSites - index.php Cross-Site Scripting

PHPFaber TopSites - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/17542/info phpFaber TopSites is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code...

JVN#35274905 FreeStyleWiki cross-site scripting vulnerability

Impact An rbitrary script may be executed on the user's web browser. In addition, if session information from a cookie is leaked, an attacker could possibly conduct session hijacking. Solution Products Affected FreeStyleWiki 3.5.10 and earlier...

Cross site scripting

Cross-site scripting XSS vulnerability in Adobe Document Server for Reader Extensions 6.0 allows remote attackers to inject arbitrary web script or HTML via 1 the actionID parameter in ads-readerext and 2 the op parameter in AlterCast. NOTE: it is not clear whether the vendor advisory addresses...

LifeType 1.0.3 - 'index.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/17529/info LifeType is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the contex...

Cross site scripting

Cross-site scripting XSS vulnerability in XMB Forum 1.9.5 allows remote attackers to inject arbitrary web script or HTML by uploading a Flash .SWF video that contains a getURL function call, which causes the video to be rendered without disabling ActionScript...

PHPMyForum 4.0 - 'page' Cross-Site Scripting

source: https://www.securityfocus.com/bid/17420/info phpMyForum is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code executed in...