7602 matches found
Easypx41 - Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/14416/info Easypx41 is prone to cross-site scripting vulnerabilities. An attacker may leverage these issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. These may facilitate the theft of...
@Mail 4.04.13 - Multiple Cross-Site Scripting Vulnerabilities
@Mail 4.04.13 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/14408/info @Mail is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may levera...
USN-155-1: Mozilla vulnerabilities
Secunia.com reported that one of the recent security patches in Firefox reintroduced the frame injection patch that was originally known as CAN-2004-0718. This allowed a malicious web site to spoof the contents of other web sites. CAN-2005-1937 It was discovered that a malicious website could...
Clever Copy 2.0 - results.php Cross-Site Scripting
Clever Copy 2.0 - results.php Cross-Site Scripting source: https://www.securityfocus.com/bid/14395/info Clever Copy is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage an...
BMForum 3.0 - 'topic.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/14396/info BMForum is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues to have arbitrary script code execute...
SPI Dynamics WebInspect 5.0.196 - Cross Application Script Injection
SPI Dynamics WebInspect 5.0.196 - Cross Application Script Injection source: https://www.securityfocus.com/bid/14385/info WebInspect is vulnerable to a cross-application script injection vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied data prior...
SPI Dynamics WebInspect 5.0.196 - Cross Application Script Injection
source: https://www.securityfocus.com/bid/14385/info WebInspect is vulnerable to a cross-application script injection vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied data prior to including it in content rendered in an Internet Explorer COM...
Asn Guestbook 1.5 - 'footer.php?version' Cross-Site Scripting
source: https://www.securityfocus.com/bid/14356/info Asn Guestbook is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues to have arbitrary script code...
Pyrox Search 1.0.5 - Newsearch.php Whatdoreplace Cross-Site Scripting
Pyrox Search 1.0.5 - Newsearch.php Whatdoreplace Cross-Site Scripting source: https://www.securityfocus.com/bid/14343/info A cross-site scripting vulnerability affects Pyrox Search. This issue is due to a failure of the application to properly sanitize user-supplied URI input that will be output ...
JVN#60776919 tDiary cross-site request forgery vulnerability
Impact If a user loads a malicious web page, an attacker could alter or delete the diary text or alter tDiary configurations. In addition, a remote attacker could execute an arbitrary script or command on the web server running tDiary with privileges of the tDiary user. Solution Products Affected...
CVE-2004-2279
Cross-site scripting XSS vulnerability in Invision Power Board 1.3 Final allows remote attackers to execute arbitrary script as other users via the pop parameter in a chat action to index.php...
CVE-2004-2261
CVE-2004-2261 is an XSS vulnerability in the e107 content management system. The issue allows remote attackers to inject arbitrary script or HTML via the login name/author field in the News Submit or Article Submit functions. The connected sources confirm the vulnerability details but do not prov...
CVE-2004-2261
Cross-site scripting XSS vulnerability in e107 allows remote attackers to inject arbitrary script or HTML via the "login name/author" field in the 1 news submit or 2 article submit functions...
Mozilla Thunderbird: Multiple vulnerabilities
Background Mozilla Thunderbird is the next-generation mail client from the Mozilla project. Description The following vulnerabilities were found and fixed in Mozilla Thunderbird: "mozbugra4" and "shutdown" discovered that Thunderbird was improperly cloning base objects MFSA 2005-56. "mozbugra4"...
CVE-2002-2086
Multiple cross-site scripting XSS vulnerabilities in magicHTML of SquirrelMail before 1.2.6 allow remote attackers to inject arbitrary web script or HTML via 1 "script" in unspecified input fields or 2 a javascript: URL in the src attribute of an IMG tag...
Simple Message Board 2.0 beta1 - 'Thread.cfm' Cross-Site Scripting
source: https://www.securityfocus.com/bid/14268/info A cross-site scripting vulnerability affects Simple Message Board. This issue is due to a failure of the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the...
CVE-2005-2269
Firefox before 1.0.5, Mozilla before 1.7.9, and Netscape 8.0.2 does not properly verify the associated types of DOM node names within the context of their namespaces, which allows remote attackers to modify certain tag properties, possibly leading to execution of arbitrary script or code, as...
CVE-2005-2269
Firefox before 1.0.5, Mozilla before 1.7.9, and Netscape 8.0.2 does not properly verify the associated types of DOM node names within the context of their namespaces, which allows remote attackers to modify certain tag properties, possibly leading to execution of arbitrary script or code, as...
CVE-2005-2269
Firefox before 1.0.5, Mozilla before 1.7.9, and Netscape 8.0.2 does not properly verify the associated types of DOM node names within the context of their namespaces, which allows remote attackers to modify certain tag properties, possibly leading to execution of arbitrary script or code, as...
WebEOC is vulnerable to cross-site scripting attacks
Overview WebEOC contains multiple cross-site scripting vulnerabilities that may allow a remote attacker to inject and execute arbitrary script using a vulnerable WebEOC site. Description WebEOC is a web-based crisis information management application that provides functions to gather, coordinate,...