7604 matches found
CartWIZ 1.10 - 'Access.asp' Cross-Site Scripting
source: https://www.securityfocus.com/bid/13338/info CartWIZ is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of a...
CartWIZ 1.10 - 'searchresults.asp' Name Argument Cross-Site Scripting
source: https://www.securityfocus.com/bid/13343/info CartWIZ is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of a...
ASPNuke 0.80 - Select.asp Cross-Site Scripting
ASPNuke 0.80 - Select.asp Cross-Site Scripting source: https://www.securityfocus.com/bid/13320/info ASPNuke is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have...
ASPNuke 0.80 - profile.asp Cross-Site Scripting
ASPNuke 0.80 - profile.asp Cross-Site Scripting source: https://www.securityfocus.com/bid/13319/info ASPNuke is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have...
ProfitCode Software PayProCart 3.0 - AdminShop HDoc Cross-Site Scripting
ProfitCode Software PayProCart 3.0 - AdminShop HDoc Cross-Site Scripting source: https://www.securityfocus.com/bid/13305/info PayProCart is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may...
ProfitCode Software PayProCart 3.0 - AdminShop HDoc Cross-Site Scripting
source: https://www.securityfocus.com/bid/13305/info PayProCart is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser o...
ProfitCode Software PayProCart 3.0 - AdminShop MMActionComm Cross-Site Scripting
ProfitCode Software PayProCart 3.0 - AdminShop MMActionComm Cross-Site Scripting source: https://www.securityfocus.com/bid/13309/info PayProCart is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacke...
CVE-2005-1191
The Web View DLL webvw.dll, as used in Windows Explorer on Windows 2000 systems, does not properly filter an apostrophe "'" in the author name in a document, which allows attackers to execute arbitrary script via extra attributes when Web View constructs a mailto: link for the preview pane when t...
CVE-2005-1191
Summary : CVE-2005-1191 affects the Web View DLL (webvw.dll) used by Windows Explorer on Windows 2000. The flaw arises from insufficient validation of the Author field in file metadata, allowing an attacker to craft a name that, when Web View creates a mailto: link in the preview pane, results in...
CityPost PHP Image Editor M1M2M3ImgsrcM4 - URI Cross-Site Scripting
CityPost PHP Image Editor M1M2M3ImgsrcM4 - URI Cross-Site Scripting source: https://www.securityfocus.com/bid/13256/info source: https://www.securityfocus.com/bid/13257/info source: https://www.securityfocus.com/bid/13258/info source: https://www.securityfocus.com/bid/13259/info source:...
CityPost Simple PHP Upload - Simple-upload-53.php Cross-Site Scripting
CityPost Simple PHP Upload - Simple-upload-53.php Cross-Site Scripting source: https://www.securityfocus.com/bid/13261/info CityPost Simple PHP Upload is affected by a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input to...
CVE-2005-1156
Firefox before 1.0.3, Mozilla Suite before 1.7.7, and Netscape 7.2 allows remote attackers to execute arbitrary script and code via a new search plugin using sidebar.addSearchEngine, aka "Firesearching 1."...
MVNForum 1.0 - Search Cross-Site Scripting
source: https://www.securityfocus.com/bid/13213/info mvnForum is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of ...
MVNForum 1.0 - Search Cross-Site Scripting
MVNForum 1.0 - Search Cross-Site Scripting source: https://www.securityfocus.com/bid/13213/info mvnForum is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have...
OneWorldStore - 'OWContactUs.asp' Cross-Site Scripting
source: https://www.securityfocus.com/bid/13184/info OneWorldStore is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browse...
All4WWW-HomePageCreator 1.0 - index.php Remote File Inclusion
All4WWW-HomePageCreator 1.0 - index.php Remote File Inclusion source: https://www.securityfocus.com/bid/13169/info All4WWW-Homepagecreator is affected by an arbitrary remote file include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input befo...
OneWorldStore - OWListProduct.asp Cross-Site Scripting
OneWorldStore - OWListProduct.asp Cross-Site Scripting source: https://www.securityfocus.com/bid/13185/info OneWorldStore is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this iss...
SPHPBlog 0.4 - 'search.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/13170/info sphpBlog is affected by a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser ...
Pinnacle Cart - 'index.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/13138/info Pinnacle Cart is affected by a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting use...
Comersus Cart 4.0/5.0 - 'Comersus_Search_Item.asp' Cross-Site Scripting
source: https://www.securityfocus.com/bid/13125/info Comersus Cart is affected by a cross-site scripting vulnerability. This issue is due to a failure in the application to properly validate user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the...