Oracle Application Server vulnerable to cross-site scripting

Overview Oracle Application Server from Oracle contains a cross-site scripting vulnerability. Oracle Application Server from Oracle is an application server. Oracle Application Server contains a cross-site scripting vulnerability. Daiki Fukumori reported this vulnerability to IPA. JPCERT/CC...

Simple PHP Blog v0.5.1 Local File Inclusion Vulnerability

Exploit for unknown platform in category web applications ========================================================= Simple PHP Blog v0.5.1 Local File Inclusion Vulnerability ========================================================= Simple PHP Blog is prone to a local file-include vulnerability...

FlatPress 'userid' Parameter Local File Include Vulnerability

FlatPress is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive information and execute arbitrary local scripts in the context of the webserver process. This may allow th...

opera -- multiple vulnerabilities

Opera Team reports: An unspecified error in the processing of JPEG images can be exploited to trigger a memory corruption. An error can be exploited to execute arbitrary script code in a different domain via unspecified plugins. An unspecified error has a "moderately severe" impact. No further...

AbleDating 2.4 - search_results.php?keyword Cross-Site Scripting

AbleDating 2.4 - searchresults.php?keyword Cross-Site Scripting source: https://www.securityfocus.com/bid/29342/info AbleDating is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied data. The issues include an SQL-injection vulnerability and...

AbleDating 2.4 - search_results.php?keyword SQL Injection

AbleDating 2.4 - searchresults.php?keyword SQL Injection source: https://www.securityfocus.com/bid/29342/info AbleDating is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied data. The issues include an SQL-injection vulnerability and a...

Multiple Cybozu products vulnerable to cross-site scripting

Overview Multiple Cybozu products are vulnerable to cross-site scripting. Multiple Cybozu products are vulnerable to cross-site scripting. This vulnerability is different from JVN50342989. Impact An arbitrary script can be executed on the user's web browser. Solution Update the Software Apply the...

pnamazu cross-site scripting vulnerability

Overview pnamazu, the Perl version program of the full-text search engine Namazu, contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution None...

DesignForm cross-site scripting vulnerability

Overview DesignForm is a mail form CGI provided by GNB. A cross-site scripting vulnerability exists in DesignForm. DesignForm is a mail form CGI provided by GNB. It is used to send mail from a form on a web page. A cross-site scripting vulnerabiltiy exists in DesignForm. Impact An arbitrary scrip...

tDiary cross-site scripting vulnerability

Overview tDiary, a weblog system from the tDiary development project, contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution None...

b2evolution cross-site scripting vulnerability

Overview b2evolution, a blog publishing system, contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. If session information from a cookie is leaked, session hijacking could be conducted. Solution None...

MTCMS WYSIWYG Editor cross-site scripting vulnerability

Overview MTCMS WYSIWYG Editor, weblog management software from SKYARC System, contains a cross-site scripting vulnerability. MTCMS WYSIWYG Editor from SKYARC System is management software used to update Movable Type contents, etc. The install.cgi in MTCMS WYSIWYG Editor contains a cross-site...

RaidenHTTPD cross-site scripting vulnerability

Overview RaidenHTTPD, from Sonei Information Systems TEAM JOHNLONG, contains a cross-site scripting vulnerability. This issue is different from JVN90438169. RaidenHTTPD is a multipurpose web server for Windows provided by TEAM JOHNLONG. RaidenHTTPD contains a cross-site scripting vulnerability...

Drupal cross-site scripting vulnerability

Overview Drupal, an open source content management system, contains a cross-site scripting vulnerability. This vulnerability is different from JVN82240092. Impact An arbitrary script could be executed on the browser of the user who logged into Drupal. In addition, if session information from a...

04WebServer cross-site scripting vulnerability

Overview 04WebServer, open source web server software, contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution None...

MODx cross-site scripting vulnerability

Overview MODxl, an open source content management system, contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. If session information from a cookie is leaked, an attacker could possibly conduct session hijacking. Solution None...

Drupal cross-site scripting vulnerability

Overview Drupal, an open source content management system, contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. If session information from a cookie is leaked, an attacker could possible conduct session hijacking. Solution None...

artmedic webdesign weblog - Multiple Local File Inclusions

source: https://www.securityfocus.com/bid/27797/info artmedic webdesign weblog is prone to multiple local file-include vulnerabilities because it fails to properly sanitize user-supplied input. Exploiting these issues may allow an attacker to access potentially sensitive information and execute...

OpenBiblio 0.x - staff_del_confirm.php Multiple Cross-Site Scripting Vulnerabilities

OpenBiblio 0.x - staffdelconfirm.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/27053/info OpenBiblio is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied data. The issues include SQL-injection,...

OpenBiblio 0.x - theme_del_confirm.php?name Cross-Site Scripting

OpenBiblio 0.x - themedelconfirm.php?name Cross-Site Scripting source: https://www.securityfocus.com/bid/27053/info OpenBiblio is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied data. The issues include SQL-injection, cross-site scripting...