RMSOFT MiniShop 1.0 'search.php' Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/30616/info RMSOFT MiniShop is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the...

EsContacts 1.0 - search.php msg Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/28825/info EsContacts is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. Attackers may leverage these issues to execute arbitrary script code in the browse...

IBM Lotus Connections 2.0.1 'simpleSearch.do' Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/36513/info IBM Lotus Connections is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...

FTLS GuestBook 1.1 Script Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6686/info Guestbook does not adequately filter HTML tags from various fields. This may enable an attacker to inject arbitrary script code into pages that are generated by the guestbook. The attacker's script code may be...

Wikepage Opus 13 2007.2 - 'wiki' Parameter Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/28842/info Wikepage Opus is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of a...

MaxWebPortal 1.30 search.asp Search Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/7837/info A number of vulnerabilities have been discovered in the MaxWebPortal. The issues that have been discovered include: MaxWebPortal 'search.asp' has been reported prone to a cross-site scripting vulnerability. An...

OpenDocMan 1.x - 'out.php' Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/29765/info OpenDocMan is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...

CommonSpot Server 'utilities/longproc.cfm' Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/37986/info CommonSpot Server is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in...

webSPELL 4.1.2 calendar.php Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/26787/info webSPELL is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browse...

Achievo <= 1.3.4 Multiple Cross Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/35140/info Achievo is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the...

Thwboard Beta 2.8 calendar.php year Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/15763/info ThWboard is prone to multiple input validation vulnerabilities. The application is vulnerable to HTML injection, cross-site scripting, and SQL injection; these issues are due to a lack of proper sanitization of...

EsContacts 1.0 - importer.php msg Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/28825/info EsContacts is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. Attackers may leverage these issues to execute arbitrary script code in the browse...

Zikula Application Framework 1.2.2 index.php func Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/39717/info Zikula Application Framework is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code i...

AppServ Open Project <= 2.5.10 - 'appservlang' Parameter Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/29291/info AppServ Open Project is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the brows...

Joomla! 3D Cloud 'tagcloud.swf' Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/37958/info The 3D Cloud component for Joomla! is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitra...

XMB Forum 1.8 BBcode align Tag XSS

No description provided by source. source: http://www.securityfocus.com/bid/9726/info XMB Forum has been reported prone to multiple cross-site scripting, HTML injection and SQL injection vulnerabilities. The issues present themselves due to insufficient sanitization of remote user supplied data. ...

CuteNews 1.4.5 show_news.php Query String XSS

No description provided by source. source: http://www.securityfocus.com/bid/21233/info CuteNews is prone to multiple input-validation vulnerabilities, including an HTML-injection vulnerability, cross-site scripting vulnerabilities, and information-disclosure vulnerabilities. An attacker could...

FlashCard 2.6.5 'id' Parameter Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/39648/info FlashCard is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

Microsoft Office 2003 Embedded Shockwave Flash Object Security Bypass Weakness

No description provided by source. source: http://www.securityfocus.com/bid/18583/info Microsoft Office is prone to a weakness that may allow remote attackers to execute arbitrary script code contained in Shockwave Flash Objects without first requiring confirmation from users. A successful attack...

MoinMoin <= 1.8 'AttachFile.py' Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/33365/info MoinMoin is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute arbitrary script code in the browser ...