SurfControl SuperScout Email Filter 3.5 User Credential Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5929/info SurfControl SuperScout Email Filter comes with a web-based interface to provide remote access to administrative facilities. One of the files userlist.asp that comes with the web interface contains a listing of...

Blue Coat Reporter 7.0/7.1 License HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13725/info Blue Coat Reporter is prone to an HTML injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated content...

EVA-Web 2.1.2 rubrique.php3 date Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/18161/info EVA-Web is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have...

News Module for Envolution modules.php Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/15857/info Envolution is prone to multiple input validation vulnerabilities. Successful exploitation of these vulnerabilities could result in a compromise of the application, disclosure or modification of data, the theft ...

PHP-Nuke 6.x/7.x Your_Account Module Avatarcategory Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13010/info It is reported that the PHP-Nuke 'YourAccount' module is affected by a cross-site scripting vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied URI input. This...

FortiGate Firewall 2.x Policy Admin Interface XSS

No description provided by source. source: http://www.securityfocus.com/bid/9033/info Multiple cross-site scripting vulnerabilities have been reported in the FortiGate Firewall web administrative interface. These issues could be exploited by enticing an administrative user to follow a malicious...

Cfnetgs 0.24 - 'index.php' Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/28267/info Cfnetgs is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage this issue to execut...

Pre ASP Job Board 'emp_login.asp' Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/32572/info Pre ASP Job Board is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the brows...

Jax PHP Scripts 1.0/1.34/2.14/3.31 petitionbook Script User IP Disclosure

No description provided by source. source: http://www.securityfocus.com/bid/14482/info Jax PHP Scripts are affected by multiple cross-site scripting vulnerabilities. These issues are due to a failure in the applications to properly sanitize user-supplied input. An attacker may leverage any of the...

MKPortal 1.x Multiple Modules Cross Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/36216/info Multiple modules of MKPortal are prone to cross-site scripting vulnerabilities because the software fails to sufficiently sanitize user-supplied data. Attacker-supplied HTML or JavaScript code could run in the...

Invision Power Board 1.x Unauthorized Access Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13802/info Invision Power Board is affected by an unauthorized access vulnerability. Reportedly, a moderator can edit forum posts owned by other moderators through an HTTP GET request without providing sufficient...

LiveCart 1.0.1 category q Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/27087/info LiveCart is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browse...

MySQLDumper 1.21 SQL.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/20460/info MySQLDumper is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue could allow an attacker to execute attacker-supplied script code ...

CubeCart 3.0.x view_doc.php view_doc Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/20215/info CubeCart is prone to multiple input-validation vulnerabilities, including information-disclosure, cross-site scripting, and SQL-injection issues, because the application fails to properly sanitize user-supplied...

Photokorn 1.542 Cross Site Scripting and Remote File Include Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/37559/info Photokorn is prone to a cross-site scripting vulnerability and a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker can exploit these issues to execute...

Eggblog 3.1 admin/comments.php edit Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/21134/info Eggblog is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in the...

FuseTalk <= 4.0 AuthError.CFM Multiple Cross Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/24564/info FuseTalk is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied input. An attacker can exploit these issues to steal cookie-based...

RXGoogle.CGI 1.0/2.5 Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9575/info The rxgoogle.cgi search script is prone to a cross-site scripting vulnerability because the software fails to sanitize user input and allows various metacharacters that may facilitate cross-site scripting attack...

Multiple IBM Products Login Page Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/38412/info Multiple IBM products are prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...

VBulletin 1.0.1 lite/2.x/3.0 /admincp/template.php Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/14874/info vBulletin is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues t...