4774 matches found
JSPWiki 2.1 Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/11746/info It is reported that JSPWiki is susceptible to a cross-site scripting vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied URI input prior to including it in...
Reamday Enterprises Magic News Plus 1.0.2 Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/37566/info Magic News Plus is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in t...
PowerPortal 1.1/1.3 index.php search Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/16279/info PowerPortal is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to hav...
MMGallery 1.55 Thumbs.PHP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/21281/info The mmgallery script is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code execute in the...
VisualShapers EzContents 2.0.3 Loginreq2.PHP Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/19780/info ezContents is prone to a cross-site scripting vulnerability because it fails to sanitize input before displaying it to users of the application. An attacker may leverage this issue to have arbitrary script code...
KMMail 1.0 E-Mail HTML Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/6013/info kmMail does not sufficiently sanitize HTML and script code from the body of e-mail messages. As a result, an attacker may send a malicious message to a user of kmMail that includes arbitrary HTML and script code...
Captaris Infinite WebMail 3.61.5 HTML Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/6411/info An HTML injection vulnerability has been discovered in Captaris Infinite WebMail. Due to insufficient sanitization of HTML content, it is possible for an attacker to embed malicious script code into HTML email...
Ocean12 Technologies Calendar Manager Pro 1.0 1 admin/main.asp date Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/17877/info Calendar Manager Pro is prone to multiple input-validation vulnerabilities. The issues include cross-site scripting and SQL-injection vulnerabilities. These issues are due to a failure in the application to...
Simple Message Board 2.0 beta1 Search.CFM Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/14269/info A cross-site scripting vulnerability affects Simple Message Board. This issue is due to a failure of the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitra...
Cherokee 0.1.x/0.2.x/0.4.x Error Page Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/9496/info Cherokee has been reported to contain a cross-site scripting vulnerability via error pages. An attacker can exploit this issue by crafting a URI link containing the malevolent HTML or script code, and enticing a...
SearchSimon Lite 1.0 Filename.ASP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/26142/info SearchSimon Lite is prone to a cross-site scripting vulnerability because the application fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code...
Sun Java System Messenger Express 6.1-13-15 - 'sid' Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/28649/info Sun Java System Messenger Express is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrar...
MyBoard 1.0.12 - 'rep.php' Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/28823/info MyBoard is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...
TuttoPHP Morris Guestbook 'view.php' Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/36415/info Morris Guestbook is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser o...
Virtual Hosting Control System 2.4.7 .1 Server_day_stats.PHP Multiple Cross-Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/17790/info Virtual Hosting Control System is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to have...
Zen Cart 2008 - index.php keyword Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/29020/info Zen Cart is prone to a cross-site scripting vulnerability and an SQL-injection vulnerabilities because the application fails to sufficiently sanitize user-supplied input. Exploiting these issues could allow an...
Pilot Group eTraining courses_login.php cat_id Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/35834/info PG eTraining is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the...
EVA-Web 2.1.2 rubrique.php3 date Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/18161/info EVA-Web is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have...
EVA-Web 2.1.2 index.php Multiple Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/18161/info EVA-Web is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have...
DirectAdmin 1.28/1.29 CMD_TICKET type Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/21049/info DirectAdmin is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the...