4774 matches found
MKPortal 1.1 - Multiple Input Validation Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/17651/info MKPortal is prone to multiple input-validation vulnerabilities. The issues include cross-site scripting and SQL-injection vulnerabilities. These issues are due to a failure in the application to properly saniti...
Online Contact Manager 3.0 index.php showGroup Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/34626/info Online Contact Manager is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script...
ScrewTurn Software ScrewTurn Wiki 2.0.x 'System Log' Page HTML Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/30429/info ScrewTurn Wiki is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and...
PhpGedView 2.5/2.6 Login.PHP URL Parameter Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/11903/info It is reported that PhpGedView is affected by a cross-site scripting vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied URI input. This issue could permit a remo...
PhpGedView 2.5/2.6 Login.PHP Newlanguage Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/11905/info It is reported that PhpGedView is affected by a cross-site scripting vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied URI input. This issue could permit a remo...
e107 website system 0.7.5 fpw.php Query String (PATH_INFO) Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/19997/info e107 CMS is prone to multiple cross-site scripting vulnerabilities because the application fails to sanitize user-supplied input. An attacker may levearge this issue to have arbitrary script code execute in the...
ActiveNews Manager activenews_view.asp articleID Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/21167/info Active News Manger is prone to multiple input-validation vulnerabilities, including SQL-injection issues and a cross-site scripting issue, because it fails to sufficiently sanitize user-supplied data. Exploitin...
MoinMoin 1.5.x Index.PHP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/23676/info MoinMoin is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...
ActiveNews Manager default.asp page Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/21167/info Active News Manger is prone to multiple input-validation vulnerabilities, including SQL-injection issues and a cross-site scripting issue, because it fails to sufficiently sanitize user-supplied data. Exploitin...
e107 website system 0.7.5 submitnews.php Query String (PATH_INFO) Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/19997/info e107 CMS is prone to multiple cross-site scripting vulnerabilities because the application fails to sanitize user-supplied input. An attacker may levearge this issue to have arbitrary script code execute in the...
Basit 1.0 Search Module Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/7142/info A cross-site scripting vulnerability has been reported for Basit. This vulnerability occurs due to insufficient sanitization of some user-supplied input. As a result of this deficiency an attacker may exploit th...
GuppY 2.4 Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8768/info GuppY is reported to be prone to a cross-site scripting vulnerability due to insufficient sanitization of user-supplied input. The problem exists in the postguest module of the software. This issue may allow a...
vBulletin 4.0.2 Search Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/38895/info vBulletin is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...
Odysseus Blog 1.0 Blog.PHP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/21128/info Odysseus Blog is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code execute in the...
PHP Advanced Transfer Manager 1.30 Remote Unauthorized Access Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/15237/info PHP Advanced Transfer Manager can allow remote attackers to gain unauthorized access. Access to sensitive files containing authentication credentials is not restricted, therefore an attacker can simply issue a...
Simple Machines Forum 1.0/1.1 Index.PHP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/20629/info Simple Machines Forum is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code...
phpMyChat 0.14.6 style.css.php medium Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/15679/info phpMyChat is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code...
Meeting Room Booking System (MRBS) 1.2.6 report.php area Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/30531/info MRBS Meeting Room Booking Software is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary...
Solupress News 1.0 Search.ASP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/15695/info Solupress News is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary...
Snitz Forums 2000 Forum.ASP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/20004/info Snitz Forums 2000 is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. This could allow an attacker to steal cookie-based authentication credentials and...