JSPWiki <= 2.5.139 Comment.jsp Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/25803/info JSPWiki is prone to multiple input-validation vulnerabilities, including multiple cross-site scripting issues and an HTML-injection issue, because the application fails to adequately sanitize user-supplied inpu...

Mantis 0.x Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/10994/info Mantis is a web-based bug tracking system. It is written in PHP and supported by a MySQL database. It is reported that Mantis is affected by cross-site scripting vulnerabilities. These issues are due to a failu...

V3 Chat Instant Messenger - expire.php cust_name Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/18543/info V3 Chat Instant Messenger is prone to multiple cross-site scripting and SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker...

Absolute News Manager .NET 5.1 xlaabsolutenm.aspx rmore Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/26692/info Absolute News Manager .NET is prone to multiple remote vulnerabilities, including multiple cross-site scripting, SQL-injection, and information-disclosure issues. Attackers can exploit these issues to steal...

Uebimiau 2.7.x Index.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/25912/info UebiMiau is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. Exploiting this vulnerability may allow an attacker to perform cross-site scripting attacks o...

E-vanced Solutions E-vents 5.0 Multiple Input Validation Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/26526/info E-vanced Solutions E-vents is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to steal cookie-bas...

UBBCentral UBB.threads 6.2.3/6.5 calendar.php Cat Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/11900/info It is reported that UBB.threads is affected by multiple cross-site scripting vulnerabilities. These issues are due to a failure of the application to properly sanitize user-supplied URI input prior to including...

NextAge Shopping Cart Multiple HTML Injection Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/17685/info NextAge Shopping Cart is prone to multiple HTML-injection vulnerabilities; the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML...

CuteNews 1.3.6 Result Parameter Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/21403/info CuteNews is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code execute in the browser of a...

Phorum 5.2 admin/badwords.php curr Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/34551/info Phorum is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied input. An attacker can exploit these issues to steal cookie-based...

timobraun Dynamic Galerie 1.0 index.php pfad Variable Arbitrary Directory Listing

No description provided by source. source: http://www.securityfocus.com/bid/17896/info Dynamic Galerie is prone to a directory-traversal vulnerability and a cross-site scripting vulnerability. These issues are due to a failure in the application to properly sanitize user-supplied input. An attack...

timobraun Dynamic Galerie 1.0 index.php pfad Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/17896/info Dynamic Galerie is prone to a directory-traversal vulnerability and a cross-site scripting vulnerability. These issues are due to a failure in the application to properly sanitize user-supplied input. An attack...

FlatPress 0.804 Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/31407/info FlatPress is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the brows...

Trillian Instant Messaging 0.x Credential Encryption Weakness

No description provided by source. source: http://www.securityfocus.com/bid/5677/info The Trillian instant messaging client uses weak encryption to store saved authentication credentials for instant messaging services. The credentials are encrypted by using XOR with a static key that is used with...

Novell QuickFinder Server Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/33708/info Novell QuickFinder Server is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage these issues to execute arbitrary...

PHP Live Helper 2.0 Chat.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/17960/info PHP Live Helper is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrar...

Kempt SiteDone 2.0 'detail.php' Cross Site Scripting and SQL Injection Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/38856/info Kempt SiteDone is prone to an SQL-injection vulnerability and cross-site scripting vulnerability. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, control how th...

webSPELL 4.1.2 usergallery.php galleryID Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/26787/info webSPELL is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browse...

Moodle 1.x 'post.php' Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10884/info It is reported that Moodle is vulnerable to a cross-site scripting vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied input prior to including it in dynamic web...

BMForum 5.6 - index.php outpused Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/29339/info BMForum is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the...