Astaro Security Linux 5 'index.fpl' Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/38893/info Astaro Security Linux is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...

Tutos 1.1 File_Select.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8011/info It has been reported that Tutos does not properly handle input to the fileselect script. Because of this, an attacker may be able to execute code in the browser of another user with the privileges of the...

VBZooM Forum 1.11 contact.php UserID Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/16956/info VBZooM Forum is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issue...

Joomla! 'com_mygallery' Component - 'cid' Parameter SQL Injection Vulnerability

No description provided by source. Bugtraq ID: 37121 Class: Input Validation Error Published: Feb 21 2008 12:00AM Updated: Nov 24 2009 10:15PM Credit: S@BUN Vulnerable: Joomla commygallery 0 The 'commygallery' component for Joomla! is prone to an SQL-injection vulnerability because it fails to...

SiteEnable 3.3 Login.ASP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/16009/info SiteEnable is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary...

DBHcms 1.1.4 (dbhcms_user and searchString) - SQL Injection Vulnerability

No description provided by source. Vulnerability ID: HTB22651 Reference: http://www.htbridge.ch/advisory/sqlinjectionindbhcms.html Product: DBHcms Vendor: drbenhur.com http://www.drbenhur.com/ Vulnerable Version: 1.1.4 and probably prior versions Vendor Notification: 13 October 2010 Vulnerability...

timobraun Dynamic Galerie 1.0 galerie.php pfad Variable Arbitrary Directory Listing

No description provided by source. source: http://www.securityfocus.com/bid/17896/info Dynamic Galerie is prone to a directory-traversal vulnerability and a cross-site scripting vulnerability. These issues are due to a failure in the application to properly sanitize user-supplied input. An attack...

FlatNuke 2.5.5 structure.php Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/14483/info FlatNuke is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these vulnerabilities t...

EVA-Web 2.1.2 index.php Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/18161/info EVA-Web is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have...

Digital Hive 2.0 - 'base.php' Parameter Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/28918/info Digital Hive is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...

Vanilla 1.1.4 HTML Injection and Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/30748/info Vanilla is prone to multiple HTML-injection vulnerabilities and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute...

Dreamcost HostAdmin 3.1 'index.php' Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/31538/info Dreamcost HostAdmin is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute arbitrary script code in t...

RedCMS 0.1 profile.php u Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/17336/info RedCMS is prone to multiple input-validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. The application is prone to HTML-injection and...

PHPPost 1.0 profile.php user Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/15524/info PHP-Post is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code ...

Rae Media Real Estate Single Agent SQL Injection Vulnerability

No description provided by source. Source: http://www.securityfocus.com/bid/45211/discuss Real Estate Single is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to...

Commercial Interactive Media SCOOP! 2.3 articleZone.asp Invalid Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/16015/info Commercial Interactive Media SCOOP! is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may...

energine 2.3.8 - Multiple Vulnerabilities

No description provided by source. Vulnerability ID: HTB22783 Reference: http://www.htbridge.ch/advisory/sqlinjectionvulnerabilityinenergine.html Product: Energine Vulnerable Version: 2.3.8 and probably prior versions Vendor Notification: 28 December 2010 Vulnerability Type: SQL Injection Status:...

Comersus Cart 7.0.7 comersus_customerAuthenticateForm.asp redirectUrl XSS

No description provided by source. source: http://www.securityfocus.com/bid/24562/info Comersus Cart is affected by multiple input validation vulnerabilities. A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the...

SquirrelMail 1.4.2 Address Add Plugin Add.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/14973/info SquirrelMail Address Add Plugin is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary code in the...

Apache Jackrabbit 1.4/1.5 Content Repository (JCR) search.jsp q Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/33360/info Apache Jackrabbit is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code i...