Apache Jackrabbit 1.4/1.5 Content Repository (JCR) search.jsp q Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/33360/info Apache Jackrabbit is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code i...

Joomla! 'com_mygallery' Component - 'cid' Parameter SQL Injection Vulnerability

No description provided by source. Bugtraq ID: 37121 Class: Input Validation Error Published: Feb 21 2008 12:00AM Updated: Nov 24 2009 10:15PM Credit: S@BUN Vulnerable: Joomla commygallery 0 The 'commygallery' component for Joomla! is prone to an SQL-injection vulnerability because it fails to...

timobraun Dynamic Galerie 1.0 galerie.php pfad Variable Arbitrary Directory Listing

No description provided by source. source: http://www.securityfocus.com/bid/17896/info Dynamic Galerie is prone to a directory-traversal vulnerability and a cross-site scripting vulnerability. These issues are due to a failure in the application to properly sanitize user-supplied input. An attack...

JGS-Gallery 4.0 Board jgs_galerie_scroll.php userid Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/16810/info JGS-Gallery is prone to multiple cross-site scripting vulnerabilities. These issues are due to a lack of proper sanitization of user-supplied input. An attacker may leverage these issues to have arbitrary scrip...

Digital Hive 2.0 - 'base.php' Parameter Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/28918/info Digital Hive is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...

Flyspray 0.9.9 Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/26891/info Flyspray is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browse...

PHPPost 1.0 profile.php user Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/15524/info PHP-Post is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code ...

RedCMS 0.1 login.php Multiple Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/17336/info RedCMS is prone to multiple input-validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. The application is prone to HTML-injection and...

Rae Media Real Estate Single Agent SQL Injection Vulnerability

No description provided by source. Source: http://www.securityfocus.com/bid/45211/discuss Real Estate Single is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to...

Tutos 1.1 File_Select.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8011/info It has been reported that Tutos does not properly handle input to the fileselect script. Because of this, an attacker may be able to execute code in the browser of another user with the privileges of the...

Vanilla 1.1.4 HTML Injection and Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/30748/info Vanilla is prone to multiple HTML-injection vulnerabilities and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute...

SquirrelMail 1.4.2 Address Add Plugin Add.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/14973/info SquirrelMail Address Add Plugin is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary code in the...

WebGlimpse 2.x Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/15916/info WebGlimpse is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary...

FlatNuke 2.5.5 structure.php Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/14483/info FlatNuke is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these vulnerabilities t...

CyberShop Ultimate E-commerce Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/16473/info CyberShop Ultimate E-commerce is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage...

energine 2.3.8 - Multiple Vulnerabilities

No description provided by source. Vulnerability ID: HTB22783 Reference: http://www.htbridge.ch/advisory/sqlinjectionvulnerabilityinenergine.html Product: Energine Vulnerable Version: 2.3.8 and probably prior versions Vendor Notification: 28 December 2010 Vulnerability Type: SQL Injection Status:...

DBHcms 1.1.4 (dbhcms_user and searchString) - SQL Injection Vulnerability

No description provided by source. Vulnerability ID: HTB22651 Reference: http://www.htbridge.ch/advisory/sqlinjectionindbhcms.html Product: DBHcms Vendor: drbenhur.com http://www.drbenhur.com/ Vulnerable Version: 1.1.4 and probably prior versions Vendor Notification: 13 October 2010 Vulnerability...

Adobe Flash Player Shader Buffer Overflow

No description provided by source. This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 Msf::Exploit::Remote Rank = NormalRanking include Msf::Exploit::Remote::BrowserExploitServer def...

BMForum 5.6 - index.php outpused Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/29339/info BMForum is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the...

RedCMS 0.1 profile.php u Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/17336/info RedCMS is prone to multiple input-validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. The application is prone to HTML-injection and...