XLineSoft ASPRunner 1.0/2.x Database Direct Request Information Disclosure

No description provided by source. source: http://www.securityfocus.com/bid/10799/info ASPRunner is reported prone to multiple vulnerabilities. The reported issues include SQL injection, cross-site scripting, information disclosure and unauthorized access to database files. ASPRunner versions 2.4...

Swiki 1.5 - HTML Injection and Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/28680/info Swiki is prone to an HTML-injection vulnerability and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary...

SendStudio 4.0.1 Cross Site Scripting and Security Bypass Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/37554/info SendStudio also called Email Marketer is prone to a cross-site scripting issue and a security-bypass issue. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecti...

pixheaven.net XSS vulnerability

Open Bug Bounty ID: OBB-45724 Description| Value ---|--- Affected Website:| pixheaven.net Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat Shee...

openSUSE Security Update : MozillaFirefox (openSUSE-SU-2014:0599-1)

This is a MozillaFirefox update to version 29.0 : - MFSA 2014-34/CVE-2014-1518/CVE-2014-1519 Miscellaneous memory safety hazards - MFSA 2014-36/CVE-2014-1522 bmo995289 Web Audio memory corruption issues - MFSA 2014-37/CVE-2014-1523 bmo969226 Out of bounds read while decoding JPG images - MFSA...

Fortinet FortiWeb 4.x / 5.x < 5.0.3 Multiple Vulnerabilities

The remote host is running FortiWeb 4.x / 5.x prior to 5.0.3. It is, therefore, affected by multiple vulnerabilities : - FortiWeb is affected by a cross-site scripting vulnerability due to a failure to sanitize user-supplied input. CVE-2014-1955 - FortiWeb is affected by an unspecified HTTP heade...

Booking Calendar - Multiple Vulnerabilities

Booking Calendar - Multiple Vulnerabilities Booking Calendar PHP - Multiple Vulnerabilties =================================================================== .:. Author : AtT4CKxT3rR0r1ST .:. Contact : [email protected] , [email protected] .:. Home : http://www.iphobos.com/blog/ .:. Script :...

ArticleSetup - Multiple Vulnerabilities

ArticleSetup - Multiple Vulnerabilities Exploit Title : ArticleSetup Multiple Vulnerabilities Author : DevilScreaM Date : 21/09/2013 Category : Web Applications Vendor : http://www.articlesetup.com/ Version : 1.0 Dork intext:Powered By Article Marketing Vulnerability : Cross Site Scripting , SQL...

Symantec Endpoint Protection Manager XSS and CSRF Vulnerabilities

This host is installed with Symantec Endpoint Protection Manager and is prone to cross site scripting and cross site request forgery vulnerabilities. OpenVAS Vulnerability Test $Id: gbsymantecendpointprotectionxssncsrfvuln.nasl 7044 2017-09-01 11:50:59Z teissa $ Symantec Endpoint Protection Manag...

OpenEMR <= 4.0.0 Multiple XSS Vulnerabilities

OpenEMR is prone to multiple cross-site scripting XSS vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CentOS Update for ruby CESA-2011:0909 centos5 i386

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

vBulletin 3.x.x vBTube 1.2.9 Cross Site Scripting

Author : Mr.ThieF alert1; http://site/path/vBTube.php?page=1&do=user&uname="alert1; Example : http://www.magicalproteachings.com/cy/vBTube.php?page=1&do=user&uname="alert1; http://www.rchelicoptertown.com/forum/vBTube.php?do=view&vidid=%22%3E%3Cscript%3Ealert%281%29;%3C/script%3E Done...

LDAP Account Manager 'selfserviceSaveOk' Parameter Cross Site Scripting Vulnerability

LDAP Account Manager is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the...

Siestta <= 2.0 Multiple Vulnerabilities

Siestta and is prone multiple vulnerabilities. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:ramoncastro:siestta"; ifdescriptio...

Simple PHP Guestbook Cross Site Scripting

? ?????????????????????????In The Name Of Allah The Mercifull?????????????????????? ? Tybe: Suffering From XSS Vulnerability ? Vendor: www.simplephpguestbook.com ? ? Software : Simple PHP Guestbook ? - ? - author: R3d-D3v!L ? TEAM: ArAB!AN !NFORMAT!ON SeCuR!TY ? contact: N/A - ?Date: 10. Jan. 201...

DNN (DotNetNuke) < 5.2.0 SearchResults.aspx XSS

The version of DNN installed on the remote host is affected by a cross-site scripting vulnerability due to a failure to properly sanitize user-supplied input to the 'Search' parameter of the 'SearchResults.aspx' script before using it to generate dynamic HTML output. An unauthenticated, remote...

openSUSE Security Update : MozillaFirefox (MozillaFirefox-334)

This update brings the Mozilla Firefox browser to version 3.0.4. It fixes following security issues : CVE-2008-0017 / MFSA 2008-54 : The http-index-format MIME type parser nsDirIndexParser in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 does not check for...

[SECURITY] [DSA 1792-1] New drupal6 packages fix multiple vulnerabilities

------------------------------------------------------------------------ Debian Security Advisory DSA-1792-1 [email protected] http://www.debian.org/security/ Noah Meyerhans May 06, 2009 http://www.debian.org/security/faq -...

CentOS Update for php CESA-2008:0546-01 centos2 i386

Check for the Version of php OpenVAS Vulnerability Test CentOS Update for php CESA-2008:0546-01 centos2 i386 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...

RedHat Security Advisory RHSA-2009:0010

The remote host is missing updates announced in advisory RHSA-2009:0010. Ivan Markovic discovered a cross-site scripting XSS flaw in SquirrelMail caused by insufficient HTML mail sanitization. A remote attacker could send a specially-crafted HTML mail or attachment that could cause a user...