Microsoft Internet Explorer 6.0 Search Pane URI Obfuscation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/11851/info A remote URI obfuscation vulnerability has been found in Internet Explorer's search pane functionality. This issue is due to a failure of the application to present the URI address of HTML and script code loade...

GuppY 2.4 Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8768/info GuppY is reported to be prone to a cross-site scripting vulnerability due to insufficient sanitization of user-supplied input. The problem exists in the postguest module of the software. This issue may allow a...

Joomla_1.6.0-Alpha2 XSS Vulnerabilities

No description provided by source. Title:Joomla1.6.0-Alpha2 XSS Vulnerabilities Date: 2010-05-02 Author: mega-itec.com Software Link: http://joomlacode.org/gf/download/frsrelease/11322/45252/Joomla1.6.0-Alpha2-Full-Package.zip Version: 1.6.0-alpha2 Tested on: relevant os CVE : Code :...

GigPress 2.1.10 Wordpress Plugin Stored XSS Vulnerability

No description provided by source. Exploit Title: GigPress 2.1.10 wordpress plugin Stored XSS Date: 21-2-2011 Author: Saif El-Sherei Version: GigPress 2.1.10, WordPress 3.0.5 Tested on: FireFox 3.6.13, IE 8 Vendor Response: plugin Author released an update to fix this issue Info: GigPress is a...

MTP Poll 1.0 - Multiple XSS Vulnerabilities

No description provided by source. ?!-- MTP Poll 1.0 Multiple Remote Script Insertion Vulnerabilities Vendor: MTP Scripts Product web page: http://www.morephp.net Affected version: 1.0 Summary: More than poll is a polling system with a powerful administration tool. It features: multiple pools,...

OpenBB 1.0.x member.php Multiple Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/10214/info It has been reported that OpenBB is affected by multiple input validation vulnerabilities. These issues are due to a failure of the application to properly sanitize user supplied user input. The SQL issues may...

DoceboLMS 4.0.4 - Multiple Stored XSS Vulnerabilities

No description provided by source. !-- DoceboLMS 4.0.4 Multiple Stored XSS Vulnerabilities Vendor: Docebo Product web page: http://www.docebo.org Affected version: 4.0.4 CE Summary: DoceboLMS is a SCORM compliant Open Source e-Learning platform used in corporate, government and education markets...

Fastream NetFile 6.0.3 .588 Error Message Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8908/info It has been reported that a cross-site scripting vulnerability may exist in NetFile that may allow remote attackers to execute HTML or script code in a user's browser. The issue is reported to occur due to a 404...

AldWeb MiniPortail 1.9/2.x LNG Parameter Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8504/info cross-site scripting vulnerability has been reported for miniPortail. The vulnerability exists due to insufficient sanitization of some user-supplied values. Specifically, malicious HTML code is not sanitized fr...

Basit 1.0 Submit Module Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7139/info A cross-site scripting vulnerability has been reported for Basit. This vulnerability occurs due to insufficient sanitization of some user-supplied input. As a result of this deficiency an attacker may exploit th...

Mango Blog 1.4.1 'archives.cfm/search' Cross Site Scripting Vulnerability

No description provided by source. !/usr/bin/env python coding: utf-8 from pocsuite.net import req from pocsuite.poc import POCBase, Output from pocsuite.utils import register class TestPOCPOCBase: vulID = 'SSV-87080' vul ID version = '1' author = 'fenghh' vulDate = '2010-03-03' createDate =...

KDE Konqueror <= 3.5.7 Assert Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/25170/info KDE Konqueror is prone to a remote denial-of-service vulnerability because it fails to handle improperly formated HTML code. An attacker may exploit this vulnerability to cause Konqueror to crash, resulting in...

PHP ManualMaker 1.0 - Multiple Input Validation Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/18244/info PHP ManualMaker is prone to multiple input-validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these issues to...

Endpoint Protector 4.0.4.2 - Multiple Persistent XSS

No description provided by source. Advisory Name: Multiple Persistent Cross-Site Scripting XSS in Endpoint Protector Internal Cybsec Advisory Id: 2012-1029-Multiple Persistent XSS in Endpoint Protector Vulnerability Class: Permanent Cross-Site Scripting XSS Release Date: 10/29/2012 Affected...

PHP-Nuke 6.x/7.x Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/12561/info It is reported that PHP-Nuke is affected by various cross-site scripting vulnerabilities. These issues are due to a failure of the application to properly sanitize user-supplied URI input. These issues could...

Microsoft Internet Explorer 6.0 IFRAME Status Bar URI Obfuscation Weakness

No description provided by source. source: http://www.securityfocus.com/bid/11590/info Microsoft Internet Explorer is reported prone to a URI obfuscation weakness. This issue may be leveraged by an attacker to display false information in the status bar of an unsuspecting user, allowing an attack...

Basit 1.0 Search Module Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7142/info A cross-site scripting vulnerability has been reported for Basit. This vulnerability occurs due to insufficient sanitization of some user-supplied input. As a result of this deficiency an attacker may exploit th...

Bajie HTTP Server 0.95 Example Scripts And Servlets Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8841/info Demonstration scripts and servlets that are distributed as part of Bajie HTTP Server have been reported prone to multiple cross-site scripting vulnerabilities. It has been reported that a remote attacker may...

Zwiki 0.10/0.36.2 Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/11745/info It is reported that Zwiki is susceptible to a cross-site scripting vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied URI input prior to including it in dynamic...

Gitweb <= 1.7.3.3 - Cross Site Scripting

No description provided by source. -8 Description 8- Cross-site scripting XSS vulnerability in Gitweb 1.7.3.3 and previous versions allows remote attackers to inject arbitrary web script or HTML code via f and fp variables. -8 Proof Of Concept 8-...