173 matches found
PHP-Fusion homepage address Parameter XSS
A vulnerability exists in the version of PHP-Fusion installed on the remote host that could allow an attacker to perform a cross-site scripting attack and execute arbitrary HTML and script code in the context of the user's browser. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...
ArbitroWeb PHP Proxy 0.5/0.6 - Cross-Site Scripting
source: https://www.securityfocus.com/bid/10592/info It is reported that ArbitroWeb is susceptible to a cross-site scripting vulnerability in its rawURL URI parameter. The URI parameter passed to 'index.php' called 'rawURL' contains the desired target for the proxy to connect to. This parameter i...
Centrinity FirstClass HTTP Server 57 - TargetName Cross-Site Scripting
Centrinity FirstClass HTTP Server 57 - TargetName Cross-Site Scripting source: https://www.securityfocus.com/bid/9950/info It has been reported that FirstClass HTTP Server may be prone to a cross-site scripting vulnerability that may allow a remote attacker to execute arbitrary HTML or script cod...
IBM Lotus Domino 6.5.1 - HTTP webadmin.nsf Quick Console Cross-Site Scripting
source: https://www.securityfocus.com/bid/9901/info It has been reported that Lotus Domino server may be prone to a cross-site scripting vulnerability that may allow a remote attacker to execute HTML or script code in a user's browser. The issue presents itself due to insufficient sanitization of...
GNU MyProxy 20030629 - Cross-Site Scripting
source: https://www.securityfocus.com/bid/9846/info It has been reported that GNU MyProxy may be prone to a cross-site scripting vulnerability that may allow a remote attacker to execute HTML or script code in a user's browser. The issue presents itself due to insufficient sanitization of...
PHP-Nuke 6.x/7.0 'News' Module - Cross-Site Scripting
source: https://www.securityfocus.com/bid/9605/info It has been reported that the PHP-Nuke module 'News' is prone to a cross-site scripting vulnerability. The issue arises due to the module failing to properly sanitize user-supplied information. This could allow for execution of hostile HTML and...
Mambo Open Source 4.6 - 'Itemid' Cross-Site Scripting
source: https://www.securityfocus.com/bid/9588/info It has been reported that Mambo Open Source may be prone to a cross-site scripting vulnerability that may allow a remote attacker to execute arbitrary HTML or script code in a user's browser. The issue exists in the 'Itemid' parameter of...
Psychoblogger PB-beta1 - 'desc' Cross-Site Scripting
source: https://www.securityfocus.com/bid/9293/info It has been reported that Psychoblogger may be prone to multiple cross-site scripting vulnerabilities that may allow a remote attacker to execute HTML or script code in a user's browser. The issues are reported to exist in the 'imageview.php',...
Symantec Norton Internet Security 2003 6.0.4.34 - Error Message Cross-Site Scripting
source: https://www.securityfocus.com/bid/8904/info It has been reported that Symantec Norton Internet Security is prone to a cross-site scripting vulnerability. The issue is reported to exist when the software blocks a restricted website and an error message containing the requested URL is...
eNdonesia 8.28.3 - Mod Cross-Site Scripting
eNdonesia 8.28.3 - Mod Cross-Site Scripting source: https://www.securityfocus.com/bid/8506/info It has been reported that eNdonesia is prone to a cross-site scripting vulnerability that may allow a remote attacker to execute HTML or script code in a victim's browser. The issue reportedly exists i...
PostNuke 0.723 - user.php UNAME Cross-Site Scripting
PostNuke 0.723 - user.php UNAME Cross-Site Scripting source: https://www.securityfocus.com/bid/7901/info The PostNuke 'user.php' script does not sufficiently sanitize data supplied via URI parameters, making it prone to cross-site scripting attacks. This could allow for execution of hostile HTML...
Proxy Web Server XSS
The remote host is running a proxy web server that fails to adequately sanitize request strings of malicious JavaScript. By leveraging this issue, an attacker may be able to cause arbitrary HTML and script code to be executed in a user's browser within the security context of the affected site. C...
Python 2.22.3 - Documentation Server Error Page Cross-Site Scripting
Python 2.22.3 - Documentation Server Error Page Cross-Site Scripting source: https://www.securityfocus.com/bid/7353/info It has been reported that the Python Documentation Server is vulnerable to a cross-site scripting problem in error pages. Because of this, an attacker could potentially cause t...