445 matches found
osCommerce 2.12.2 - Checkout_Payment.php Error Output Cross-Site Scripting
osCommerce 2.12.2 - CheckoutPayment.php Error Output Cross-Site Scripting source: https://www.securityfocus.com/bid/7155/info Error output is not sufficiently sanitized of HTML and script code by osCommerce. This may allow for cross-site scripting attacks as remote users could create a malicious...
FormMail-Clone - Cross-Site Scripting
FormMail-Clone - Cross-Site Scripting source: https://www.securityfocus.com/bid/6570/info FormMail-clone is allegedly prone to cross-site scripting attacks. The FormMail-clone script does not sufficiently sanitize HTML tags and script code. As a result, a remote attacker may construct a malicious...
PHP-Nuke 6.0 - Web Mail Script Injection
source: https://www.securityfocus.com/bid/6400/info A vulnerability has been discovered in the PHP-Nuke web mail module. Due to insufficient sanitization of HTML emails it is possible for an attacker to embed script code into malicious messages. Opening an email containing attacker-supplied scrip...
PHP-Nuke 6.0 - Web Mail Script Injection
PHP-Nuke 6.0 - Web Mail Script Injection source: https://www.securityfocus.com/bid/6400/info A vulnerability has been discovered in the PHP-Nuke web mail module. Due to insufficient sanitization of HTML emails it is possible for an attacker to embed script code into malicious messages. Opening an...
PHP-Wiki 1.21.3 - Cross-Site Scripting
PHP-Wiki 1.21.3 - Cross-Site Scripting source: https://www.securityfocus.com/bid/5254/info PHP-Wiki does not sufficiently sanitize HTML from URI parameters, making it prone to cross-site scripting attacks. An attacker may exploit this condition by enticing users to visit a malicious link which...