70 matches found
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Gonafish WebStatCaffe allow remote attackers to inject arbitrary web script or HTML via the 1 host parameter to stat/host.php, nodayshow parameter to 2 mostvisitpage.php and 3 visitorduration.php in stat/, 4 nopagesmost parameter to...
CVE-2009-4717
Multiple cross-site scripting XSS vulnerabilities in Gonafish WebStatCaffe allow remote attackers to inject arbitrary web script or HTML via the 1 host parameter to stat/host.php, nodayshow parameter to 2 mostvisitpage.php and 3 visitorduration.php in stat/, 4 nopagesmost parameter to...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in 2z project 0.9.6.1 allow remote attackers to inject arbitrary web script or HTML via the 1 contentshort or 2 contentfull parameter in an addnews action to the default URI; 3 the content parameter in a pm write action to 2z/admin.php; 4 the...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in UserLand Manila allow remote attackers to inject arbitrary web script or HTML 1 via the referer parameter in sendMail, and via attributes of 2 the A element and certain other HTML elements in web pages edited with the editInBrowser module. NOTE...
CVE-2006-1903
Multiple cross-site scripting XSS vulnerabilities in UserLand Manila allow remote attackers to inject arbitrary web script or HTML 1 via the referer parameter in sendMail, and via attributes of 2 the A element and certain other HTML elements in web pages edited with the editInBrowser module. NOTE...
CVE-2004-2028
Cross-site scripting XSS vulnerability in stats.php in e107 allows remote attackers to inject arbitrary web script or HTML via the referer parameter to log.php...
CVE-2004-2028
CVE-2004-2028 describes a cross-site scripting (XSS) vulnerability in the PHP component used by the e107 CMS, specifically in the stats.php module. The flaw allows remote attackers to inject arbitrary web script or HTML by manipulating the referer parameter sent to log.php. Affected software is e...
SnipSnap 0.5.2 - HTTP Response Splitting
SnipSnap 0.5.2 - HTTP Response Splitting source: https://www.securityfocus.com/bid/11180/info SnipSnap is reported prone to an HTTP response splitting vulnerability. The issue exists in the 'referer' parameter. The issue presents itself due to a flaw in the application that allows an attacker to...
SnipSnap 0.5.2 - HTTP Response Splitting
source: https://www.securityfocus.com/bid/11180/info SnipSnap is reported prone to an HTTP response splitting vulnerability. The issue exists in the 'referer' parameter. The issue presents itself due to a flaw in the application that allows an attacker to manipulate how POST requests are handled...
CVE-2004-2028
Cross-site scripting XSS vulnerability in stats.php in e107 allows remote attackers to inject arbitrary web script or HTML via the referer parameter to log.php...