DEBIAN-CVE-2014-4945

Multiple cross-site scripting XSS vulnerabilities in Horde Internet Mail Program IMP before 6.1.8, as used in Horde Groupware Webmail Edition before 5.1.5, allow remote attackers to inject arbitrary web script or HTML via an unspecified flag in the basic 1 mailbox or 2 message view...

CVE-2014-4946

Multiple cross-site scripting XSS vulnerabilities in Horde Internet Mail Program IMP before 6.1.8, as used in Horde Groupware Webmail Edition before 5.1.5, allow remote attackers to inject arbitrary web script or HTML via 1 unspecified flags or 2 a mailbox name in the dynamic mailbox view...

UBUNTU-CVE-2014-4946

Multiple cross-site scripting XSS vulnerabilities in Horde Internet Mail Program IMP before 6.1.8, as used in Horde Groupware Webmail Edition before 5.1.5, allow remote attackers to inject arbitrary web script or HTML via 1 unspecified flags or 2 a mailbox name in the dynamic mailbox view...

PT-2014-3413 · D Link · D-Link Dir-645 Router

Name of the Vulnerable Software and Affected Versions: D-Link DIR-645 Router Rev. A1 with firmware prior to 1.04B11 Description: The issue allows remote attackers to inject arbitrary web script or HTML. This can be achieved via the deviceid parameter to the "parentalcontrols/bind.php" endpoint, t...

DEBIAN-CVE-2014-4002

Multiple cross-site scripting XSS vulnerabilities in Cacti 0.8.8b allow remote attackers to inject arbitrary web script or HTML via the 1 drpaction parameter to cdef.php, 2 datainput.php, 3 dataqueries.php, 4 datasources.php, 5 datatemplates.php, 6 graphtemplates.php, 7 graphs.php, 8 host.php, or...

TRG News 3.0 Script Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/12855/info A remote file include vulnerability affects TRG News. This issue is due to a failure of the application to properly sanitize user-supplied input prior to using it to carry out critical functionality. Remote...

MTP Guestbook 1.0 - Multiple XSS Vulnerabilities

No description provided by source. ?!-- MTP Guestbook 1.0 Multiple Remote Script Insertion Vulnerabilities Vendor: MTP Scripts Product web page: http://www.morephp.net Affected version: 1.0 Summary: MTP Guestbook allows you to put a guestbook on your website. Your visitors can sign it and leave a...

Artmedic Newsletter 4.1 Log.PHP Remote Script Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/18047/info Artmedic Newsletter is prone to a remote PHP code-execution vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to creat...

acontent 1.1 - Multiple Vulnerabilities

No description provided by source. AContent 1.1 Multiple SQL Injection Vulnerabilities Vendor: ATutor Inclusive Design Institute Product web page: http://www.atutor.ca Affected version: 1.1 build r296 Summary: AContent is an open source learning content authoring system and respository used to...

MTP Image Gallery 1.0 (edit_photos.php, title param) - XSS Vulnerability

No description provided by source. ?!-- MTP Image Gallery 1.0 title Remote Script Insertion Vulnerability Vendor: MTP Scripts Product web page: http://www.morephp.net Affected version: 1.0 Summary: MTP Image Gallery offers more control, better uploading and enhanced performance. With MTP Image...

Dr. Web Control Center 6.00.3.201111300 XSS Vulnerability

No description provided by source. Dr. Web Control Center Admin UI Remote Script Code Injection ============================================================= Affected Products/Versions -------------------------- Product Name: Dr. Web Enterprise Server Version Number: 6.00.3.201111300...

Wirtualna Polska WPKontakt 3.0.1 - Remote Script Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/12097/info WPKontakt is reported prone to a potential script execution vulnerability. It is reported that this issue may allow remote attackers to execute arbitrary script code on a vulnerable computer, which may lead to...

PHPLib Team PHPLIB 7.2 - Remote Script Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3079/info The PHP Base Library'PHPLIB' is a code library which provides support for session management in web applications. It is targeted to developers and is widely used in many web applications, so a strong possibility...

The Includer 1.0/1.1 - Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/12926/info The Includer is reported prone to a remote file include vulnerability. The problem presents itself specifically when an attacker passes the location of a remote script through an affected parameter. An attacker...

ImgSvr 0.6.21 Error Message Remote Script Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/27033/info ImgSvr is prone to a remote script-execution vulnerability because it fails to adequately sanitize user-supplied input. Exploiting this issue may allow an attacker to compromise the application and the underlyi...

Wordpress Count-per-day plugin Multiple Vulnerabilities

No description provided by source. Exploit Title: Count-per-day Wordpress plugin Arbitrary file download and XSS Version: 3.1.1 Date: 2011-01-12 Author 6Scan http://6scan.com security team Software Link: http://wordpress.org/extend/plugins/count-per-day/ Official fix: This advisory is released...

CVE-2014-2006

Cross-site scripting XSS vulnerability in Intercom Web Kyukincho 3.x before 3.0.030 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

UBUNTU-CVE-2014-3497

Cross-site scripting XSS vulnerability in OpenStack Swift 1.11.0 through 1.13.1 allows remote attackers to inject arbitrary web script or HTML via the WWW-Authenticate header...

CVE-2014-3876

Multiple cross-site scripting XSS vulnerabilities in Frams' Fast File EXchange FEX, aka fex before fex-20140530 allow remote attackers to inject arbitrary web script or HTML via the 1 akey parameter to rup or 2 disclaimer or 3 gm parameter to fuc...

PYSEC-2014-79

Cross-site scripting XSS vulnerability in gravatars/templatetags/gravatars.py in Djblets before 0.7.30 and 0.8.x before 0.8.3 for Django allows remote attackers to inject arbitrary web script or HTML via a user display name...