Microsoft Internet Explorer 6.0 Script Execution Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/8577/info Multiple issues have been reported in Microsoft Internet Explorer. Though these issues have been reported by a reliable source, communication issues have presented difficulty in obtaining details surrounding the...

translucid 1.75 Multiple Vulnerabilities

No description provided by source. transLucid - Cross Site Scripting and HTML Injection Vulnerabilities Version Affected: 1.75 newest Info: transLucidonline is the easy website publishing system with which anyone can create and maintain web content, in multiple languages and based on a growing li...

Zainu 1.0 'searchSongKeyword' Parameter Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/36701/info Zainu is prone to a cross-site scripting vulnerability in the Contact module because the application fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary...

MegaBook 2.0/2.1 Admin.CGI EntryID Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13522/info MegaBook is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary scrip...

Microsoft Outlook 5.5/2000 Web Access HTML Attachment Script Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8113/info OWA contains a vulnerability that may result in attacker-supplied script code executing within the context of the mail interface when processing e-mail containing HTML message attachments. It is possible to...

Microsoft FrontPage Server Extensions Cross-Site Scripting Vulnerability

... FrontPage Server Extensions为FrontPage服务扩展，与IIS一起使用可以方便的支持管理、创建以及浏览FrontPage扩展的网站。 ... FrontPage Server Extensions对HTML页面的处理存在输入验证漏洞，远程攻击者可能在客户机器上执行任意脚本代码。 ... FrontPage Server Extensions的fpadmdll.dll中的一些参数没有正确的过滤返回给用户的特定输入，导致跨站脚本问题，可能允许攻击者以当前会话权限以客户机的浏览器中执行恶意脚本代码，利用这个漏洞必须用户交互。...

Forum 5 PM.PHP Local File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/18967/info Forum 5 is prone to a local file-include vulnerability. The application fails to sanitize user input when executing the script. In particular the script fails to check for the presence of a directory-traversal...

All Enthusiast PhotoPost PHP Pro 5.0 adm-photo.php Arbitrary Image Manipulation

No description provided by source. source: http://www.securityfocus.com/bid/12779/info PhotoPost PHP Pro is a web-based image gallery application written in PHP. It can be implemented on any platform that supports PHP script execution. Multiple remote vulnerabilities affect All Enthusiast PhotoPo...

RedCMS 0.1 register.php Multiple Field XSS

No description provided by source. source: http://www.securityfocus.com/bid/17336/info RedCMS is prone to multiple input-validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. The application is prone to HTML-injection and...

Celoxis Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/31514/info Celoxis is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser...

n-cms-equipe 1.1c.Debug Multiple Local File Include Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/39298/info n-cms-equipe is prone to multiple local file-include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these vulnerabilities to obtain potentially sensitive...

MyBulletinBoard 1.0 Forumdisplay.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/14754/info MyBulletinBoard is prone to a cross-site scripting vulnerability. This is due to a lack of proper sanitization of user-supplied input to the application. An attacker may leverage this issue to have arbitrary...

Jax PHP Scripts 1.0/1.34/2.14/3.31 petitionbook Script User IP Disclosure

No description provided by source. source: http://www.securityfocus.com/bid/14482/info Jax PHP Scripts are affected by multiple cross-site scripting vulnerabilities. These issues are due to a failure in the applications to properly sanitize user-supplied input. An attacker may leverage any of the...

Tlen.pl 5.23.4 .1 Instant Messenger Remote Script Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/12050/info Tlen.pl is reported prone to a potential script execution vulnerability. It is reported that this issue may allow remote attackers to execute arbitrary script code on a vulnerable computer, which may lead to...

Cruiseworks 1.09 Cws.exe Doc Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/20699/info Cruiseworks is prone to a remote buffer-overflow vulnerability. Specifically, the application fails to validate input passed to the 'doc' parameter of the '/scripts/cruise/cms.exe' application. Cruiseworks 1.09...

Spyce 2.1.3 spyce/examples/getpost.spy Name Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/27898/info Spyce is prone to multiple input-validation vulnerabilities that can lead to information disclosure or client-side script execution. An attacker may leverage these issues to execute arbitrary script code in the...

MilliScripts 1.4 Register.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/15792/info MilliScripts is prone to a cross-site scripting vulnerability. This is due to a lack of proper input validation. An attacker may leverage this issue to have arbitrary script code executed in the browser of an...

PostBoard 2.0 Topic Title Script Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/4561/info PostBoard is a freely available, open source message board module for the PostNuke content management system. It is designed for use on the Unix and Linux operating systems. PostBoard does not adequately sanitiz...

Spyce 2.1.3 spyce/examples/automaton.spy Direct Request Error Message Information Disclosure

No description provided by source. source: http://www.securityfocus.com/bid/27898/info Spyce is prone to multiple input-validation vulnerabilities that can lead to information disclosure or client-side script execution. An attacker may leverage these issues to execute arbitrary script code in the...

AbleDating 2.4 - search_results.php keyword Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/29342/info AbleDating is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied data. The issues include an SQL-injection vulnerability and a cross-site scripting...