6699 matches found
TikiWiki cross-site scripting vulnerability
Overview TikiWiki, one of Wiki clones, contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution None...
Wiki clone cross-site scripting vulnerability
Overview Some Wiki clones contain a vulnerability which could lead to cross-site scripting in their file attachment function. This could allow an attacker to execute an arbitrary script on the browser of a Wiki user. Impact An arbitrary script may be executed on the browser of the user who viewed...
Hitachi Web Server Cross-Site Scripting Vulnerability with Server-Status Page
Overview When Hitachi Web Server receives a request that contains malicious scripts, they are inserted into the server-satus page the Server automatically creates. This allows the inserted malicious scripts to be executed on the client machines. The vulnerability does not affect the product if th...
JP1/Cm2/Network Node Manager vulnerable to cross-site scripting
Overview Hitachi JP1/Cm2/Network Node Manager NNM is vulnerable to cross-site scripting. Hitachi JP1/Cm2/Network Node Manager NNM is software that helps a network administrator manage network configurations, faults, and other elements. Hitachi NNM is vulnerable to cross-site scripting. Impact An...
Google Web Toolkit vulnerable to cross-site scripting
Overview Google Web Toolkit GWT is vulnerable to cross-site scripting. Google Web Toolkit GWT is an open source software development framework that allows web developers to create Ajax applications in Java. The benchmark reporting system in GWT is vulnerable to cross-site scripting. Impact An...
SugarCRM cross-site scripting vulnerability
Overview SugarCRM, an open source CRM Customer Relationship Management package, contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. In addition, if session information from a cookie is leaked, an attacker could possibly conduct...
Joomla! cross-site scripting vulnerability
Overview Joomla!, an open source content management system, contains a cross-site scripting vulnerability. This vulnerability is different from JVN79484135. Impact An arbitrary script may be executed on the user's web browser. If session information in a cookie is leaked, an attacker could possib...
Meneame cross-site scripting vulnerability
Overview Meneame, an open source social bookmark system, contains a cross-site scripting vulnerability. Meneame, an open-source web application to build social bookmark systems, contains a cross-site scripting vulnerability, as it does not properly handle output data. Impact A remote attacker cou...
sHTTPd cross-site scripting vulnerability
Overview sHTTPd, from Uchu Ninja Neko-dan, contains a cross-site scripting vulnerability. sHTTPd from Uchu Ninja Neko-dan is a web server for Windows. sHTTPd contains a cross-site scripting vunerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the...
WebCart cross-site scripting vulnerability
Overview WebCart, provided by CGI's, contains a cross-site scripting vulnerability. WebCart provided by CGI's is shopping cart software. WebCart's management interface contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution...
Nagios cross-site scripting vulnerability
Overview Nagios from Nagios.org contains a cross-site scripting vulnerability. Nagios from Nagios.org is software that monitors network services, hosts, and other resources. Nagios contains a cross-site scripting vulnerability. Impact An arbitrary script can be executed on the user's web browser...
CGI RESCUE WebFORM vulnerable to cross-site scripting
Overview WebFORM, released from CGI RESCUE, is a CGI script written in perl that allows a user to send email messages via a HTML form. WebFORM contains a cross-site scripting vulnerability. Impact An abitrary script may be executed on the user's web browser. Solution None...
Fulltext search CGI from futomi's CGI Cafe vulnerable to cross-site scripting
Overview Fulltext search CGI from futomi's CGI Cafe contains a cross-site scripting vulnerability. Fulltext search CGI, website search software from futomi's CGI Cafe, contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution...
Mozilla Firefox cross-site scripting vulnerability
Overview Mozilla Firefox, web browser from Mozilla Corporation and Mozilla Japan, contains a cross-site scripting vulnerability. Mozilla Firefox interprets HTML data improperly and activates event handlers for invalid HTML elements, leading to a cross-site scripting vulnerability. Impact An...
Internet Explorer vulnerable in MHTML handling
Overview Internet Explorer is vulnerable in handling MHTML MIME Encapsulation of Aggregate HTML protocol, which allows an arbitrary script execution. When Internet Explorer accesses a website with the MHTML protocol, Internet Explorer processes the contents as MHTML data, ignoring their actual...
Lotus Domino cross-site scripting vulnerability
Overview IBM Lotus Domino contains a cross-site scripting vulnerability. IBM Lotus Domino is server software for Lotus Notes, groupware from IBM. Lotus Domino contains a cross-site scripting vulnerability. Impact An attacker could execute an arbitrary script on the web browser of a user who...
Loudblog cross-site scripting vulnerability
Overview Loudblog, an open source content management system used for podcasting, etc., contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. If session information from a cookie is leaked, an attacker could possibly condust session...
MDPro cross-site scripting vulnerability
Overview MDPro, an open source content management system, contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. In addition, if session information from a cookie is leaked, an attacker could possibly conduct session hijacking. Solutio...
Movable Type cross-site scripting vulnerability
Overview Movable Type, a web log system from Six Apart, contains a cross-site scripting vulnerability. This vulnerability is different from JVN68295640. Impact An arbitrary script could be executed on the user's web browser or the display of a web page could be falsified. In addition, an attacker...
Trac cross-site scripting vulnerability
Overview Trac is a project management tool from Edgewall Software. InterAct Corp. provides a localized version of Trac in Japan. Trac wiki engine contains a cross-site scripting vulnerability which affects Microsoft Internet Explorer. Impact A remote attacker could possibly execute an arbitrary...