Owl cross-site scripting vulnerability

Overview Owl, an open source document management and publishing system, contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. As a result, web pages could be spoofed. Solution...

BBSNote cross-site scripting vulnerability

Overview BBSNote, CGI bulletin board script, contains a cross-site scripting vulnerability due to improper handling of CGI arguments. Impact A malicious script may be executed on the user's web browser. Solution None...

osCommerce 2.1/2.2 - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/29055/info osCommerce is prone to multiple cross-site scripting vulnerabilities. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker...

Chicomas 2.0.4 - 'index.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/29025/info ChiCoMaS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of t...

CoronaMatrix phpAddressBook 2.0 - 'username' Cross-Site Scripting Vulnerability

CoronaMatrix phpAddressBook 2.0 'username' Cross Site Scripting Vulnerability. CVE-2008-6646. Webapps exploit for php platform source: http://www.securityfocus.com/bid/29005/info phpAddressBook is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied...

URLStreet 1.0 - seeurl.php Multiple Cross-Site Scripting Vulnerabilities

URLStreet 1.0 - seeurl.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/28650/info URLStreet is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these...

mcGallery 1.1 - 'show.php?lang' Cross-Site Scripting

source: https://www.securityfocus.com/bid/28587/info mcGallery is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in t...

mcGallery 1.1 - show.php?lang Cross-Site Scripting

mcGallery 1.1 - show.php?lang Cross-Site Scripting source: https://www.securityfocus.com/bid/28587/info mcGallery is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary scri...

mcGallery 1.1 - 'sess.php?lang' Cross-Site Scripting

source: https://www.securityfocus.com/bid/28587/info mcGallery is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in t...

@lex Guestbook 4.0.5 - 'setup.php?language_setup' Cross-Site Scripting

source: https://www.securityfocus.com/bid/28519/info @lex Guestbook is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in...

JVN#76669770 PerlMailer cross-site scripting vulnerability

PerlMailer is a mail form CGI provided by "Homepage Decorator". It is used to send mail from a form on a web page. A cross-site scripting vulnerabiltiy exists in PerlMailer. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the latest...

Uberghey CMS 0.3.1 - 'index.php' Multiple Local File Inclusions

source: https://www.securityfocus.com/bid/28217/info Uberghey CMS is prone to multiple local file-include vulnerabilities because it fails to properly sanitize user-supplied input. Exploiting these issues may allow an attacker to access potentially sensitive information and execute arbitrary loca...

GLSA-200803-09 : Opera: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200803-09 Opera: Multiple vulnerabilities Mozilla discovered that Opera does not handle input to file form fields properly, allowing scripts to manipulate the file path CVE-2008-1080. Max Leonov found out that image comments might...

JVN#95014590 Zimbra Collaboration Suite script execution vulnerability

Zimbra Collaboration Suite is a web collaboration tool that provides calendar, address book, webmail, and other functions. Zimbra Collaboration Suite 4.0.3 and 4.5.6 contain a vulnerability that could allow a remote attacker to execute an arbitrary script on the user's web browser. Impact If a us...

Opera browser multiple security vulnerabilities

Information leakage on form file upload, images comments scrip execution , DOM sanitization filters bypass...

CVE-2008-1081

Opera before 9.26 allows user-assisted remote attackers to execute arbitrary script via images that contain custom comments, which are treated as script when the user displays the image properties...

openSUSE 10 Security Update : opera (opera-5028)

This is a version update for Opera to version 9.26 to fix : - Fixed an issue where simulated text inputs could trick users into uploading arbitrary files, as reported by Mozilla. - Image properties can no longer be used to execute scripts, as reported by Max Leonov. - Fixed an issue where the...

Packeteer PacketShaper and PolicyCenter 8.2.2 - FILELIST Cross-Site Scripting

Packeteer PacketShaper and PolicyCenter 8.2.2 - FILELIST Cross-Site Scripting source: https://www.securityfocus.com/bid/27982/info Packeteer PacketShaper and PolicyCenter are prone to a cross-site scripting vulnerability because they fail to sufficiently sanitize user-supplied input data. An...

JVN#54593414 Cross-site scripting vulnerability in multiple Tor World CGI scripts

Tor World provides CGI scripts for implementing search engines, message boards, and other tools. Multiple Tor World CGI scripts contain a cross-site scripting vulnerability. Impact An arbitrary script can be executed on the user's web browser. Solution Update the Software Apply the latest update...

JVN#38893575 PC2M cross-site scripting vulnerability

PC2M is an open source web application which converts web pages and images to be available on web-capable mobile devices such as cellphones and PDAs. PC2M contains a cross-site scripting vulnerability. Impact An arbitrary script can be executed on the user's web browser. Solution Update the...