Sphpblog 0.8 - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/21129/info Sphpblog is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in the browser of an unsuspecting user in...

LandShop 0.6.3 - 'ls.php' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/20989/info LandShop is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied input data. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, access or modif...

PHPMyChat Plus 1.9 - Multiple Local File Inclusions

PHPMyChat Plus 1.9 - Multiple Local File Inclusions source: https://www.securityfocus.com/bid/20972/info phpMyChat is prone to multiple local file-include vulnerabilities because it fails to properly sanitize user-supplied input. Exploiting these issues may allow an unauthorized user to view file...

PHPMyChat 0.140.15 - Languages.Lib.php Local File Inclusion

PHPMyChat 0.140.15 - Languages.Lib.php Local File Inclusion source: https://www.securityfocus.com/bid/20962/info phpMyChat is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. Exploiting this issue may allow an unauthorized user to view files a...

AIOCP 1.3.x - 'cp_users_online.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/20931/info All In One Control Panel AIOCP is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied input data. Exploiting these issues could allow an attacker to steal cookie-based authentication...

JVN#88325166 Hyper NIKKI System cross-site scripting vulnerability

Impact An arbitrary script may be executed on the user's web browser. If session information from a cookie is leaked, an attacker could possibly conduct session hijacking. Solution Products Affected hns-2.190.8 hns-lite-2.190.8 and earlier...

Cross Site Scripting (XSS) Vulnerability in iPlanet Messaging Server Messenger Express by "Sun"

·= Security Advisory =· Issue: Cross Site Scripting XSS Vulnerability in iPlanet Messaging Server Messenger Express by "Sun" Discovered Date: 25/09/2006 Author: Tal Argoni, LegendaryZion. talargoni at gmail.com Product Vendor: http://www.sun.com/ Details: iPlanet Messaging Server Messenger Expres...

H-Sphere WebShell 2.x - login.php Cross-Site Scripting

H-Sphere WebShell 2.x - login.php Cross-Site Scripting source: https://www.securityfocus.com/bid/20532/info H-Sphere WebShell is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script co...

Debian DSA-1133-1 : mantis - missing input sanitising

Several remote vulnerabilities have been discovered in the Mantis bug tracking system, which may lead to the execution of arbitrary web script. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2006-0664 A cross-site scripting vulnerability was discovered ...

osCommerce 2.2 - adminzones.php?page Cross-Site Scripting

osCommerce 2.2 - adminzones.php?page Cross-Site Scripting source: https://www.securityfocus.com/bid/20343/info osCommerce is prone to multiple cross-site scripting vulnerabilities. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in...

osCommerce 2.2 - adminreviews.php?page Cross-Site Scripting

osCommerce 2.2 - adminreviews.php?page Cross-Site Scripting source: https://www.securityfocus.com/bid/20343/info osCommerce is prone to multiple cross-site scripting vulnerabilities. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user i...

BirdBlog 1.x - 'comment.php?entryid' Cross-Site Scripting

source: https://www.securityfocus.com/bid/20202/info BirdBlog is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage these issues to have arbitrary script code execute in the browser of an unsuspecting...

mysource 2.14.82.16 - Multiple Vulnerabilities

mysource 2.14.82.16 - Multiple Vulnerabilities source: https://www.securityfocus.com/bid/20153/info MySource products are prone to multiple input-validation vulnerabilities. Exploiting these issues will allow an attacker to manipulate the application into becoming an HTTP proxy and to conduct...

Apple QuickTime 7.1.3 PlugIn - Arbitrary Script Execution

Apple QuickTime 7.1.3 PlugIn - Arbitrary Script Execution source: https://www.securityfocus.com/bid/20138/info Apple QuickTime plug-in is prone to an arbitrary-script-execution weakness when executing QuickTime Media Link files .qtl. An attacker can exploit this issue to execute arbitrary script...

BandSite CMS 1.1 - 'footer.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/20137/info Grayscale BandSite CMS is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied input data. These issues may allow an attacker to access sensitive information, execute arbitrary server-side...

Apple QuickTime Plug-In Arbitrary Script Execution Weakness

Description Apple QuickTime plug-in is prone to an arbitrary-script-execution weakness when executing QuickTime Media Link files .qtl. An attacker can exploit this issue to execute arbitrary script code in the context of the affected application and load local content in a user's browser. Althoug...

PT News 1.7.8 - search.php Cross-Site Scripting

PT News 1.7.8 - search.php Cross-Site Scripting source: https://www.securityfocus.com/bid/20090/info PT News is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to have arbitrary script code execute in the...

MyBulletinBoard 1.x UserCP.PHP Cross-Site Scripting Vulnerability

MyBulletinBoard 1.x UserCP.PHP Cross-Site Scripting Vulnerability. Webapps exploit for php platform source: http://www.securityfocus.com/bid/19193/info MyBulletinBoard is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may...

Microsoft Internet Explorer 6 - Internet.HHCtrl Heap Overflow

Microsoft Internet Explorer 6 - Internet.HHCtrl Heap Overflow // MoBB Demonstration function Demo var a = new ActiveXObject"Internet.HHCtrl.1"; var b = unescape"XXXX"; while b.length Clicking the button below may crash your browser! milw0rm.com 2006-07-07...

JVN#44846612 ATutor cross-site scripting vulnerability

Impact An arbitrary script may be executed on the user's web browser. Authentication information could be stolen as a result. Solution Products Affected ATutor 1.5.3 RC2 and earlier...