6699 matches found
Albinator 2.0.8 - 'dlisting.php?cid' Cross-Site Scripting
source: https://www.securityfocus.com/bid/17826/info Albinator is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code executed in the browser of an...
OrbitHYIP 2.0 - 'signup.php?referral' Cross-Site Scripting
source: https://www.securityfocus.com/bid/17766/info OrbitHYIP is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code executed in...
DevBB 1.0 - member.php Cross-Site Scripting
DevBB 1.0 - member.php Cross-Site Scripting source: https://www.securityfocus.com/bid/17703/info DevBB is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrar...
PhpWebFtp Cross Site Scripting Vulnerability
Summary =============================================== phpWebFTP enables connections to FTP servers, even behind a firewall not allowing traffic. phpWebFTP bypasses the firewall by making a FTP connection from your webserver to the FTP server and transfering the files to your webclient over the...
axoverzicht.CGI - Cross-Site Scripting
source: https://www.securityfocus.com/bid/17584/info The axoverzicht.cgi script is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting...
Coppermine 1.4.4 - 'index.php' Local File Inclusion
source: https://www.securityfocus.com/bid/17570/info Coppermine is prone to a local file-include vulnerability. This may allow unauthorized users to view files and to execute local scripts. Version 1.4.4 is vulnerable to this issue; other versions may also be affected...
PHPFaber TopSites - index.php Cross-Site Scripting
PHPFaber TopSites - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/17542/info phpFaber TopSites is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code...
JVN#35274905 FreeStyleWiki cross-site scripting vulnerability
Impact An rbitrary script may be executed on the user's web browser. In addition, if session information from a cookie is leaked, an attacker could possibly conduct session hijacking. Solution Products Affected FreeStyleWiki 3.5.10 and earlier...
LifeType 1.0.3 - index.php Cross-Site Scripting
LifeType 1.0.3 - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/17529/info LifeType is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in t...
JetPhoto 1.02.02.1 - gallery.php?page Cross-Site Scripting
JetPhoto 1.02.02.1 - gallery.php?page Cross-Site Scripting source: https://www.securityfocus.com/bid/17449/info JetPhoto is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may levera...
SKForum 1.x - planning.View.action?time Cross-Site Scripting
SKForum 1.x - planning.View.action?time Cross-Site Scripting source: https://www.securityfocus.com/bid/17389/info SKForum is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may...
SKForum 1.x - user.View.action?userID Cross-Site Scripting
SKForum 1.x - user.View.action?userID Cross-Site Scripting source: https://www.securityfocus.com/bid/17389/info SKForum is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverag...
Chucky A. Ivey N.T. 1.1 - 'index.php' Multiple HTML Injection Vulnerabilities
source: https://www.securityfocus.com/bid/17387/info N.T. is prone to multiple HTML-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code would be executed in the...
RedCMS 0.1 - profile.php?u SQL Injection
RedCMS 0.1 - profile.php?u SQL Injection source: https://www.securityfocus.com/bid/17336/info RedCMS is prone to multiple input-validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. The application is prone to HTML-injection and...
RedCMS 0.1 - register.php Multiple Cross-Site Scripting Vulnerabilities
RedCMS 0.1 - register.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/17336/info RedCMS is prone to multiple input-validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. The application...
CoMoblog 1.0 - 'Img.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/17201/info CoMoblog is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of ...
ShoutLIVE <= 1.1.0 (savesettings.php) Remote Code Execution Exploit
No description provided by source. !/usr/bin/perl ShoutLIVE = 1.1.0 Remote Php Code Execution Based on: http://www.frsirt.com/bulletins/4109 Credits: Coded by DarkFig Website: http://disarm.free.fr/bohard/ Greetz: All AcidRoot/Bod members = use IO::Socket; use LWP::Simple; if!$ARGV1headers; print...
MyBloggie 2.1.22.1.3 - delcomment.php Cross-Site Scripting
MyBloggie 2.1.22.1.3 - delcomment.php Cross-Site Scripting source: https://www.securityfocus.com/bid/17048/info MyBloggie is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may...
MyBloggie 2.1.2/2.1.3 - 'trackback_url' Cross-Site Scripting
source: https://www.securityfocus.com/bid/17048/info MyBloggie is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code executed in...
DCP-Portal 3.74.x5.x6.x - inbox.php Multiple Cross-Site Scripting Vulnerabilities
DCP-Portal 3.74.x5.x6.x - inbox.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/17050/info DCP Portal is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied inpu...