EveryAuction 1.53 - Auction.pl Cross-Site Scripting

source: https://www.securityfocus.com/bid/15824/info EveryAuction is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to run arbitrary script code in the browser of an unsuspecting user in the context of t...

PHP JackKnife 2.21 - Cross-Site Scripting

source: www.securityfocus.com/bid/15841/info PHP JackKnife is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of an...

PHP JackKnife 2.21 - Cross-Site Scripting

PHP JackKnife 2.21 - Cross-Site Scripting source: www.securityfocus.com/bid/15841/info PHP JackKnife is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary...

EveryAuction 1.53 - Auction.pl Cross-Site Scripting

EveryAuction 1.53 - Auction.pl Cross-Site Scripting source: https://www.securityfocus.com/bid/15824/info EveryAuction is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to run arbitrary script code in the...

CF_Nuke 4.6 - index.cfm Cross-Site Scripting

CFNuke 4.6 - index.cfm Cross-Site Scripting source: https://www.securityfocus.com/bid/15778/info CFNuke is prone to multiple cross-site scripting vulnerabilities. These are due to a lack of proper sanitization of user-supplied input. An attacker may leverage these issues to have arbitrary script...

MilliScripts 1.4 - register.php Cross-Site Scripting

MilliScripts 1.4 - register.php Cross-Site Scripting source: https://www.securityfocus.com/bid/15792/info MilliScripts is prone to a cross-site scripting vulnerability. This is due to a lack of proper input validation. An attacker may leverage this issue to have arbitrary script code executed in...

MilliScripts 1.4 - 'register.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/15792/info MilliScripts is prone to a cross-site scripting vulnerability. This is due to a lack of proper input validation. An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of...

CF_Nuke 4.6 - 'index.cfm' Cross-Site Scripting

source: https://www.securityfocus.com/bid/15778/info CFNuke is prone to multiple cross-site scripting vulnerabilities. These are due to a lack of proper sanitization of user-supplied input. An attacker may leverage these issues to have arbitrary script code executed in the browser of an...

Easy Search System 1.1 - 'search.cgi' Cross-Site Scripting

source: https://www.securityfocus.com/bid/15705/info Easy Search System is prone to a cross-site scripting vulnerability. An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the...

phpMyChat0146.txt

phpMyChat Multiple XSS vulnerabilities. I. BACKGROUND phpMyChat is an easy-to-install, easy-to-use multi-room chat based on PHP and a database, supporting MySQL, PostgreSQL, and ODBC. II. DESCRIPTION phpMyChat 0.14.6 startpage.css.php, style.css.php, userspopupL.php are prone to Cross-site...

SiteBeater News 4.0 - 'Archive.asp' Cross-Site Scripting

source: https://www.securityfocus.com/bid/15697/info SiteBeater News is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the...

Solupress News 1.0 - search.asp Cross-Site Scripting

Solupress News 1.0 - search.asp Cross-Site Scripting source: https://www.securityfocus.com/bid/15695/info Solupress News is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issu...

PHPPost 1.0 - 'mail.php?user' Cross-Site Scripting

source: https://www.securityfocus.com/bid/15524/info PHP-Post is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting...

ASPKnowledgebase vulnerable to XSS injection.

ASPKnowledgebase, by www.asp-programmers.com is vulnerable to XSS in some of it's input fields. If you compromise it's logon, to gain administrative privileges as my previous advisory describes - you can inject the admin form-fields with XSS. This will result in automatic execution of script when...

Simple PHP Blog 0.4 - preview_cgi.php Multiple Cross-Site Scripting Vulnerabilities

Simple PHP Blog 0.4 - previewcgi.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/15283/info Simple PHP Blog is prone to multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied...

VUBB - index.php Cross-Site Scripting

VUBB - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/15260/info VUBB is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary scrip...

FlatNuke 2.5.x - 'index.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/15176/info FlatNuke is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of ...

PHP-Nuke Search Enhanced Module 1.12.0 - HTML Injection

PHP-Nuke Search Enhanced Module 1.12.0 - HTML Injection source: https://www.securityfocus.com/bid/15218/info Search Enhanced module for is prone to an HTML injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in...

Chipmunk Directory - 'recommend.php?entryID' Cross-Site Scripting

source: https://www.securityfocus.com/bid/15149/info Chipmunk products are prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the applications to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code...

MySource 2.14 - 'Socket.php?PEAR_PATH' Remote File Inclusion

source: https://www.securityfocus.com/bid/15133/info MySource is prone to multiple remote and local file include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues to execute arbitrary...