PHP-Nuke 7.6 Web_Links Module - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/13025/info PHP-Nuke is reportedly affected by multiple cross-site scripting vulnerabilities in the WebLinks Module. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to hav...

PHP-Nuke 7.6 - 'banners.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/13026/info PHP-Nuke is reportedly affected by a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in t...

Ocean12 Membership Manager Pro - Cross-Site Scripting

Ocean12 Membership Manager Pro - Cross-Site Scripting source: https://www.securityfocus.com/bid/13046/info Ocean12 Membership Manager Pro is reportedly affected by a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An...

SonicWALL SOHO 5.1.7 - Web Interface Multiple Remote Input Validation Vulnerabilities

SonicWALL SOHO 5.1.7 - Web Interface Multiple Remote Input Validation Vulnerabilities source: https://www.securityfocus.com/bid/12984/info Multiple remote input validation vulnerabilities affect SonicWALL SOHO. These issues are due to a failure of the application to properly sanitize user-supplie...

Alstrasoft EPay Pro 2.0 - Remote File Inclusion

source: https://www.securityfocus.com/bid/12973/info EPay Pro is reported prone to a remote file include vulnerability. The problem presents itself specifically when an attacker passes the location of a remote attacker-specified script through the 'view' parameter. An attacker may leverage this...

UApplication Ublog 1.0.x - Cross-Site Scripting

source: https://www.securityfocus.com/bid/12931/info Ublog is affected by a cross-site scripting vulnerability. An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentia...

CPG Dragonfly 9.0.2.0 - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/12930/info CPG Dragonfly is prone to multiple cross-site scripting vulnerabilities in various modules. An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of...

Nuke BookMarks 0.6 - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/12907/info Nuke Bookmarks is prone to multiple cross-site scripting vulnerabilities. An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based...

Dream4 Koobi CMS 4.2.3 - index.php Cross-Site Scripting

Dream4 Koobi CMS 4.2.3 - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/12895/info Koobi CMS is reportedly affected by a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may levera...

PHPSysInfo 2.0/2.3 - 'system_footer.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/12887/info phpSysInfo is reportedly affected by multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script co...

Interspire ArticleLive 2005 - NewComment Cross-Site Scripting

source: https://www.securityfocus.com/bid/12879/info Interspire ArticleLive 2005 is reportedly affected by a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script...

PHPSysInfo 2.02.3 - sensor_program Cross-Site Scripting

PHPSysInfo 2.02.3 - sensorprogram Cross-Site Scripting source: https://www.securityfocus.com/bid/12887/info phpSysInfo is reportedly affected by multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacke...

DigitalHive 2.0 - 'msg.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/12883/info DigitalHive is reportedly affected by a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed i...

DigitalHive 2.0 - membres.php?mt Cross-Site Scripting

DigitalHive 2.0 - membres.php?mt Cross-Site Scripting source: https://www.securityfocus.com/bid/12883/info DigitalHive is reportedly affected by a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may levera...

PHPSysInfo 2.0/2.3 - 'sensor_program' Cross-Site Scripting

source: https://www.securityfocus.com/bid/12887/info phpSysInfo is reportedly affected by multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script co...

TRG News 3.0 Script - Remote File Inclusion

TRG News 3.0 Script - Remote File Inclusion source: https://www.securityfocus.com/bid/12855/info A remote file include vulnerability affects TRG News. This issue is due to a failure of the application to properly sanitize user-supplied input prior to using it to carry out critical functionality...

CzarNews 1.131.14 - headlines.php Remote File Inclusion

CzarNews 1.131.14 - headlines.php Remote File Inclusion source: https://www.securityfocus.com/bid/12857/info CzarNews is prone to a remote file-include vulnerability. An attacker may leverage this issue to execute arbitrary server-side script code on an affected computer with the privileges of th...

CoolForum 0.50.70.8 - avatar.php?img Cross-Site Scripting

CoolForum 0.50.70.8 - avatar.php?img Cross-Site Scripting source: https://www.securityfocus.com/bid/12852/info Multiple remote input validation vulnerabilities affect CoolForum. These issues are due to a failure of the application to properly sanitize user-supplied input prior to using it to carr...

[UNIX] Multiple Vulnerabilities in phpWebLog (Cross Site Scripting, File Inclusion)

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...

PHPOpenChat 2.3.4/3.0.1 - 'poc.php' Remote File Inclusion

source: https://www.securityfocus.com/bid/12817/info PHPOpenChat is prone to multiple remote file-include vulnerabilities. An attacker may leverage these issues to execute arbitrary server-side script code on an affected computer with the privileges of the webserver process. This may facilitate...