Snorby 'view.html.erb' HTML Injection Vulnerability

Snorby is a set of Ruby on Rails based on the Ruby language open source web application framework for network security monitoring web applications . Snorby suffers from an HTML injection vulnerability that could be exploited by an attacker to cause the browser to execute arbitrary HTML or script...

Joomla! Helpdesk Pro plugin cross-site scripting vulnerability

Joomla! is a well-known content management system in foreign countries. Joomla! is a software system developed using the PHP language coupled with a MySQL database, which can be implemented on a variety of different platforms such as Linux, Windows, MacOSX and so on. Helpdesk Pro plugin version...

Zenphoto has multiple unspecified vulnerabilities

ZenPhoto is a compact photo album software with RSS output, FTP upload method, Tag function, comment reply and other features. The following security vulnerabilities exist in versions of Zenphoto prior to 1.4.9, which can be exploited by attackers to take control of the application, access or...

phpLiteAdmin Cross-Site Scripting Vulnerability

phpLiteAdmin is a software developer Dane Iracleous developed a set of PHP implementation and Web-based open-source SQLite database management tool . A cross-site scripting vulnerability exists in phpLiteAdmin. When a user browses the affected website, his browser will execute arbitrary script co...

IPython JSON Error Response Cross-Site Scripting Vulnerability

IPython is an enhanced version of Python's native interactive shell. IPython suffers from cross-site scripting vulnerabilities that could be exploited by attackers to execute arbitrary script code in the context of an affected website in a browser without the user's knowledge. This could allow an...

IBM WebSphere Portal Cross-Site Scripting Vulnerability (CNVD-2015-04462)

IBM WebSphere Portal is a suite of enterprise portal software from IBM. The software creates a platform that connects an organization internally and externally, allowing employees, customers and suppliers to access internal data through the platform. A cross-site scripting vulnerability exists in...

IBM WebSphere Portal Cross-Site Scripting Vulnerability (CNVD-2015-04461)

IBM WebSphere Portal is a suite of enterprise portal software from IBM. The software creates a platform that connects the internal and external parts of an organization, allowing employees, customers and suppliers to access internal data through the platform. A cross-site scripting vulnerability...

IBM Jazz Team Server Cross-Site Scripting Vulnerability

IBM Jazz Team Server is a suite of project management tools for use in IBM Rational Jazz Team Collaboration Platform from IBM in the United States. A cross-site scripting vulnerability exists in IBM Jazz Team Server that stems from the program's failure to adequately filter user-submitted input...

Cacti vulnerable to cross-site scripting

Overview Cacti is a web application that graphs stored data collected from network devices. Cacti contains a cross-site scripting vulnerability CWE-79 due to a flaw in processing parameters in settings.php. Daiki Fukumori of Cyber Defense Institute, Inc. and Masako Ohno reported this vulnerabilit...

WordPress Salem Theme Cross-Site Scripting Vulnerability

WordPress is a blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. WordPress Salem Theme suffers from a cross-site scripting vulnerability due to the program failing to adequately filter user-supplied input. An attacker is allowed ...

IBM Business Process Manager Cross-Site Scripting Vulnerability (CNVD-2015-04371)

IBM Business Process Manager BPM is a comprehensive set of business process management platform from IBM in the United States. The platform provides a range of tools related to process modeling, assembly, monitoring and deployment for business. A cross-site scripting vulnerability exists in IBM B...

Chamilo LMS HTML Injection Vulnerability

Chamilo LMS is an open source online learning and collaboration system developed by the Chamilo Association. The system supports the creation of instructional content, distance training and online question and answer sessions. Chamilo LMS suffers from an HTML injection vulnerability that stems fr...

Chamilo LMS Cross-Site Request Forgery Vulnerability

Chamilo LMS is an open source online learning and collaboration system developed by the Chamilo Association. The system supports the creation of instructional content, distance training and online question and answer sessions. Chamilo LMS suffers from cross-site request forgery vulnerabilities th...

WordPress Ultimate Member 'class.p.php' plugin cross-site scripting vulnerability

WordPress is a blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the WordPress Ultimate Member 'class.p.php' plugin due to the program failing to adequately filter user-supplied inpu...

Multiple Cross-Site Scripting Vulnerabilities in Multiple WordPress Plugins

WordPress is a blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. Multiple cross-site scripting vulnerabilities exist in several WordPress plugins due to the program failing to adequately filter user-supplied input. An attacker is...

Drupal Shibboleth authentication module cross-site scripting vulnerability

Drupal is a free and open source content management system developed in PHP and maintained by the Drupal community.Shibboleth Authentication is one of the user login and get access to the authentication module . A cross-site scripting vulnerability exists in the Drupal Shibboleth authentication...

WordPress Broken Link Checker Plugin Cross-Site Scripting Vulnerability

WordPress is a blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the WordPress Broken Link Checker plugin. The vulnerability allows attackers to steal cookie-based authentication...

Ruby On Rails Paperclip Cross-Site Scripting Vulnerability

Ruby on Rails Rails is Rails core team development and maintenance of a set of open source Web application framework based on the Ruby language . Paperclip is a Rails upload image plugin . Ruby On Rails Paperclip has a cross-site scripting vulnerability. This vulnerability allows an attacker to...

CVE-2015-5371

The AuthenticationFilter class in SolarWinds Storage Manager allows remote attackers to upload and execute arbitrary scripts via unspecified vectors...

Apple Safari PDF Arbitrary Script Execution Vulnerability

Apple Safari is a popular WEB browser. A security vulnerability exists in Apple Safari that allows an attacker to construct a malicious URI containing an embedded PDF page, which induces a user to visit it and execute arbitrary script code in the context of the target user...