Barracuda Networks IM Firewall Cross-Site Scripting Vulnerability

Barracuda Networks IM Firewall is an instant messaging solution from Barracuda Networks that integrates an IM server, client management and security measures. The solution provides keyword identification and reporting, file transfer, IM traffic identification and logging. A cross-site scripting...

Barracuda Networks IM Firewall HTML Injection Vulnerability

Barracuda Networks IM Firewall is an instant messaging solution from Barracuda Networks that integrates an IM server, client management and security measures. The solution provides keyword identification and reporting, file transfer, IM traffic identification and logging. An HTML injection...

Drupal Open Legislation module cross-site scripting vulnerability

Drupal is a free, open source content management system developed in PHP and maintained by the Drupal community.Open Legislation is one of the open database modules. A cross-site scripting vulnerability exists in the Drupal Open Legislation module, which stems from the program's failure to...

TinyWebGallery Cross-Site Scripting Vulnerability

TinyWebGallery TWG is a software developer Michael Dempfle developed a set of open source album based on Ajax, PHP and XML , it provides text and image watermarking , slide show , image uploading and management and other functions . A cross-site scripting vulnerability exists in TWG that stems fr...

Fumy Teacher's Schedule Board vulnerable to cross-site scripting

Overview Fumy Teacher's Schedule Board provided by Nishishi Factory is a CGI program that displays schedules. Fumy Teacher's Schedule Board contains a cross-site scripting vulnerability. OHTA, Yoshinori of Business Architects Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the...

Cross-site scripting vulnerability in Drupal Webform module

Drupal is a developmental CMF Content Management Framework written in the PHP language. A cross-site scripting vulnerability exists in the Drupal Webform module. Because the program fails to properly filter user-supplied text, an attacker can exploit the vulnerability to execute arbitrary script...

Multiple Cross-Site Scripting Vulnerabilities in Drupal Site Documentation Module

Drupal is a developmental CMF Content Management Framework written in the PHP language. Multiple cross-site scripting vulnerabilities exist in the Drupal Site Documentation module. Because the application fails to properly filter user-supplied input, an attacker could exploit the vulnerabilities ...

Multiple Cross-Site Scripting Vulnerabilities in Drupal Image Title Module

Drupal is a developmental CMF Content Management Framework written in the PHP language. Multiple cross-site scripting vulnerabilities exist in the Drupal Image Title module. Because the application fails to properly filter user-supplied input, an attacker could exploit the vulnerabilities to...

Hulihan Applications Onyx Cross-Site Scripting Vulnerability

Hulihan Applications Onyx is a U.S. Hulihan Applications company based on Ruby on Rails a set of open source Web application framework based on the Ruby language of the open source image library , which provides customized themes , image uploads and image effects and other features . A cross-site...

WordPress Plugin Google Analytics by Yoast 'class-admin.php' HTML Injection Vulnerability

WordPress is a use of PHP language development blog platform, users can support PHP and MySQL database server set up their own weblog. An HTML injection vulnerability exists in the WordPress plugin Google Analytics by Yoast 'class-admin.php'. An attacker can exploit the vulnerability to execute...

SUSE-SU-2015:0593-1 Security update for Mozilla Firefox

MozillaFirefox was updated to the 31.5.3ESR release to fix two security vulnerabilities: MFSA 2015-29 / CVE-2015-0817: Security researcher ilxu1a reported, through HP Zero Day Initiative's Pwn2Own contest, a flaw in Mozilla's implementation of typed array bounds checking in JavaScript just-in-tim...

Drupal Trick Question module cross-site scripting vulnerability

Drupal is a free, open source content management system developed in PHP and maintained by the Drupal community.Trick Question is one of the CAPTCHA type spam defense modules. A cross-site scripting vulnerability exists in the Drupal Trick Question module. The vulnerability is due to the program...

BEdita CMS has multiple vulnerabilities

BEdita CMS is a web development framework that provides a full-featured content management system CMS. A cross-site scripting vulnerability and a cross-site request forgery vulnerability exist in BEdita CMS. When a user browses the affected website, his/her browser will execute arbitrary script...

Microsoft Internet Explorer Elevation of Privilege (MS15-018: CVE-2015-1627)

An elevation of privilege vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer validates permissions under specific conditions, potentially allowing script to be run with elevated privileges...

Multiple Cross-Site Scripting Vulnerabilities in PHP Address Book

PHP Address Book is a simple Web-based address book , contact management application developed in PHP . PHP Address Book suffers from multiple cross-site scripting vulnerabilities that could be exploited by an attacker to execute arbitrary web script or HTML in the context of an affected site...

Loxone Smart Home HTML Injection Vulnerability

Loxone Smart Home is a WEB-based application. Loxone Smart Home suffers from an HTML injection vulnerability that could be exploited by an attacker to execute arbitrary HTML script and code in the context of the affected application...

Maroyaka Image Album vulnerable to cross-site scripting

Overview Maroyaka Image Album provided by Maroyaka CGI is a CGI script for placing image files within a website. Maroyaka Image Album contains a cross-site scripting vulnerability. Shoji Baba reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security...

Maroyaka Simple Board vulnerable to cross-site scripting

Overview Maroyaka Simple Board provided by Maroyaka CGI is a CGI script for posting text into a website. Maroyaka Simple Board contains a persistent cross-site scripting vulnerability. Shoji Baba reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Securi...

Multiple Cross-Site Scripting Vulnerabilities in Cisco Security Manager

Cisco Security Manager centralizes the task of configuring policies and controls for Cisco security deployments, enabling efficient management of enterprise-level security. Cisco Security Manager has multiple cross-site scripting vulnerabilities due to the program failing to properly filter...

Drupal inLinks Integration Module Cross-Site Scripting Vulnerability

Drupal is a free, open-source content management system developed in PHP and maintained by the Drupal community. inLinks Integration is one of the modules that sells goods through backlinks. A cross-site scripting vulnerability exists in the Drupal inLinks Integration module due to the program's...