Joomla! cross-site scripting vulnerability

Overview Joomla!, an open source content management system, contains a cross-site scripting vulnerability. This vulnerability is different from JVN79484135. Impact An arbitrary script may be executed on the user's web browser. If session information in a cookie is leaked, an attacker could possib...

Wiki clone cross-site scripting vulnerability

Overview Some Wiki clones contain a vulnerability which could lead to cross-site scripting in their file attachment function. This could allow an attacker to execute an arbitrary script on the browser of a Wiki user. Impact An arbitrary script may be executed on the browser of the user who viewed...

w3ml cross-site scripting vulnerability

Overview w3ml, a program used to display mailing list logs on the web site, contains a cross-site scripting vulnerability. Impact An arbitrary script could be executed on the user's web browser which may allow an attacker to steal cookie information. Solution None...

mod_imap cross-site scripting vulnerability

Overview The "modimap" and "modimagemap" modules of the Apache HTTP Server are used for implementing server-side image map processing. modimap and modimagemap are affected by a cross-site scripting vulnerability when referer values are used in an image map in such a way that they do not handle...

BBSNote cross-site scripting vulnerability

Overview BBSNote, CGI bulletin board script, contains a cross-site scripting vulnerability due to improper handling of CGI arguments. Impact A malicious script may be executed on the user's web browser. Solution None...

osCommerce 2.1/2.2 - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/29055/info osCommerce is prone to multiple cross-site scripting vulnerabilities. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker...

Chicomas 2.0.4 - 'index.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/29025/info ChiCoMaS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of t...

CoronaMatrix phpAddressBook 2.0 - 'username' Cross-Site Scripting Vulnerability

CoronaMatrix phpAddressBook 2.0 'username' Cross Site Scripting Vulnerability. CVE-2008-6646. Webapps exploit for php platform source: http://www.securityfocus.com/bid/29005/info phpAddressBook is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied...

URLStreet 1.0 - seeurl.php Multiple Cross-Site Scripting Vulnerabilities

URLStreet 1.0 - seeurl.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/28650/info URLStreet is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these...

mcGallery 1.1 - show.php?lang Cross-Site Scripting

mcGallery 1.1 - show.php?lang Cross-Site Scripting source: https://www.securityfocus.com/bid/28587/info mcGallery is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary scri...

mcGallery 1.1 - 'show.php?lang' Cross-Site Scripting

source: https://www.securityfocus.com/bid/28587/info mcGallery is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in t...

mcGallery 1.1 - 'sess.php?lang' Cross-Site Scripting

source: https://www.securityfocus.com/bid/28587/info mcGallery is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in t...

@lex Guestbook 4.0.5 - 'setup.php?language_setup' Cross-Site Scripting

source: https://www.securityfocus.com/bid/28519/info @lex Guestbook is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in...

JVN#76669770 PerlMailer cross-site scripting vulnerability

PerlMailer is a mail form CGI provided by "Homepage Decorator". It is used to send mail from a form on a web page. A cross-site scripting vulnerabiltiy exists in PerlMailer. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the latest...

Uberghey CMS 0.3.1 - 'index.php' Multiple Local File Inclusions

source: https://www.securityfocus.com/bid/28217/info Uberghey CMS is prone to multiple local file-include vulnerabilities because it fails to properly sanitize user-supplied input. Exploiting these issues may allow an attacker to access potentially sensitive information and execute arbitrary loca...

GLSA-200803-09 : Opera: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200803-09 Opera: Multiple vulnerabilities Mozilla discovered that Opera does not handle input to file form fields properly, allowing scripts to manipulate the file path CVE-2008-1080. Max Leonov found out that image comments might...

JVN#95014590 Zimbra Collaboration Suite script execution vulnerability

Zimbra Collaboration Suite is a web collaboration tool that provides calendar, address book, webmail, and other functions. Zimbra Collaboration Suite 4.0.3 and 4.5.6 contain a vulnerability that could allow a remote attacker to execute an arbitrary script on the user's web browser. Impact If a us...

Opera browser multiple security vulnerabilities

Information leakage on form file upload, images comments scrip execution , DOM sanitization filters bypass...

CVE-2008-1081

Opera before 9.26 allows user-assisted remote attackers to execute arbitrary script via images that contain custom comments, which are treated as script when the user displays the image properties...

openSUSE 10 Security Update : opera (opera-5028)

This is a version update for Opera to version 9.26 to fix : - Fixed an issue where simulated text inputs could trick users into uploading arbitrary files, as reported by Mozilla. - Image properties can no longer be used to execute scripts, as reported by Max Leonov. - Fixed an issue where the...