6238 matches found
Looking Glass - Cross-Site Scripting
Looking Glass - Cross-Site Scripting source: https://www.securityfocus.com/bid/14680/info Looking Glass is prone to a cross-site scripting vulnerability. This issue may be exploited to steal cookie-based authentication credentials from legitimate users of the software. Other attacks are also...
AutoIndex PHP Script 1.5.2 - 'index.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/14154/info AutoIndex PHP Script is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the...
CVE-2005-2074
Cross-site scripting XSS vulnerability in PHP-Fusion 6.0.105 allows remote attackers to inject arbitrary web script or HTML via a news or article post, possibly involving the 1 newsbody, 2 articledescription, or 3 articlebody parameters to submit.php...
CVE-2005-1909
The web server control panel in 602LAN SUITE 2004 allows remote attackers to make it more difficult for the administrator to read portions of log files via a "!-" sequence in an HTTP GET request in the logon, possibly due to a cross-site scripting XSS vulnerability...
CartWIZ 1.10 - 'searchresults.asp' Name Argument Cross-Site Scripting
source: https://www.securityfocus.com/bid/13343/info CartWIZ is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of a...
ProfitCode Software PayProCart 3.0 - AdminShop HDoc Cross-Site Scripting
source: https://www.securityfocus.com/bid/13305/info PayProCart is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser o...
CityPost PHP Image Editor M1M2M3ImgsrcM4 - URI Cross-Site Scripting
CityPost PHP Image Editor M1M2M3ImgsrcM4 - URI Cross-Site Scripting source: https://www.securityfocus.com/bid/13256/info source: https://www.securityfocus.com/bid/13257/info source: https://www.securityfocus.com/bid/13258/info source: https://www.securityfocus.com/bid/13259/info source:...
MVNForum 1.0 - Search Cross-Site Scripting
MVNForum 1.0 - Search Cross-Site Scripting source: https://www.securityfocus.com/bid/13213/info mvnForum is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have...
MVNForum 1.0 - Search Cross-Site Scripting
source: https://www.securityfocus.com/bid/13213/info mvnForum is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of ...
CVE-2005-1116
Cross-site scripting XSS vulnerability in the Calendar module for phpBB allow remote attackers to inject arbitrary web script or HTML via the start parameter to calendarscheduler.php...
RSA Security RSA Authentication Agent For Web 5.2 - Cross-Site Scripting
RSA Security RSA Authentication Agent For Web 5.2 - Cross-Site Scripting source: https://www.securityfocus.com/bid/13168/info A remote cross-site scripting vulnerability affects the RSA Security RSA Authentication Agent for Web. This issue is due to a failure of the application to properly saniti...
ASP PortalApp Multiple SQL Injection
The remote host is running ASP PortalApp, a web application software written in ASP. There is a flaw in the remote software that could allow anyone to inject arbitrary SQL commands, which could in turn be used to gain administrative access on the remote host. In addition, a path disclosure and...
PHPMyDirectory 10.1.3 - review.php Multiple Cross-Site Scripting Vulnerabilities
PHPMyDirectory 10.1.3 - review.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/12900/info phpMyDirectory is prone to a cross-site scripting vulnerability. The problem presents itself when malicious HTML and script code is sent to the application through...
PhotoPost Multiple Vulnerabilities
Binary data 2694.prm...
CVE-2005-0674
Cross-site scripting XSS vulnerability in the News module for paBox 1.6 allows remote attackers to inject arbitrary web script or HTML via the text hidden parameter in an HTTP POST request...
CVE-2005-0641
Cross-site scripting XSS vulnerability in the Reporter for Computer Associates CA Unicenter Asset Management UAM 4.0 allows remote attackers to inject arbitrary HTML or web script via the 1 name or 2 description in a report template...
CVE-2005-0543
Cross-site scripting XSS vulnerability in phpMyAdmin 2.6.1 allows remote attackers to inject arbitrary HTML and web script via 1 the strServer, cfgBgcolorOne, or strServerChoice parameters in selectserver.lib.php, 2 the bgcolor or rowno parameters in displaytbllinks.lib.php, the leftfontfamily...
CVE-2005-0495
Cross-site scripting XSS vulnerability in ZeroBoard allows remote attackers to inject arbitrary web script or HTML via the 1 sn1, 2 year, or 3 page parameter to zboard.php or 4 filename to viewimage.php...
CVE-2005-0477
Cross-site scripting XSS vulnerability in the SML code for Invision Power Board 1.3.1 FINAL allows remote attackers to inject arbitrary web script via 1 a signature file or 2 a message post containing an IMG tag within a COLOR tag whose style is set to background:url...
CVE-2005-0443
index.php in CubeCart 2.0.4 allows remote attackers to 1 obtain the full path for the web server or 2 conduct cross-site scripting XSS attacks via an invalid language parameter, which echoes the parameter in a PHP error message...