phpLDAPadmin 1.2.2 - 'base' Cross-Site Scripting

source: https://www.securityfocus.com/bid/51793/info phpLDAPadmin is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context ...

Unfixed XSS vulnerability at www.hpcalc.org

Security researcher slake, has submitted on 13/01/2012 a cross-site-scripting XSS vulnerability affecting www.hpcalc.org, which at the time of submission ranked 684374 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 13/01/2012. It is currently...

Priza Israel CMS 0.0.2 Cross Site Scripting / SQL Injection

Exploit Title: Priza Israel Cms SQL Injection / XSS Multiple Vulnerability Date: 2012-01-05 GMT +7 Author: BHG Security Center Software Link: http://www.priza.co.il/ Vendor Responses: They didn't respond to the emails. Dork: intext:"Powered by Priza" Version : 0.0.2 Tested on: ubuntu 11.04 CVE : ...

CVE-2011-4778

CVE-2011-4778 affects Splunk Web in Splunk 4.2.x up to, but not including, 4.2.5. It is a cross-site scripting (XSS) vulnerability that allows remote attackers to inject arbitrary web script or HTML via unspecified vectors (aka SPL-44614). Impact is remote code execution of scripts within the bro...

Unfixed XSS vulnerability at www.france-horticulture.com

Security researcher Atmon3r, has submitted on 16/12/2011 a cross-site-scripting XSS vulnerability affecting www.france-horticulture.com, which at the time of submission ranked 21420621 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 18/12/2011...

Expinion.Net Member Management System 'REF_URL' Parameter Cross-Site Scripting Vulnerability

The host is running Member Management System and is prone to cross site scripting vulnerability. OpenVAS Vulnerability Test $Id: gbmembermanagementsystemxssvuln.nasl 5750 2017-03-28 14:10:17Z cfi $ Expinion.Net Member Management System 'REFURL' Parameter Cross-Site Scripting Vulnerability Authors...

CVE-2011-4572

Cross-site scripting XSS vulnerability in inc/tesmodrewite.php in CF Image Hosting Script 1.3.82, 1.4.1, and probably other versions before 1.4.2 allows remote attackers to inject arbitrary web script or HTML via the q parameter. NOTE: this was originally reported as a file disclosure...

Tinderbox.mozilla.org Cross Site Scripting

Exploit Title: tinderbox.mozilla.org Cross Site Scripting Vulnerability Date: 12/11/2011 - 04:00am Author: Ryuzaki Lawlet Website: http://jusryuz.blogspot.com Tested On: WinXP Platform: - Email: [email protected] $ Vulnerable : http://domains.domain.org/showbuilds.cgi?tree=SeaMonkey&hours= $...

Unfixed XSS vulnerability at ono.sunyconnect.suny.edu

Security researcher JonStockton, has submitted on 11/12/2011 a cross-site-scripting XSS vulnerability affecting ono.sunyconnect.suny.edu, which at the time of submission ranked 30069 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 11/12/2011. I...

Unfixed XSS vulnerability at www.murvegetalexterieur.com

Security researcher Atmon3r, has submitted on 11/12/2011 a cross-site-scripting XSS vulnerability affecting www.murvegetalexterieur.com, which at the time of submission ranked 0 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 13/12/2011. It is...

Unfixed XSS vulnerability at www.mamapedia.com

Security researcher Aleks, has submitted on 15/10/2011 a cross-site-scripting XSS vulnerability affecting www.mamapedia.com, which at the time of submission ranked 11613 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 08/12/2011. It is currentl...

Microsoft Forefront Unified Access Gateway (CVE-2011-1897) Cross-Site Scripting Vulnerability

Description Microsoft Forefront Unified Access Gateway is prone to a cross-site scripting vulnerability because Web Monitor fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of...

Cross-site Scripting Vulnerabilities in Pretty Link WordPress Plugin

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Pretty Link WordPress Plugin which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerabilities in Pretty Link WordPress Plugin 1.1 Input passed via the "mindate" GET...

CVE-2009-5092

Cross-site scripting XSS vulnerability in the management interface in Microsoft FAST ESP 5.1.5 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

OneFileCMS 1.1.1 - 'onefilecms.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/49257/info OneFileCMS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage this issue to execute arbitrary script code in the...

phpWebSite - 'page_id' Cross-Site Scripting

source: https://www.securityfocus.com/bid/49176/info phpWebSite is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of...

CVE-2011-2694

Cross-site scripting XSS vulnerability in the chgpasswd function in web/swat.c in the Samba Web Administration Tool SWAT in Samba 3.x before 3.5.10 allows remote authenticated administrators to inject arbitrary web script or HTML via the username parameter to the passwd program aka the user field...

SuSE 11.1 Security Update : flash-player (SAT Patch Number 4666)

This update of flash player fixes a cross-site scripting vulnerability CVE-2011-2107. For further details please refer to http://www.adobe.com/support/security/bulletins/apsb11-13.html . %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin we...

CVE-2011-1157

Cross-site scripting XSS vulnerability in feedparser.py in Universal Feed Parser aka feedparser or python-feedparser 5.x before 5.0.1 allows remote attackers to inject arbitrary web script or HTML via malformed XML comments...

Unfixed XSS vulnerability at dutyfreehosting.com

Security researcher db, has submitted on 04/01/2011 a cross-site-scripting XSS vulnerability affecting dutyfreehosting.com, which at the time of submission ranked 911435 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 11/12/2011. It is currentl...