Thwboard Beta 2.8 - 'misc.php?userid' SQL Injection

source: https://www.securityfocus.com/bid/15763/info ThWboard is prone to multiple input validation vulnerabilities. The application is vulnerable to HTML injection, cross-site scripting, and SQL injection; these issues are due to a lack of proper sanitization of user-supplied input. A remote...

Microsoft Exchange Server Outlook Web Access HTML Injection Vulnerability

Description Outlook Web Access is prone to an HTML injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the affected application of an unsuspecting user in...

OneWorldStore - 'OWContactUs.asp' Cross-Site Scripting

source: https://www.securityfocus.com/bid/13184/info OneWorldStore is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browse...

Wirtualna Polska WPKontakt 3.0.1 - Remote Script Execution

Wirtualna Polska WPKontakt 3.0.1 - Remote Script Execution source: https://www.securityfocus.com/bid/12097/info WPKontakt is reported prone to a potential script execution vulnerability. It is reported that this issue may allow remote attackers to execute arbitrary script code on a vulnerable...