Jack (tR) Jax LinkLists 1.00 - 'jax_linklists.php' Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/28518/info Jax LinkLists is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of a...

Joomla MS Comment Component 0.8.0b Security Bypass and Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/38250/info The MS Comment component for Joomla! is prone to a security-bypass vulnerability because it fails to properly sanitize user-supplied input. The component is also prone to a security-bypass vulnerability because...

Thwboard Beta 2.8 calendar.php year Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/15763/info ThWboard is prone to multiple input validation vulnerabilities. The application is vulnerable to HTML injection, cross-site scripting, and SQL injection; these issues are due to a lack of proper sanitization of...

Grayscale BandSite CMS 1.1 footer.php this_year Parameter XSS

No description provided by source. !/usr/bin/env python coding: utf-8 from pocsuite.net import req from pocsuite.poc import POCBase, Output from pocsuite.utils import register from urlparse import urljoin class TestPOCPOCBase: vulID = 'SSV-82196' vul ID version = '1' author = 'fenghh' vulDate =...

XMB Forum 1.8 BBcode align Tag XSS

No description provided by source. source: http://www.securityfocus.com/bid/9726/info XMB Forum has been reported prone to multiple cross-site scripting, HTML injection and SQL injection vulnerabilities. The issues present themselves due to insufficient sanitization of remote user supplied data. ...

Juniper Networks Secure Access 2000 - 'rdremediate.cgi' Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/28034/info Juniper Networks Secure Access 2000 is prone to a cross-site scripting vulnerability because it fails to adequately sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script...

NPDS 4.8 News Message HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5797/info Problems with NPDS could make it possible to execute arbitrary script code in a vulnerable client. NPDS does not sufficiently filter potentially malicious HTML code from news posts. As a result, when a user view...

AutoIndex PHP Script 2.2.2 PHP_SELF Index.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/26411/info AutoIndex PHP Script is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute arbitrary script code in...

EveryAuction 1.53 Auction.PL Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/15824/info EveryAuction is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to run arbitrary script code in the browser of an...

URLStreet 1.0 - 'seeurl.php' Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/28650/info URLStreet is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code...

PWSPHP 1.2 - Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/13561/info PwsPHP is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have...

Thomson SpeedTouch 716 URL Parameter Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/26808/info Thomson SpeedTouch 716 is prone to a cross-site scripting vulnerability because the device fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in...

Php-Stats 0.1.9.2 Tracking.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/25674/info Php-Stats is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...

phpFreeChat 1.1 'demo21_with_hardocded_urls.php' Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/30292/info phpFreeChat is prone to an unspecified cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...

mysource 2.14.8/2.16 - Multiple Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/20153/info MySource products are prone to multiple input-validation vulnerabilities. Exploiting these issues will allow an attacker to manipulate the application into becoming an HTTP proxy and to conduct cross-site...

FireStats WordPress Plugin 1.0.2 Multiple Cross Site Scripting and Authentication Bypass Vulnerabilities (1)

No description provided by source. source: http://www.securityfocus.com/bid/37099/info The FireStats plugin for WordPress is prone to multiple cross-site scripting vulnerabilities and an authentication-bypass vulnerability. An attacker may leverage these issues to gain unauthorized access to the...

Grayscale BandSite CMS 1.1 interview_content.php the_band Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/20137/info Grayscale BandSite CMS is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied input data. These issues may allow an attacker to access sensitive informatio...

AwesomeTemplateEngine 1 Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/27125/info AwesomeTemplateEngine is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code ...

Active Calendar 1.2 data/y_3.php css Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/22705/info Active Calendar is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the...

Claroline 1.8 tracking/toolaccess_details.php toolId Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/30346/info Claroline is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the brows...