WordPress Flashnews Theme - Multiple Input Validation Vulnerabilities

This Flashnews theme is prone to multiple input-validation vulnerabilities. An attacker to disclose sensitive information, execute arbitrary script code in the browser, cause denial-of-service conditions or steal cookie-based authentication credentials. Other attacks are also possible. Solution...

WordPress Plugin Audio Player - playerID Cross-Site Scripting

WordPress Plugin Audio Player - playerID Cross-Site Scripting source: https://www.securityfocus.com/bid/57848/info The Audio Player plugin for WordPress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue ...

WordPress Plugin Audio Player - 'playerID' Cross-Site Scripting

source: https://www.securityfocus.com/bid/57848/info The Audio Player plugin for WordPress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

WordPress Plugin WP-Table Reloaded - id Cross-Site Scripting

WordPress Plugin WP-Table Reloaded - id Cross-Site Scripting source: https://www.securityfocus.com/bid/57664/info The WP-Table Reloaded plugin for WordPress is prone to a cross-site scripting vulnerability. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

WordPress Theme Chocolate WP - Multiple Vulnerabilities

source: https://www.securityfocus.com/bid/57541/info The Chocolate WP Theme for WordPress is prone to multiple security vulnerabilities. An attacker may leverage these issues to cause denial-of-service conditions, upload arbitrary files to the affected computer, or execute arbitrary script code i...

WordPress Chocolate Theme - Multiple Security Vulnerabilities

The Chocolate Theme is prone to multiple security vulnerabilities. These vulnerabilities allow an attacker to cause denial-of-service conditions, execute arbitrary script code in the browser of an user in the context of the affected site or upload arbitrary files. Other attacks are also possible...

WordPress Theme Chocolate WP - Multiple Vulnerabilities

WordPress Theme Chocolate WP - Multiple Vulnerabilities source: https://www.securityfocus.com/bid/57541/info The Chocolate WP Theme for WordPress is prone to multiple security vulnerabilities. An attacker may leverage these issues to cause denial-of-service conditions, upload arbitrary files to t...

gpEasy CMS - section Cross-Site Scripting

gpEasy CMS - section Cross-Site Scripting source: https://www.securityfocus.com/bid/57522/info gpEasy CMS is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

Cerberus FTP Server < 5.0.6.0 Multiple XSS

The version of Cerberus FTP server on the remote host is earlier than 5.0.6.0. As such, it is potentially affected by the following cross- site scripting vulnerabilities : - The user-supplied input for fields under administration 'Messages' tab are not validated before being returned to the user....

TinyBrowser /tiny_mce/plugins/tinybrowser/upload.php type Parameter XSS

TinyBrowser /tinymce/plugins/tinybrowser/upload.php type Parameter XSS. Webapps exploit for php platform source: http://www.securityfocus.com/bid/57230/info TinyBrowser is prone to multiple vulnerabilities. An attacker may leverage these issues to obtain potentially sensitive information and to...

TinyBrowser - &#039;edit.php&#039; Directory Listing

source: https://www.securityfocus.com/bid/57230/info TinyBrowser is prone to multiple vulnerabilities. An attacker may leverage these issues to obtain potentially sensitive information and to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site...

TinyBrowser - edit.php Directory Listing

TinyBrowser - edit.php Directory Listing source: https://www.securityfocus.com/bid/57230/info TinyBrowser is prone to multiple vulnerabilities. An attacker may leverage these issues to obtain potentially sensitive information and to execute arbitrary script code in the browser of an unsuspecting...

Dell OpenManage Server Administrator - Cross-Site Scripting

Dell OpenManage Server Administrator - Cross-Site Scripting source: https://www.securityfocus.com/bid/57212/info Dell OpenManage Server Administrator is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to...

tinybrowser - &#039;type&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/57230/info TinyBrowser is prone to multiple vulnerabilities. An attacker may leverage these issues to obtain potentially sensitive information and to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site...

WordPress Plugin NextGEN Gallery - &#039;test-head&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/57200/info The NextGEN Gallery plugin for WordPress is prone to a cross-site-scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

WHM - filtername Cross-Site Scripting

WHM - filtername Cross-Site Scripting source: https://www.securityfocus.com/bid/57061/info WHM is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

cPanel WebHost Manager (WHM) - &#039;/webmail/x3/mail/clientconf.html?acct&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/57060/info cPanel and WHM are prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user i...

cPanel - dir Cross-Site Scripting

cPanel - dir Cross-Site Scripting source: https://www.securityfocus.com/bid/57064/info cPanel is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

Hero Framework - userslogin Username Cross-Site Scripting

Hero Framework - userslogin Username Cross-Site Scripting source: https://www.securityfocus.com/bid/57035/info Hero is prone to multiple cross-site scripting vulnerabilities and a cross-site request-forgery vulnerability. An attacker can exploit these vulnerabilities to execute arbitrary script...

Hero Framework - search?q Cross-Site Scripting

Hero Framework - search?q Cross-Site Scripting source: https://www.securityfocus.com/bid/57035/info Hero is prone to multiple cross-site scripting vulnerabilities and a cross-site request-forgery vulnerability. An attacker can exploit these vulnerabilities to execute arbitrary script code in the...