3351 matches found
PHP Address Book - 'group' Cross-Site Scripting
source: https://www.securityfocus.com/bid/56937/info PHP Address Book is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...
WordPress Plugin Video Lead Form - 'errMsg' Cross-Site Scripting
source: https://www.securityfocus.com/bid/56737/info The Video Lead Form plugin for WordPress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...
TomatoCart 'json.php' Directory Traversal Vulnerability
TomatoCart is prone to a directory traversal vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Joomla! Component com_quiz - SQL Injection
Joomla! Component comquiz - SQL Injection source: https://www.securityfocus.com/bid/56338/info The Quiz component for Joomla! is prone to an SQL-injection vulnerability and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage the...
Gramophone - 'rs' Cross-Site Scripting
source: https://www.securityfocus.com/bid/56299/info Gramophone is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the...
Amateur Photographer's Image Gallery - 'plist.php?albumid' SQL Injection
source: https://www.securityfocus.com/bid/56110/info Amateur Photographer's Image Gallery is prone to multiple SQL injection vulnerabilities, a cross-site scripting vulnerability, and an arbitrary file-disclosure vulnerability because the application fails to sufficiently sanitize user-supplied...
Amateur Photographers Image Gallery - force-download.php?File Information Disclosure
Amateur Photographers Image Gallery - force-download.php?File Information Disclosure source: https://www.securityfocus.com/bid/56110/info Amateur Photographer's Image Gallery is prone to multiple SQL injection vulnerabilities, a cross-site scripting vulnerability, and an arbitrary file-disclosure...
WordPress Plugin Wordfence Security - Cross-Site Scripting
WordPress Plugin Wordfence Security - Cross-Site Scripting source: https://www.securityfocus.com/bid/56159/info The Wordfence Security plugin for WordPress is prone to a cross-site-scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this iss...
WordPress Plugin Slideshow - Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/56090/info The Slideshow plugin for WordPress is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an...
WANem - Multiple Cross-Site Scripting Vulnerabilities
WANem - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/56326/info WANem is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script...
WordPress Plugin Crayon Syntax Highlighter - wp_load Remote File Inclusion
WordPress Plugin Crayon Syntax Highlighter - wpload Remote File Inclusion source: https://www.securityfocus.com/bid/55919/info The Crayon Syntax Highlighter plug-in for WordPress is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied input...
WordPress Plugin Crayon Syntax Highlighter - 'wp_load' Remote File Inclusion
source: https://www.securityfocus.com/bid/55919/info The Crayon Syntax Highlighter plug-in for WordPress is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied input. Exploiting these issues may allow a remote attacker to obtain sensitive...
ZenPhoto - admin-news-articles.php Cross-Site Scripting
ZenPhoto - admin-news-articles.php Cross-Site Scripting source: https://www.securityfocus.com/bid/55755/info Zenphoto is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...
ZenPhoto - 'admin-news-articles.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/55755/info Zenphoto is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affect...
WordPress Plugin Akismet - Multiple Cross-Site Scripting Vulnerabilities
WordPress Plugin Akismet - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/55749/info The Akismet plugin for WordPress is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may...
WordPress Akismet Plugin - Multiple Cross Site Scripting Vulnerabilities
WordPress Akismet plugin is prone to multiple cross-site scripting vulnerabilities. It fails to properly clean up user-supplied input. An attacker may execute arbitrary script code in the browser of an user in the context of the affected site. In this way the attacker can steal cookie-based...
WordPress Plugin ABC Test - id Cross-Site Scripting
WordPress Plugin ABC Test - id Cross-Site Scripting source: https://www.securityfocus.com/bid/55689/info The ABC Test plugin for WordPress is prone to a cross-site-scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute...
WordPress Plugin MF Gig Calendar - Cross-Site Scripting
WordPress Plugin MF Gig Calendar - Cross-Site Scripting source: https://www.securityfocus.com/bid/55622/info The MF Gig Calendar plugin for WordPress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to...
Poweradmin - 'index.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/55619/info Poweradmin is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of...
Poweradmin - index.php Cross-Site Scripting
Poweradmin - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/55619/info Poweradmin is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the brows...