Event Calender PHP - Multiple Input Validation Vulnerabilities

source: https://www.securityfocus.com/bid/54455/info Event Calender PHP is prone to multiple input validation vulnerabilities. Exploiting these vulnerabilities could allow an attacker to execute arbitrary script code, steal cookie-based authentication credentials, compromise the application, acce...

web@all - 'name' Cross-Site Scripting

source: https://www.securityfocus.com/bid/54466/info web@all is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of...

Kajona - getAllPassedParams() Multiple Cross-Site Scripting Vulnerabilities

Kajona - getAllPassedParams Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/54391/info Kajona is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execu...

Microsoft SharePoint CVE-2012-1863 Cross Site Scripting Vulnerability

Description Microsoft SharePoint is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may...

Flogr - tag Multiple Cross-Site Scripting Vulnerabilities

Flogr - tag Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/54354/info Flogr is prone to multiple unspecified cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute...

WordPress Plugin church_admin - id Cross-Site Scripting

WordPress Plugin churchadmin - id Cross-Site Scripting source: https://www.securityfocus.com/bid/54329/info The churchadmin plugin for WordPress is prone to a cross-site-scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execu...

WordPress Plugin church_admin - 'id' Cross-Site Scripting

source: https://www.securityfocus.com/bid/54329/info The churchadmin plugin for WordPress is prone to a cross-site-scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

WordPress Plugin Knews Multilingual Newsletters - Cross-Site Scripting

source: https://www.securityfocus.com/bid/54330/info Knews Multilingual Newsletters for WordPress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

WordPress Plugin SocialFit - 'msg' Cross-Site Scripting

source: https://www.securityfocus.com/bid/54320/info SocialFit plugin for WordPress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting us...

FreeBSD : typo3 -- XSS Vulnerability in TYPO3 Core (c28ee9cd-916e-4dcf-8ed3-e97e5846db6c)

Typo3 Security Report TYPO3-CORE-SA-2012-003 : TYPO3 bundles and uses an external JavaScript and Flash Upload Library called swfupload. TYPO3 can be configured to use this Flash uploader. Input passed via the 'movieName' parameter to swfupload.swf is not properly sanitised before being used in a...

WordPress Plugin PHPFreeChat - 'url' Cross-Site Scripting

source: https://www.securityfocus.com/bid/54332/info PHPFreeChat is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the...

WordPress Plugin PHPFreeChat - url Cross-Site Scripting

WordPress Plugin PHPFreeChat - url Cross-Site Scripting source: https://www.securityfocus.com/bid/54332/info PHPFreeChat is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...

WordPress Plugin custom tables - key Cross-Site Scripting

WordPress Plugin custom tables - key Cross-Site Scripting source: https://www.securityfocus.com/bid/54326/info WordPress custom tables plugin is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary...

SWFupload - 'movieName' Cross-Site Scripting

source: https://www.securityfocus.com/bid/54245/info SWFUpload is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the...

SWFupload - movieName Cross-Site Scripting

SWFupload - movieName Cross-Site Scripting source: https://www.securityfocus.com/bid/54245/info SWFUpload is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

TEMENOS T24 - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/54235/info TEMENOS T24 is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in th...

TEMENOS T24 - Multiple Cross-Site Scripting Vulnerabilities

TEMENOS T24 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/54235/info TEMENOS T24 is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute...

Oracle iPlanet Web Server 7.0.x < 7.0.15 Multiple Vulnerabilities

According to its self-reported version, the Oracle iPlanet Web Server formerly Sun Java System Web Server running on the remote host is 7.0.x prior to 7.0.15. It is, therefore, affected by the following vulnerabilities : - Multiple cross-site scripting vulnerabilities exist due to parameter...

Schoolhos CMS - HTML Injection

Schoolhos CMS - HTML Injection source: https://www.securityfocus.com/bid/54204/info Schoolhos CMS is prone to an arbitrary file-upload vulnerability and multiple HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input. An attacker could exploit these issues to...

Opera Web Browser 11.65之前版本多个漏洞

BUGTRAQ ID: 54011 Opera为来自挪威的一个浏览器。 Opera Web Browser 11.65之前版本在实现上存在多个漏洞，攻击者可利用这些漏洞执行任意脚本代码，泄露敏感信息或欺骗可信站点的原始URL，进行网络钓鱼攻击。 0 Opera Software Opera Web Browser 9.x Opera Software Opera Web Browser 11.x Opera Software Opera Web Browser 10.x 厂商补丁： Opera Software --------------...