PivotX 2.3.2 - ajaxhelper.php Cross-Site Scripting

PivotX 2.3.2 - ajaxhelper.php Cross-Site Scripting source: https://www.securityfocus.com/bid/53434/info PivotX is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the...

iGuard Security Access Control Cross Site Scripting Vulnerability

iGuard Security Access Control is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input in the embedded web server. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C ...

Linksys WRT54GL Wireless Router - Cross-Site Request Forgery

Linksys WRT54GL Wireless Router - Cross-Site Request Forgery source: https://www.securityfocus.com/bid/53427/info The Linksys WRT54GL router is prone to a cross-site request-forgery vulnerability. Successful exploits may allow attackers to run privileged commands on the affected device, change...

Ramui Forum Script - 'query' Cross-Site Scripting

source: https://www.securityfocus.com/bid/53411/info Ramui Forum Script is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of...

iGuard Security Access Control Device Firmware 3.6.7427A - Cross-Site Scripting

iGuard Security Access Control Device Firmware 3.6.7427A - Cross-Site Scripting source: https://www.securityfocus.com/bid/53355/info iGuard Security Access Control is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input in the embedded web server...

WordPress Zingiri Web Shop Plugin <= 2.4.2 - Persistent XSS

WordPress Zingiri Web Shop plugin is prone to persistent cross-site scripting vulnerabilities. It fails to properly clean up user-supplied input. An attacker may execute arbitrary script code in the browser of an user in the context of the affected site. In this way the attacker can steal...

MySQLDumper 1.24.4 - main.php Multiple Cross-Site Request Forgery Vulnerabilities

MySQLDumper 1.24.4 - main.php Multiple Cross-Site Request Forgery Vulnerabilities source: https://www.securityfocus.com/bid/53306/info MySQLDumper is prone to multiple security vulnerabilities, including: 1. Multiple cross-site scripting vulnerabilities. 2. A local file-include vulnerability. 3...

MySQLDumper 1.24.4 - Multiple Script Direct Request Information Disclosures

MySQLDumper 1.24.4 - Multiple Script Direct Request Information Disclosures source: https://www.securityfocus.com/bid/53306/info MySQLDumper is prone to multiple security vulnerabilities, including: 1. Multiple cross-site scripting vulnerabilities. 2. A local file-include vulnerability. 3. Multip...

MySQLDumper 1.24.4 - &#039;install.php&#039; Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/53306/info MySQLDumper is prone to multiple security vulnerabilities, including: 1. Multiple cross-site scripting vulnerabilities. 2. A local file-include vulnerability. 3. Multiple cross-site request-forgery vulnerabilities. 4. Multiple...

gpEasy 2.3.3 - jsoncallback Cross-Site Scripting

gpEasy 2.3.3 - jsoncallback Cross-Site Scripting source: https://www.securityfocus.com/bid/53269/info gpEasy is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

gpEasy 2.3.3 - &#039;jsoncallback&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/53269/info gpEasy is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected...

Concrete5 CMS 5.5.2.1 - Information Disclosure / SQL Injection / Cross-Site Scripting

source: https://www.securityfocus.com/bid/53268/info concrete5 is prone to information-disclosure, SQL-injection and cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. An attacker may leverage these issues to harvest sensitive information, compromi...

RealNetworks Helix Server Multiple Remote Vulnerabilities

RealNetworks Helix Server is prone to multiple remote vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

XOOPS 2.5.4 - &#039;/tiny_mce/plugins/xoopsimagemanager/xoopsimagebrowser.php&#039; Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/53143/info XOOPS is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...

Joomla! Plugin Beatz 1.1 - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/53030/info Joomla! Beatz Plugin is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker could leverage these issues to execute arbitrary script code in the browser of an unsuspecting...

Joomla! Plugin Beatz 1.1 - Multiple Cross-Site Scripting Vulnerabilities

Joomla! Plugin Beatz 1.1 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/53030/info Joomla! Beatz Plugin is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker could leverage these...

WordPress Plugin All-in-One Event Calendar 1.4 - &#039;box_publish_button.php?button_value&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/52986/info All-in-One Event Calendar plugin for WordPress is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the...

WordPress Plugin All-in-One Event Calendar 1.4 - agenda-widget-form.php?title Cross-Site Scripting

WordPress Plugin All-in-One Event Calendar 1.4 - agenda-widget-form.php?title Cross-Site Scripting source: https://www.securityfocus.com/bid/52986/info All-in-One Event Calendar plugin for WordPress is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize...

Arbor Networks Peakflow SP 3.6.1 - index Cross-Site Scripting

Arbor Networks Peakflow SP 3.6.1 - index Cross-Site Scripting source: https://www.securityfocus.com/bid/52881/info Peakflow SP is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in...

McAfee WebShield UI ProcessTextFile bodyStyle Parameter XSS (SB10020)

The version of WebShield UI hosted on the remote web server has a reflected cross-site scripting vulnerability. Input to the 'bodyStyle' parameter of ProcessTextFiles is not properly sanitized. A remote attacker could exploit this by tricking a user into requesting a maliciously crafted URL,...