Phorum 5.2.18 - '/admin/index.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/49920/info Phorum is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the...

Phorum 5.2.18 - adminindex.php Cross-Site Scripting

Phorum 5.2.18 - adminindex.php Cross-Site Scripting source: https://www.securityfocus.com/bid/49920/info Phorum is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...

WordPress Theme RedLine 1.65 - s Cross-Site Scripting

WordPress Theme RedLine 1.65 - s Cross-Site Scripting source: https://www.securityfocus.com/bid/49880/info The RedLine theme for WordPress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute...

Joomla! < 1.7.0 - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/49853/info Joomla! is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker could leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...

MyNews 1.2 'basepath' Parameter Multiple Remote File Include Vulnerabilities

MyNews 1.2 is prone to multiple remote file-include vulnerabilities because the application fails to sufficiently sanitize user- supplied input. Exploiting these issues may allow a remote attacker to obtain sensitive information or to execute arbitrary script code in the context of the Web server...

Bitweaver 2.8.1 - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/49864/info Bitweaver is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...

Digital College 'basepath' Parameter Multiple Remote File Include Vulnerabilities

Digital College is prone to multiple remote file-include vulnerabilities because the application fails to sufficiently sanitize user-supplied input. Exploiting these issues may allow a remote attacker to obtain sensitive information or to execute arbitrary script code in the context of the Web...

WordPress Theme EvoLve 1.2.5 - 's' Cross-Site Scripting

source: https://www.securityfocus.com/bid/49872/info The EvoLve theme for WordPress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting us...

Digital College <= 1.1 Multiple RFI Vulnerabilities - Active Check

Digital College is prone to multiple remote file-include vulnerabilities because the application fails to sufficiently sanitize user-supplied input. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective...

Adobe ColdFusion 7 - Multiple Cross-Site Scripting Vulnerabilities

Adobe ColdFusion 7 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/49787/info Adobe ColdFusion is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied data. An attacker could exploit...

WordPress BuddyPress Plugin 1.2.10 - HTML Injection Vulnerability

BuddyPress plugin is prone to an HTML-injection vulnerability because of failure to sufficiently clean up user-supplied input. It allows an attacker to execute arbitrary script code in the browser in the context of the affected websites. In this way an attacker can steal cookie-based authenticati...

S9Y Serendipity Freetag-plugin 3.23 - &#039;serendipity[tagview]&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/49771/info Serendipity Freetag-plugin is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting use...

S9Y Serendipity Freetag-plugin 3.23 - serendipity[tagview] Cross-Site Scripting

S9Y Serendipity Freetag-plugin 3.23 - serendipitytagview Cross-Site Scripting source: https://www.securityfocus.com/bid/49771/info Serendipity Freetag-plugin is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage thi...

WordPress Regular Subscriber Plugin 3.1.x - HTML Injection Vulnerability

WordPress Regular Subscriber plugin is prone to an HTML-injection vulnerability because of failure to sufficiently clean up user-supplied input. It allows an attacker to execute arbitrary script code in the browser in the context of the affected websites. In this way an attacker can steal...

WordPress Plugin BuddyPress 1.2.10 WordPress Theme DEV Blogs Mu 1.2.6 (WordPress 3.1.4) - Regular Subscriber HTML Injection

WordPress Plugin BuddyPress 1.2.10 WordPress Theme DEV Blogs Mu 1.2.6 WordPress 3.1.4 - Regular Subscriber HTML Injection source: https://www.securityfocus.com/bid/49765/info Multiple products are prone to an HTML-injection vulnerability because they fail to sufficiently sanitize user-supplied...

WordPress Theme Web Minimalist 1.1 - index.php Cross-Site Scripting

WordPress Theme Web Minimalist 1.1 - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/49874/info The Web Minimalist theme for WordPress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this...

WordPress Theme Trending 0.1 - cpage Cross-Site Scripting

WordPress Theme Trending 0.1 - cpage Cross-Site Scripting source: https://www.securityfocus.com/bid/49896/info The Trending theme for WordPress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execut...

WordPress Theme F8 Lite 4.2.1 - &#039;s&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/49867/info The F8 Lite theme for WordPress is prone to a cross-site-scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting...

WordPress Theme Trending 0.1 - &#039;cpage&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/49896/info The Trending theme for WordPress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting...

WordPress Theme Cover WP 1.6.5 - s Cross-Site Scripting

WordPress Theme Cover WP 1.6.5 - s Cross-Site Scripting source: https://www.securityfocus.com/bid/49873/info The Cover WP theme for WordPress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute...