Blog:CMS 4.2 - Multiple Cross-Site Scripting Vulnerabilities

Blog:CMS 4.2 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/48132/info BLOG:CMS is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrar...

Squiz Matrix 4 - 'colour_picker.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/48118/info Squiz Matrix is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the conte...

Multiple WordPress WooThemes Themes - 'test.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/48110/info Multiple WordPress WooThemes Live Wire are prone to a cross-site scripting vulnerability because they fail to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

Nakid CMS 1.0.2 - CKEditorFuncNum Cross-Site Scripting

Nakid CMS 1.0.2 - CKEditorFuncNum Cross-Site Scripting source: https://www.securityfocus.com/bid/48109/info Nakid CMS is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code...

Nakid CMS 1.0.2 - 'CKEditorFuncNum' Cross-Site Scripting

source: https://www.securityfocus.com/bid/48109/info Nakid CMS is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context ...

vBulletin vBExperience 3 - sortorder Cross-Site Scripting

vBulletin vBExperience 3 - sortorder Cross-Site Scripting source: https://www.securityfocus.com/bid/48106/info vBulletin vBExperience is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute...

ARSC Really Simple Chat 3.3-rc2 - Cross-Site Scripting Multiple SQL Injections

ARSC Really Simple Chat 3.3-rc2 - Cross-Site Scripting Multiple SQL Injections source: https://www.securityfocus.com/bid/48083/info ARSC Really Simple Chat is prone to a cross-site scripting vulnerability and multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize...

Nagios 3.2.3 - expand Cross-Site Scripting

Nagios 3.2.3 - expand Cross-Site Scripting source: https://www.securityfocus.com/bid/48087/info Nagios is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser...

Kentico CMS 5.5R2.23 - userContextMenu_Parameter Cross-Site Scripting

Kentico CMS 5.5R2.23 - userContextMenuParameter Cross-Site Scripting source: https://www.securityfocus.com/bid/48051/info Kentico CMS is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute...

S9Y Serendipity Freetag-plugin 3.21 - index.php Cross-Site Scripting

S9Y Serendipity Freetag-plugin 3.21 - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/48054/info Serendipity Freetag-plugin is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue t...

S9Y Serendipity Freetag-plugin 3.21 - 'index.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/48054/info Serendipity Freetag-plugin is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting use...

BlackBoard Learn 8.0 - 'keywordraw' Cross-Site Scripting

source: https://www.securityfocus.com/bid/48009/info Blackboard Learn is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...

Kryn.cms 0.9 - _kurl Cross-Site Scripting

Kryn.cms 0.9 - kurl Cross-Site Scripting source: https://www.securityfocus.com/bid/47973/info Kryn.cms is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser...

Kryn.cms 0.9 - '_kurl' Cross-Site Scripting

source: https://www.securityfocus.com/bid/47973/info Kryn.cms is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context o...

Ajax Chat 1.0 - 'ajax-chat.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/47953/info Ajax Chat is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context ...

phpScheduleIt 1.2.12 - Multiple Cross-Site Scripting Vulnerabilities

phpScheduleIt 1.2.12 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/47951/info phpScheduleIt is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these issues to...

Mailman < 2.1.14 Multiple XSS

According to its self-reported version number, the Mailman installation running on the remote host has multiple cross-site scripting vulnerabilities. These vulnerabilities can reportedly only be exploited by a list owner. A malicious list owner could exploit these issues to execute arbitrary scri...

Cisco Unified Operations Manager 8.5 - Common Services Device Center Cross-Site Scripting

Cisco Unified Operations Manager 8.5 - Common Services Device Center Cross-Site Scripting source: https://www.securityfocus.com/bid/47903/info Cisco Unified Operations Manager is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacke...

PHP Calendar Basic 2.3 - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/47887/info PHP Calendar Basic is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these issues to execute arbitrary script code in the browser of an unsuspecting user...

eFront 3.6.9 - &#039;submitScore.php&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/47877/info eFront is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of...