RunCMS 2.1 - 'magpie_debug.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/41551/info RunCms is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the...

Mac's CMS 1.1.4 - 'SearchString' Cross-Site Scripting

source: https://www.securityfocus.com/bid/41529/info Mac's CMS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of...

WordPress Plugin Firestats 1.6.5 - Multiple Cross-Site Scripting Vulnerabilities

WordPress Plugin Firestats 1.6.5 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/41548/info FireStats is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issue...

osCSS 1.2.2 - page Cross-Site Scripting

osCSS 1.2.2 - page Cross-Site Scripting source: https://www.securityfocus.com/bid/41510/info osCSS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

Worxware DCP-Portal 7.0 - Multiple Cross-Site Scripting Vulnerabilities

Worxware DCP-Portal 7.0 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/41453/info Worxware DCP-Portal is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issu...

NTSOFT BBS E-Market Professional - Multiple Cross-Site Scripting Vulnerabilities (2)

source: https://www.securityfocus.com/bid/41401/info NTSOFT BBS E-Market Professional is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the browser of an...

Orbis CMS 1.0.2 - editor-body.php Cross-Site Scripting

Orbis CMS 1.0.2 - editor-body.php Cross-Site Scripting source: https://www.securityfocus.com/bid/41390/info Orbis CMS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in...

Orbis CMS 1.0.2 - 'editor-body.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/41390/info Orbis CMS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of...

Flatnux 2010-06.09 - find Cross-Site Scripting

Flatnux 2010-06.09 - find Cross-Site Scripting source: https://www.securityfocus.com/bid/41282/info Flatnux is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the brows...

Microsoft SharePoint Services Help.aspx 'cid0' Parameter XSS

The version of Microsoft SharePoint Services running on the remote host has a cross-site scripting vulnerability. Input sent to the 'cid0' parameter of '/layouts/help.aspx' is not properly sanitized. A remote attacker could exploit this by tricking a user into making a malicious request, resultin...

TornadoStore 1.4.3 - SQL Injection HTML Injection

TornadoStore 1.4.3 - SQL Injection HTML Injection source: https://www.securityfocus.com/bid/41233/info TornadoStore is prone to an SQL-injection vulnerability and an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker may leverage these issues t...

Ceica-GW - login.php Cross-Site Scripting

Ceica-GW - login.php Cross-Site Scripting source: https://www.securityfocus.com/bid/40917/info Ceica-GW is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser o...

Limny 2.1 - 'q' Cross-Site Scripting

source: https://www.securityfocus.com/bid/41152/info Limny is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the...

SoftComplex PHP Event Calendar 1.5 - Multiple Remote Vulnerabilities

source: https://www.securityfocus.com/bid/41043/info SoftComplex PHP Event Calendar is prone to multiple remote security vulnerabilities including cross-site scripting, HTML-injection, directory-traversal, and cross-site request-forgery issues. Attackers can exploit these issues to obtain sensiti...

SoftComplex PHP Event Calendar 1.5 - Multiple Remote Vulnerabilities

SoftComplex PHP Event Calendar 1.5 - Multiple Remote Vulnerabilities source: https://www.securityfocus.com/bid/41043/info SoftComplex PHP Event Calendar is prone to multiple remote security vulnerabilities including cross-site scripting, HTML-injection, directory-traversal, and cross-site...

IBM Websphere ILOG JRules 6.7 - Cross-Site Scripting

IBM Websphere ILOG JRules 6.7 - Cross-Site Scripting source: https://www.securityfocus.com/bid/41030/info IBM WebSphere ILOG JRules is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary...

Sigmer Technologies Scribe CMS - copy_folder.php Cross-Site Scripting

Sigmer Technologies Scribe CMS - copyfolder.php Cross-Site Scripting source: https://www.securityfocus.com/bid/41000/info Sigmer Technologies Scribe CMS is prone to a cross-site scripting vulnerability because the application fails to sufficiently sanitize user-supplied input. An attacker may...

osCMax 2.0 - articles.php Cross-Site Scripting

osCMax 2.0 - articles.php Cross-Site Scripting source: https://www.securityfocus.com/bid/40998/info osCmax is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browse...

Apache Tomcat 4.x < 4.1.39 Multiple Vulnerabilities

According to its self-reported version number, the instance of Apache Tomcat 4.x listening on the remote host is prior to 4.1.39. It is, therefore, affected by one or more of the following vulnerabilities : - If the remote Apache Tomcat install is configured to use the SingleSignOn Valve, the...

Microsoft Excel Embedded Shockwave Flash Object Code Execution (MS06-069; CVE-2006-3014)

Microsoft Excel is a popular spreadsheet application that is usually released as a part of the Microsoft Office suite. The application can create complex spreadsheets with multiple workbooks, formulas, and various data sources. The common extension used for Microsoft Excel documents is .xls. A...