PhreeBooks Multiple HTML-Injection and Local File Include Vulnerabilities

PhreeBooks is prone to multiple local file-include vulnerabilities and multiple HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit the local file-include vulnerabilities using directory-traversal strings to view files and execute loca...

Juniper Networks SA2000 SSL VPN Appliance - welcome.cgi Cross-Site Scripting

Juniper Networks SA2000 SSL VPN Appliance - welcome.cgi Cross-Site Scripting source: https://www.securityfocus.com/bid/41664/info Juniper Networks SA2000 SSL VPN appliance is prone to a cross-site scripting vulnerability because the web interface fails to properly sanitize user-supplied input. An...

WordPress Plugin Gigya Socialize 1.0/1.1.x - Cross-Site Scripting

source: https://www.securityfocus.com/bid/40582/info The Gigya Socialize Plugin for Wordpress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

log1 CMS 2.0 - Session Handling Remote Security Bypass Remote File Inclusion

log1 CMS 2.0 - Session Handling Remote Security Bypass Remote File Inclusion source: https://www.securityfocus.com/bid/40636/info log1 CMS is prone to a security-bypass vulnerability because of a design flaw and a remote file-include vulnerability because it fails to properly sanitize user-suppli...

Joomla! 1.5.x - Multiple Modules 'search' Parameter Cross-Site Scripting Vulnerabilities

Joomla! 1.5.x Multiple Modules 'search' Parameter Cross-Site Scripting Vulnerabilities. CVE-2010-1649. Webapps exploit for php platform source: http://www.securityfocus.com/bid/40444/info Joomla! is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize...

PHP-Calendar 'description' and 'lastaction' Cross Site Scripting Vulnerabilities

PHP-Calendar is prone to Cross Site Scripting vulnerabilities. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Cacti Multiple Cross Site Scripting Vulnerabilities

Cacti is prone to multiple cross-site scripting vulnerabilities because the software fails to sufficiently sanitize user- supplied input An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allo...

Cisco DPC2100 2.0.2 r1256-060303 - Multiple Security Bypass Cross-Site Request Forgery Vulnerabilities

Cisco DPC2100 2.0.2 r1256-060303 - Multiple Security Bypass Cross-Site Request Forgery Vulnerabilities source: https://www.securityfocus.com/bid/40346/info Cisco DPC2100 formerly Scientific Atlanta DPC2100 is prone to multiple security-bypass and cross-site request-forgery vulnerabilities...

Getsimple CMS 2.01 - 'components.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/40374/info GetSimple CMS is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...

C99Shell 1.0 Pre-Release build 16 (Web Shell) - 'ch99.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/40134/info C99Shell is prone to a cross-site scripting vulnerability because the application fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in...

gpEasy CMS 1.6.2 - editing_files.php Cross-Site Scripting

gpEasy CMS 1.6.2 - editingfiles.php Cross-Site Scripting source: https://www.securityfocus.com/bid/40330/info gpEasy CMS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code...

NPDS REvolution 10.02 - download.php Cross-Site Scripting

NPDS REvolution 10.02 - download.php Cross-Site Scripting source: https://www.securityfocus.com/bid/40227/info NPDS Revolution is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary...

Joomla! Component JComments 2.1 - 'ComntrNam' Cross-Site Scripting

source: https://www.securityfocus.com/bid/40230/info The JComments component for Joomla! is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecti...

NPDS REvolution 10.02 - topic Cross-Site Scripting

NPDS REvolution 10.02 - topic Cross-Site Scripting source: https://www.securityfocus.com/bid/40157/info NPDS Revolution is prone to a cross-site scripting vulnerability because the application fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute...

Saurus CMS 4.7 - 'edit.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/40059/info Saurus CMS is prone to a cross-site scripting vulnerability because the application fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user ...

Saurus CMS 4.7 - edit.php Cross-Site Scripting

Saurus CMS 4.7 - edit.php Cross-Site Scripting source: https://www.securityfocus.com/bid/40059/info Saurus CMS is prone to a cross-site scripting vulnerability because the application fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary scri...

EasyPublish CMS 23.04.2010 - URI Cross-Site Scripting

EasyPublish CMS 23.04.2010 - URI Cross-Site Scripting source: https://www.securityfocus.com/bid/40037/info EasyPublish CMS is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script...

WordPress Plugin TYPO3 't3m_cumulus_tagcloud' Extension 1.0 - HTML Injection / Cross-Site Scripting

source: https://www.securityfocus.com/bid/39926/info TYPO3 't3mcumulustagcloud' extension is prone to HTML-injection and cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage the issues to execute arbitrary script code in the...

VMware View 3.1.x - URL Processing Cross-Site Scripting

source: https://www.securityfocus.com/bid/39949/info VMware View is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the contex...

WordPress Plugin TYPO3 t3m_cumulus_tagcloud Extension 1.0 - HTML Injection Cross-Site Scripting

WordPress Plugin TYPO3 t3mcumulustagcloud Extension 1.0 - HTML Injection Cross-Site Scripting source: https://www.securityfocus.com/bid/39926/info TYPO3 't3mcumulustagcloud' extension is prone to HTML-injection and cross-site scripting vulnerabilities because it fails to properly sanitize...