Astaro Security Linux 5 - index.fpl Cross-Site Scripting

Astaro Security Linux 5 - index.fpl Cross-Site Scripting source: https://www.securityfocus.com/bid/38893/info Astaro Security Linux is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary...

vBulletin 4.0.2 - Search Cross-Site Scripting

vBulletin 4.0.2 - Search Cross-Site Scripting source: https://www.securityfocus.com/bid/38895/info vBulletin is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...

PHPWind 6.0 - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/38867/info PHPWind is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting...

PHPWind 6.0 - Multiple Cross-Site Scripting Vulnerabilities

PHPWind 6.0 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/38867/info PHPWind is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execu...

(Multiple Products) - banner.swf Cross-Site Scripting

Multiple Products - banner.swf Cross-Site Scripting source: https://www.securityfocus.com/bid/38732/info Multiple products are prone to a cross-site scripting vulnerability because the applications fail to properly sanitize user-supplied input. An attacker may leverage this issue to execute...

Dojo Toolkit 1.4.1 - dijittests_testCommon.js?theme Cross-Site Scripting

Dojo Toolkit 1.4.1 - dijitteststestCommon.js?theme Cross-Site Scripting source: https://www.securityfocus.com/bid/38739/info Dojo is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execut...

Dojo Toolkit 1.4.1 - '/dijit/tests/_testCommon.js?theme' Cross-Site Scripting

source: https://www.securityfocus.com/bid/38739/info Dojo is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...

(Multiple Products) - 'banner.swf' Cross-Site Scripting

source: https://www.securityfocus.com/bid/38732/info Multiple products are prone to a cross-site scripting vulnerability because the applications fail to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting...

Dojo Toolkit 1.4.1 - dohrunner.html Multiple Cross-Site Scripting Vulnerabilities

Dojo Toolkit 1.4.1 - dohrunner.html Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/38739/info Dojo is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues...

Andromeda 1.9.2 - 's' Cross-Site Scripting / Session Fixation

source: https://www.securityfocus.com/bid/38735/info Andromeda is prone to a cross-site scripting vulnerability and a session-fixation vulnerability. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site a...

[xss] a xss on "threadid" parameter in BBSMAX

i found a xss on "threadid" parameter in "post.aspx" in BBSMAX , it's "post.aspx?action=reply&threadid=" Vulnerable: BBSMAX 4.2 BBSMAX 4.1 BBSMAX 3.0 For example: http://bbs.example.com/forum1/post.aspx?action=reply&threadid="scriptalert/liscker/;/script BBSMAX Home Page : http://www.bbsmax.com/...

DDL CMS 2.1 - blacklist.php Cross-Site Scripting

DDL CMS 2.1 - blacklist.php Cross-Site Scripting source: https://www.securityfocus.com/bid/38643/info DDL CMS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...

DDL CMS 2.1 - 'blacklist.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/38643/info DDL CMS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of th...

BBSMAX 3.0 / 4.1 / 4.2 Cross Site Scripting

i found a xss on "action" parameter in "post.aspx" in BBSMAX , it's "post.aspx?action=" Vulnerable: BBSMAX 4.2 BBSMAX 4.1 BBSMAX 3.0 For example: http://bbs.example.com/forum1/post.aspx?action=newthread"alert/liscker/ BBSMAX Home Page : http://www.bbsmax.com/ BBSMAX is prone to an cross-site...

Six Apart Vox - search Page Cross-Site Scripting

Six Apart Vox - search Page Cross-Site Scripting source: https://www.securityfocus.com/bid/38575/info Six Apart Vox is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary...

vBulletin 4.0.2 Multiple Cross Site Scripting Vulnerabilities

vBulletin is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the...

WampServer 2.0i - 'lang' Cross-Site Scripting

source: https://www.securityfocus.com/bid/38357/info WampServer is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of...

Social Web CMS 2 - index.php Cross-Site Scripting

Social Web CMS 2 - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/38329/info Social Web CMS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in...

IBM Websphere Portal 6.0.1.5 Build wp6015 - Portlet Palette Search HTML Injection

source: https://www.securityfocus.com/bid/38360/info IBM WebSphere Portal is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input. An authenticated attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting use...

Social Web CMS 2 - 'index.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/38329/info Social Web CMS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the contex...