MyBB 1.4.5 - Multiple Vulnerabilities

MyBB 1.4.5 - Multiple Vulnerabilities source: https://www.securityfocus.com/bid/34798/info MyBB is prone to multiple security vulnerabilities, including an HTML-injection issue and an unspecified issue. An attacker may leverage the HTML-injection issue to execute arbitrary script code in the...

Drupal HTML Injection and Information Disclosure Vulnerabilities

Drupal is prone to a cross-site scripting vulnerability and an information disclosure vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

Coppermine Photo Gallery 1.4.21 - 'css' Cross-Site Scripting

source: https://www.securityfocus.com/bid/34782/info Coppermine Photo Gallery is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

Coppermine Photo Gallery 1.4.21 - css Cross-Site Scripting

Coppermine Photo Gallery 1.4.21 - css Cross-Site Scripting source: https://www.securityfocus.com/bid/34782/info Coppermine Photo Gallery is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to...

BlackBerry Enterprise Server MDS Connection Service XSS

The remote host is running the BlackBerry Enterprise Server MDS Connection Service. The installed version is affected by cross-site scripting vulnerabilities involving the 'customDate', 'interval', 'lastCustomInterval', 'lastIntervalLength', 'nextCustomInterval', 'nextIntervalLength', 'action',...

Invision Power Board (IP.Board) 3.0 - Multiple HTML Injection / Information Disclosure Vulnerabilities

source: https://www.securityfocus.com/bid/34725/info Invision Power Board is prone to an information-disclosure issue and multiple HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to determine path information or to...

Mozilla (Multiple Products) - Server Refresh Header Cross-Site Scripting

source: https://www.securityfocus.com/bid/34656/info The Mozilla Foundation has released multiple security advisories specifying various vulnerabilities in Firefox, Thunderbird, and SeaMonkey. Attackers can exploit these issues to bypass same-origin restrictions, obtain potentially sensitive...

Mozilla (Multiple Products) - Server Refresh Header Cross-Site Scripting

Mozilla Multiple Products - Server Refresh Header Cross-Site Scripting source: https://www.securityfocus.com/bid/34656/info The Mozilla Foundation has released multiple security advisories specifying various vulnerabilities in Firefox, Thunderbird, and SeaMonkey. Attackers can exploit these issue...

Online Contact Manager 3.0 - index.php?showGroup Cross-Site Scripting

Online Contact Manager 3.0 - index.php?showGroup Cross-Site Scripting source: https://www.securityfocus.com/bid/34626/info Online Contact Manager is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these...

RazorCMS 0.3RC2 - Multiple Vulnerabilities

RazorCMS 0.3RC2 - Multiple Vulnerabilities source: https://www.securityfocus.com/bid/34566/info razorCMS is prone to a local information-disclosure vulnerability, a local access-validation vulnerability, a security-bypass vulnerability, and multiple cross-site-scripting vulnerabilities. Attackers...

Novell Teaming 1.0 - User Enumeration Multiple Cross-Site Scripting Vulnerabilities

Novell Teaming 1.0 - User Enumeration Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/34531/info Novell Teaming is prone to a user-enumeration weakness and multiple cross-site scripting vulnerabilities. A remote attacker can exploit the user-enumeration...

Microsoft ISA Server and Forefront Threat Management Gateway Cross-Site Scripting Vulnerability

Description Microsoft ISA Internet Security and Acceleration Server and Forefront Threat Management Gateway TMG are prone to a cross-site scripting vulnerability because the software fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script co...

Banshee 1.4.2 DAAP Extension - appswebvs_diag.cgi Cross-Site Scripting

Banshee 1.4.2 DAAP Extension - appswebvsdiag.cgi Cross-Site Scripting source: https://www.securityfocus.com/bid/34507/info Banshee DAAP Extension is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to...

Banshee 1.4.2 DAAP Extension - '/apps/web/vs_diag.cgi' Cross-Site Scripting

source: https://www.securityfocus.com/bid/34507/info Banshee DAAP Extension is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in th...

MoziloCMS Local File Include and Cross Site Scripting Vulnerabilities

MoziloCMS is prone to a local file-include vulnerability and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit the local file-include vulnerability using directory-traversal strings to view and execute local files within the...

MoziloCMS Local File Include and Cross Site Scripting Vulnerabilities

MoziloCMS is prone to a local file-include vulnerability and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

LinPHA 1.3.2/1.3.3 new_images.php XSS

LinPHA 1.3.2/1.3.3 newimages.php XSS. CVE-2008-6571. Webapps exploit for php platform source: http://www.securityfocus.com/bid/34500/info LinPHA is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input data. Attackers can leverage the...

PPLive Multiple Argument Injection Vulnerabilities

This host has PPLive installed and is prone to multiple argument injection vulnerabilities. OpenVAS Vulnerability Test $Id: secpodpplivecodeexevuln.nasl 5122 2017-01-27 12:16:00Z teissa $ PPLive Multiple Argument Injection Vulnerabilities Authors: Nikita MR Copyright: Copyright c 2009 SecPod,...

Turnkey eBook Store 1.1 - 'keywords' Cross-Site Scripting

source: https://www.securityfocus.com/bid/34324/info Turnkey eBook Store is prone to a cross-site scripting vulnerability. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site and to steal cookie-based...

Sun Java System Calendar Server 6 - 'command.shtml' Cross-Site Scripting

source: https://www.securityfocus.com/bid/34153/info Sun Java System Calendar Server is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspectin...