TaskFreak! 0.5.5 - error.php Cross-Site Scripting

TaskFreak! 0.5.5 - error.php Cross-Site Scripting source: https://www.securityfocus.com/bid/22537/info TaskFreak! is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary scrip...

Community Server - 'SearchResults.aspx' Cross-Site Scripting

source: https://www.securityfocus.com/bid/22529/info Community Server is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting use...

EWay 4 - Default.APSX Cross-Site Scripting

EWay 4 - Default.APSX Cross-Site Scripting source: https://www.securityfocus.com/bid/22528/info eWay is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...

WordPress 1.x2.0.x - Templates.php Cross-Site Scripting

WordPress 1.x2.0.x - Templates.php Cross-Site Scripting source: https://www.securityfocus.com/bid/22534/info WordPress is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary...

Community Server - SearchResults.aspx Cross-Site Scripting

Community Server - SearchResults.aspx Cross-Site Scripting source: https://www.securityfocus.com/bid/22529/info Community Server is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute...

WordPress Core 1.x/2.0.x - 'Templates.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/22534/info WordPress is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user. This...

Adobe ColdFusion 67 - User_Agent Error Page Cross-Site Scripting

Adobe ColdFusion 67 - UserAgent Error Page Cross-Site Scripting source: https://www.securityfocus.com/bid/22401/info Adobe ColdFusion is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker could exploit this vulnerability to...

OpenEMR 2.8.2 - 'Login_Frame.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/22348/info OpenEMR is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...

Yahoo! Messenger 8.0 - Notification Message HTML Injection

Yahoo! Messenger 8.0 - Notification Message HTML Injection source: https://www.securityfocus.com/bid/22269/info Yahoo! Messenger is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute...

lmmhi-xss.txt

Login Manager Multiple HTML Injections Login Manager is a powerful, robust system that enables web administrators to manage website user accounts easily, create membership protected areas, and effortlessly prevent unauthorized user access to secured areas. Login Manager 3 “LM3” uses PHP and MySQL...

paypal-inject.txt

Paypal Subscription Manager allows webmaster easily create subscription web site, visitors can access to digital product instantly after paying through Paypal, PSM provides ability to effortlessly process subscription and protect membership areas. PSM uses PHP and MySQL for fast, efficient,...

DT_Guestbook 1.0 - 'index.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/22078/info The 'dtguestbook' program is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code execute in the browser of an...

MediaWiki 1.x - AJAX index.php Cross-Site Scripting

MediaWiki 1.x - AJAX index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/21956/info MediaWiki is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary scri...

MediaWiki 1.x - 'AJAX index.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/21956/info MediaWiki is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in th...

Adobe Acrobat Reader Plugin 7.0.x - acroreader Cross-Site Scripting

Adobe Acrobat Reader Plugin 7.0.x - acroreader Cross-Site Scripting Stefano Di Paola http://www.wisec.it/ From Secunia: Input passed to a hosted PDF file is not properly sanitised by the browser plug-in before being returned to users. This can be exploited to execute arbitrary script code in a...

Adobe Acrobat Reader Plugin <= 7.0.x (acroreader) XSS Vulnerability

Exploit for unknown platform in category remote exploits =================================================================== Adobe Acrobat Reader Plugin = 7.0.x acroreader XSS Vulnerability =================================================================== Stefano Di Paola http://www.wisec.it/...

Adobe Acrobat Reader Plugin 7.0.x - &#039;acroreader&#039; Cross-Site Scripting

Stefano Di Paola http://www.wisec.it/ From Secunia: Input passed to a hosted PDF file is not properly sanitised by the browser plug-in before being returned to users. This can be exploited to execute arbitrary script code in a user's browser session in context of an affected site. Example: -...

MyServer 0.9.8 - Post.MSCGI Cross-Site Scripting

MyServer 0.9.8 - Post.MSCGI Cross-Site Scripting source: https://www.securityfocus.com/bid/24583/info MyServer is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script...

AShop Deluxe 4.5 - &#039;editcatalogue.php&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/21845/info AShop Deluxe and AShop Administration Panel are prone to multiple cross-site scripting vulnerabilities because they fail to sufficiently sanitize user-supplied input data. An attacker may leverage these issues to have arbitrary script code...

VCard Pro - gbrowse.php Cross-Site Scripting

VCard Pro - gbrowse.php Cross-Site Scripting source: https://www.securityfocus.com/bid/21844/info vCard PRO is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code...