BlackBoard Internet NewsBoard System 1.5.1 - Remote File Inclusion

source: https://www.securityfocus.com/bid/11336/info BlackBoard Internet Newsboard System is reported prone to a remote file include vulnerability. This issue presents itself because the application fails to sanitize user-supplied data properly. This issue may allow an attacker to include malicio...

Debian DSA-246-1 : tomcat - information exposure, XSS

The developers of tomcat discovered several problems in tomcat version 3.x. The Common Vulnerabilities and Exposures project identifies the following problems : - CAN-2003-0042: A maliciously crafted request could return a directory listing even when an index.html, index.jsp, or other welcome fil...

Imatix Xitami 2.5 - Server-Side Includes Cross-Site Scripting

Imatix Xitami 2.5 - Server-Side Includes Cross-Site Scripting source: https://www.securityfocus.com/bid/10778/info It is reported that Imatix Xitami is affected by a cross-site scripting vulnerability in the server side includes test script. This issue is due to a failure of the application to...

WebCT Campus Edition 3.84.x - HTML Injection

WebCT Campus Edition 3.84.x - HTML Injection source: https://www.securityfocus.com/bid/9999/info It has been reported that WebCT Campus Edition may be prone to an HTML injection vulnerability that may allow a remote attacker to execute arbitrary HTML or script code in the browser of an unsuspecti...

XMB Forum 1.8 - member.php?member Cross-Site Scripting

XMB Forum 1.8 - member.php?member Cross-Site Scripting source: https://www.securityfocus.com/bid/8013/info XMB Forum has been reported prone to multiple cross-site scripting and HTML-injection vulnerabilities because the application fails to sanitize user-supplied data. An attacker may exploit an...

Happymall E-Commerce Software 4.34.4 - Normal_HTML.cgi Cross-Site Scripting

Happymall E-Commerce Software 4.34.4 - NormalHTML.cgi Cross-Site Scripting source: https://www.securityfocus.com/bid/7557/info IT has been reported that Happymall E-Commerce is prone to cross-site scripting attacks. The problem occurs due to insufficient sanitization of user-supplied URI...

Basic Analysis and Security Engine (BASE) 1.2.4 - PrintFreshPage Cross-Site Scripting

Basic Analysis and Security Engine BASE 1.2.4 - PrintFreshPage Cross-Site Scripting source: https://www.securityfocus.com/bid/17391/info BASE is prone to a cross-site scripting vulnerability. The application fails to properly sanitize user-supplied input in the 'PrintFreshPage' function. An...

ACWeb 1.141.8 - Cross-Site Scripting

ACWeb 1.141.8 - Cross-Site Scripting source: https://www.securityfocus.com/bid/5793/info acWEB is prone to cross-site scripting attacks. It is possible to construct a malicious link to the web server which contains arbitrary script code. When the link is visited, the script code will be executed ...

GNU Mailman 2.0.x - Subscribe Cross-Site Scripting

source: https://www.securityfocus.com/bid/5298/info GNU Mailman is prone to a cross-site scripting vulnerability. Arbitrary HTML and script code are not sanitized from the URI parameters of mailing list subscribe scripts. An attacker may exploit this issue by creating a malicious link containing...

ReBB 1.0 - Image Tag Cross-Agent Scripting

source: https://www.securityfocus.com/bid/4220/info ReBB is web forum software which will run on most Unix and Linux variants, as well as Microsoft Windows operating systems. It is written in PHP and may be back-ended by a number of databases. ReBB allows users to include images in forum messages...

Ultimate Bulletin Board 5.46.06.2 - Cross-Agent Scripting

Ultimate Bulletin Board 5.46.06.2 - Cross-Agent Scripting source: https://www.securityfocus.com/bid/3829/info UBB Ultimate Bulletin Board is commercial web forums/community software that is written in Perl. It runs on various Unix/Linux variants, as well as Microsoft Windows NT/2000. UBB is prone...