2049 matches found
Adobe ColdFusion Cross-Site Scripting Vulnerability (CNVD-2015-07734)
Adobe ColdFusion is a dynamic Web server , its CFML is a programming language , similar to the current JSP in the JSTL. A cross-site scripting vulnerability exists in Adobe ColdFusion. The program fails to adequately filter user-supplied input, allowing remote attackers to execute arbitrary scrip...
TYPO3 News system extension cross-site scripting vulnerability
TYPO3 is a free and open source content management system framework CMS/CMF maintained by the TYPO3 Association in Switzerland. news system news is one of the extension components that provides press release functionality. A cross-site scripting vulnerability exists in TYPO3 News system extension...
Dojo Toolkit vulnerable to cross-site scripting
Overview Dojo Toolkit is a software to assist in building web applications. Dojo Toolkit contains a cross-site scripting vulnerability. Daiki Fukumori of Cyber Defense Institute, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early...
BBS X102 vulnerable to cross-site scripting
Overview BBS X102 provided by guide-park.com is a bulletin board software. BBS X102 contains a cross-site scripting vulnerability. During the meeting of Committee for authorizing the disclosure of unresolved vulnerabilities held on May 26, 2015, it was judged that an advisory for this vulnerabili...
hitSuji (rktSNS2) vulnetable to cross-site scripting
Overview hitSuji rktSNS2 provided by rakuto.net is an open source SNS software. hitSuji rktSNS2 contains a cross-site scripting vulnerability. During the meeting of Committee for authorizing the disclosure of unresolved vulnerabilities held on May 26, 2015, it was judged that an advisory for this...
JVN#24692261: hitSuji (rktSNS2) vulnetable to cross-site scripting
hitSuji rktSNS2 provided by rakuto.net is an open source SNS software. hitSuji rktSNS2 contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Consider stop using hitSuji rktSNS2 0.2.2b Since the developer was unreachable,...
WordPress Plugin Eventbrite Tickets Cross-Site Scripting Vulnerability
WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the WordPress plugin Eventbrite Tickets. The vulnerability stems from a failur...
Joomla! Helpdesk Pro plugin cross-site scripting vulnerability
Joomla! is a well-known content management system in foreign countries. Joomla! is a software system developed using the PHP language coupled with a MySQL database, which can be implemented on a variety of different platforms such as Linux, Windows, MacOSX and so on. Helpdesk Pro plugin version...
phpLiteAdmin Cross-Site Scripting Vulnerability
phpLiteAdmin is a software developer Dane Iracleous developed a set of PHP implementation and Web-based open-source SQLite database management tool . A cross-site scripting vulnerability exists in phpLiteAdmin. When a user browses the affected website, his browser will execute arbitrary script co...
IBM WebSphere Portal Cross-Site Scripting Vulnerability (CNVD-2015-04462)
IBM WebSphere Portal is a suite of enterprise portal software from IBM. The software creates a platform that connects an organization internally and externally, allowing employees, customers and suppliers to access internal data through the platform. A cross-site scripting vulnerability exists in...
IBM Jazz Team Server Cross-Site Scripting Vulnerability
IBM Jazz Team Server is a suite of project management tools for use in IBM Rational Jazz Team Collaboration Platform from IBM in the United States. A cross-site scripting vulnerability exists in IBM Jazz Team Server that stems from the program's failure to adequately filter user-submitted input...
IBM WebSphere Portal Cross-Site Scripting Vulnerability (CNVD-2015-04461)
IBM WebSphere Portal is a suite of enterprise portal software from IBM. The software creates a platform that connects the internal and external parts of an organization, allowing employees, customers and suppliers to access internal data through the platform. A cross-site scripting vulnerability...
WordPress Salem Theme Cross-Site Scripting Vulnerability
WordPress is a blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. WordPress Salem Theme suffers from a cross-site scripting vulnerability due to the program failing to adequately filter user-supplied input. An attacker is allowed ...
IBM Business Process Manager Cross-Site Scripting Vulnerability (CNVD-2015-04371)
IBM Business Process Manager BPM is a comprehensive set of business process management platform from IBM in the United States. The platform provides a range of tools related to process modeling, assembly, monitoring and deployment for business. A cross-site scripting vulnerability exists in IBM B...
WordPress Ultimate Member 'class.p.php' plugin cross-site scripting vulnerability
WordPress is a blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the WordPress Ultimate Member 'class.p.php' plugin due to the program failing to adequately filter user-supplied inpu...
NetFlow Analyzer vulnerable to cross-site scripting
Overview NetFlow Analyzer provided by Zoho Corporation contains a cross-site scripting vulnerability. Tomoshige Hasegawa, Akihito Mukai reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An arbitrary script may...
JVN#07538357: EasyCTF vulnerable to cross-site scripting
EasyCTF is a server side CGI used to score CTF Capture The Flag. EasyCTF contains a cross-site scripting vulnerability CWE-79 that can be leveraged by an attacker created account. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the late...
Drupal Open Legislation module cross-site scripting vulnerability
Drupal is a free, open source content management system developed in PHP and maintained by the Drupal community.Open Legislation is one of the open database modules. A cross-site scripting vulnerability exists in the Drupal Open Legislation module, which stems from the program's failure to...
Softwebs Nepal Fast Chat 'loginprg.asp' Cross-Site Scripting Vulnerability
Softwebs Nepal Fast Chat is a chat software package developed by Softwebs Nepal team. A cross-site scripting vulnerability exists in Softwebs Nepal Fast Chat, which arises from the program's failure to adequately filter user-submitted input. When a user browses the affected site, their browser wi...
Cross-site scripting vulnerability in Drupal Webform module
Drupal is a developmental CMF Content Management Framework written in the PHP language. A cross-site scripting vulnerability exists in the Drupal Webform module. Because the program fails to properly filter user-supplied text, an attacker can exploit the vulnerability to execute arbitrary script...