7613 matches found
URLStreet 1.0 - 'seeurl.php' Multiple Cross-Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/28650/info URLStreet is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code...
I-Gallery Folder Argument Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/14002/info i-Gallery is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input to the 'folder' parameter of 'folderview.asp'. An attacker...
BoutikOne CMS 'search_query' Parameter Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/32321/info BoutikOne CMS is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser o...
OpenBiblio 0.x staff_del_confirm.php Multiple Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/27053/info OpenBiblio is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied data. The issues include SQL-injection, cross-site scripting, HTML-injection, and local...
Spread The Word Multiple Cross-Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/13733/info Spread The Word is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to...
Venalsur Booking Centre 2.01 Multiple Cross-Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/32530/info Venalsur Booking Centre is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script cod...
webMathematica 3 'MSP' Script Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/37451/info webMathematica is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of ...
MediaWiki 1.3.x Remote Arbitrary Script Upload Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/11985/info MediaWiki is reported prone to a vulnerability that can allow a remote attacker to upload arbitrary PHP scripts to a vulnerable server. This issue results from insufficient sanitization of user-supplied input. ...
JSBoard 2.0.x Remote Arbitrary Script Upload Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/11983/info JSBoard is reported prone to a vulnerability that can allow a remote attacker to upload arbitrary PHP scripts to a vulnerable server. This issue results from insufficient sanitization of user-supplied input. If...
DevTracker Module For bcoos 1.1.11 and E-xoops 1.0.8 Multiple Cross-Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/27619/info DevTracker module for bcoos and E-xoops is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute...
ViewGit 0.0.6 - Multiple XSS Vulnerabilities
No description provided by source. Vulnerability Report Author: Matthew R. Bucci [email protected] Date: 18 March, 2013 CVE-2013-2294 Description of Vulnerability: ----------------------------- ViewGit is a git web repository viewer that aims to be easy to set up and upgrade, light on...
Built2go News Manager 1.0 Blog rating.php nid Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/22783/info Built2Go News Manager Blog is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script...
MilliScripts 'dir.php' Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/27078/info MilliScripts is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...
jira 4.4.3, greenhopper < 5.9.8 - Multiple Vulnerabilities
No description provided by source. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 CVE-2012-1500, Stored XSS in JIRA v4.4.3663-r165197, GreenHopper Resolved in Version 5.9.8, Proof of Concept External References: CVE-2112-1500 CVE-2112-1500 XSS.Cx Blog GHS-5642 Reported to Vendor on Mar 7, 2012,...
phpFaber CMS 1.3.36 'module.php' Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/37329/info phpFaber CMS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...
CuteNews 1.4.5 show_news.php Query String XSS
No description provided by source. source: http://www.securityfocus.com/bid/21233/info CuteNews is prone to multiple input-validation vulnerabilities, including an HTML-injection vulnerability, cross-site scripting vulnerabilities, and information-disclosure vulnerabilities. An attacker could...
TFTgallery 0.13 'sample' Parameter Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/36898/info TFTgallery is prone to a cross-site scripting vulnerability because the application fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in th...
Microsoft Windows Media Player 7.0 .WMS Arbitrary Script Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/1976/info Windows Media Player is an application used for digital audio, and video content viewing. It is possible for a user running Windows Media Player 7 to enable a skin .wms file and unknowingly execute an embedded...
Active Calendar 1.2 data/y_3.php css Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/22705/info Active Calendar is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the...
EsContacts 1.0 - search.php msg Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/28825/info EsContacts is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. Attackers may leverage these issues to execute arbitrary script code in the browse...