7613 matches found
mysource 2.14.8/2.16 - Multiple Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/20153/info MySource products are prone to multiple input-validation vulnerabilities. Exploiting these issues will allow an attacker to manipulate the application into becoming an HTTP proxy and to conduct cross-site...
MySource 2.14 upgrade_in_progress_backend.php target_url Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/15132/info MySource is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have...
A+ PHP Scripts News Management System 0.3 Multiple Input Validation Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/29912/info A+ PHP Scripts News Management System is prone to multiple input-validation vulnerabilities, including a remote file-include issue, multiple local file-include issues, and a cross-site scripting issue. An...
Dreamcost HostAdmin 3.1 'index.php' Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/31538/info Dreamcost HostAdmin is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute arbitrary script code in t...
AderSoftware CFBB 1.1 Index.CFM Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/14440/info CFBB is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script co...
Drupal 4.0 News Message HTML Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/5801/info Problems with Drupal could allow an attacker to execute arbitrary script code in a vulnerable client. Drupal fails to sufficiently filter potentially malicious HTML code from news posts. As a result, when a user...
EveryAuction 1.53 Auction.PL Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/15824/info EveryAuction is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to run arbitrary script code in the browser of an...
PHP <= 5.2.11 'htmlspecialcharacters()' Malformed Multibyte Character Cross Site Scripting Vulnerability (1)
No description provided by source. source: http://www.securityfocus.com/bid/37389/info PHP is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...
PortWise SSL VPN 4.6 'reloadFrame' Parameter Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/38308/info PortWise SSL VPN is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser o...
Elastic Path 4.1 - manager/getImportFileRedirect.jsp file Parameter Traversal Arbitrary File Access
No description provided by source. source: http://www.securityfocus.com/bid/28352/info Elastic Path is prone to multiple input-validation vulnerabilities because it fails to properly sanitize user-supplied input. These issues include: - A local file-include vulnerability. - An arbitrary file-uplo...
Joomla MS Comment Component 0.8.0b Security Bypass and Cross-Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/38250/info The MS Comment component for Joomla! is prone to a security-bypass vulnerability because it fails to properly sanitize user-supplied input. The component is also prone to a security-bypass vulnerability because...
WordPress <= 2.5.1 'press-this.php' Multiple Cross-Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/30238/info WordPress is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the brows...
MyBulletinBoard 1.x UserCP.PHP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/19193/info MyBulletinBoard is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code execute in the brows...
BookReview 1.0 add_classification.htm isbn Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/13783/info BookReview is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have...
Opial AV Download Management 1.0 Index.PHP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/20174/info Opial Audio/Visual Download Management is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to have arbitrary...
Grayscale BandSite CMS 1.1 links_content.php the_band Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/20137/info Grayscale BandSite CMS is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied input data. These issues may allow an attacker to access sensitive informatio...
XAMPP Phonebook.PHP Multiple Remote HTML Injection Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/13127/info XAMPP is prone to multiple remote HTML-injection vulnerabilities because the software fails to properly sanitize user-supplied input before including it in dynamically generated web content. An attacker may...
phpSQLiteCMS 1 RC2 - cms/includes/header.inc.php Multiple Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/29338/info phpSQLiteCMS is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the...
PHP <= 5.3.1 'session_save_path()' 'safe_mode' Restriction-Bypass Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/38182/info PHP is prone to a 'safemode' restriction-bypass vulnerability. Successful exploits could allow an attacker to write session files in arbitrary directions. This vulnerability would be an issue in shared-hosting...
QwikiWiki 1.4/1.5 pageindex.php help Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/17064/info QwikiWiki is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have...