7613 matches found
VP-ASP Shopping Cart 6.50 ShopContent.ASP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/24033/info VP-ASP Shopping Cart is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code...
Caloris Planitia Technologies School Management System 1.0 Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/17257/info Caloris Planitia Technologies School Management System is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker m...
Hudson 1.223 'q' Parameter Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/30184/info Hudson is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browse...
Sphider 1.3.4 - 'query' Parameter Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/29074/info Sphider is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the brows...
ImageVue 1.7 - dir2.php path Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/28138/info Imagevue is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code ...
Mozilla Multiple Products Server Refresh Header XSS
No description provided by source. source: http://www.securityfocus.com/bid/34656/info The Mozilla Foundation has released multiple security advisories specifying various vulnerabilities in Firefox, Thunderbird, and SeaMonkey. Attackers can exploit these issues to bypass same-origin restrictions,...
MIVA Merchant 5 Merchant.MVC Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/14828/info MIVA Merchant 5 is prone to a cross-site scripting vulnerability.This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary...
Invision Power Board 3.0 Multiple HTML-Injection and Information Disclosure Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/34725/info Invision Power Board is prone to an information-disclosure issue and multiple HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to...
Jax PHP Scripts 1.0/1.34/2.14/3.31 petitionbook Script User IP Disclosure
No description provided by source. source: http://www.securityfocus.com/bid/14482/info Jax PHP Scripts are affected by multiple cross-site scripting vulnerabilities. These issues are due to a failure in the applications to properly sanitize user-supplied input. An attacker may leverage any of the...
Linksys Wireless-G ADSL Gateway WAG54GS 1.0.6 Setup.CGI Cross-Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/24682/info Linksys Wireless-G ADSL Gateway is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. Attackers may exploit this issue by enticing...
BBSXP 2008 'ShowPost.asp' Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/38542/info BBSXP is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...
Zikula Application Framework 1.2.2 index.php func Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/39717/info Zikula Application Framework is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code i...
Web Kyukincho vulnerable to cross-site scripting
Overview Web Kyukincho provided by Intercom, Inc. is a software that digitizes and distributes a pay statement and others. Web Kyukincho contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed in the user's web browser. Solution Update the Software Update to the...
SpamTitan contains a reflected cross-site scripting (XSS) vulnerability
Overview SpamTitan contains a reflected cross-site scripting XSS vulnerability. Description CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting'SpamTitan contains a reflected cross-site scripting vulnerability in the auth-settings-x.php page of the management...
Usermin vulnerable to cross-site scripting
Overview Usermin is a web-based interface used to manage webmail. Usermin contains a cross-site scripting vulnerability. Keigo Yamazaki of LAC Co., Ltd reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An...
SOY CMS vulnerable to cross-site scripting
Overview SOY CMS contains a cross-site scripting vulnerability. SOY CMS provided by Nippon Institute of Agroinformatics Ltd. is an open source content management system CMS. SOY CMS contains a cross-site scripting vulnerability. Ken Asai reported this vulnerability to IPA. JPCERT/CC coordinated...
CVE-2014-0218
Cross-site scripting XSS vulnerability in the URL downloader repository in repository/url/lib.php in Moodle through 2.3.11, 2.4.x before 2.4.10, 2.5.x before 2.5.6, and 2.6.x before 2.6.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
ownCloud Multiple Cross-Site Scripting & Directory Traversal Vulnerabilities
ownCloud is prone to session fixation vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:owncloud:owncloud"; if...
PrestaShop - getSimilarManufacturer.php?id_manufacturer SQL Injection
PrestaShop - getSimilarManufacturer.php?idmanufacturer SQL Injection source: https://www.securityfocus.com/bid/67249/info PrestaShop is prone to an SQL-injection vulnerability and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may...
CVE-2014-3135
Multiple cross-site scripting XSS vulnerabilities in vBulletin 5.1.1 Alpha 9 allow remote attackers to inject arbitrary web script or HTML via 1 the PATHINFO to privatemessage/new/, 2 the folderid parameter to a private message in privatemessage/view, 3 a fragment indicator to /help, or 4 the vie...