Lucene search
K

7613 matches found

seebug.org
seebug.org
added 2014/07/01 12:0 a.m.28 views

VP-ASP Shopping Cart 6.50 ShopContent.ASP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/24033/info VP-ASP Shopping Cart is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.13 views

Caloris Planitia Technologies School Management System 1.0 Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/17257/info Caloris Planitia Technologies School Management System is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker m...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.14 views

Hudson 1.223 'q' Parameter Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/30184/info Hudson is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browse...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.18 views

Sphider 1.3.4 - 'query' Parameter Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/29074/info Sphider is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the brows...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.25 views

ImageVue 1.7 - dir2.php path Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/28138/info Imagevue is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code ...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.15 views

Mozilla Multiple Products Server Refresh Header XSS

No description provided by source. source: http://www.securityfocus.com/bid/34656/info The Mozilla Foundation has released multiple security advisories specifying various vulnerabilities in Firefox, Thunderbird, and SeaMonkey. Attackers can exploit these issues to bypass same-origin restrictions,...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.15 views

MIVA Merchant 5 Merchant.MVC Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/14828/info MIVA Merchant 5 is prone to a cross-site scripting vulnerability.This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.18 views

Invision Power Board 3.0 Multiple HTML-Injection and Information Disclosure Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/34725/info Invision Power Board is prone to an information-disclosure issue and multiple HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.13 views

Jax PHP Scripts 1.0/1.34/2.14/3.31 petitionbook Script User IP Disclosure

No description provided by source. source: http://www.securityfocus.com/bid/14482/info Jax PHP Scripts are affected by multiple cross-site scripting vulnerabilities. These issues are due to a failure in the applications to properly sanitize user-supplied input. An attacker may leverage any of the...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.19 views

Linksys Wireless-G ADSL Gateway WAG54GS 1.0.6 Setup.CGI Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/24682/info Linksys Wireless-G ADSL Gateway is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. Attackers may exploit this issue by enticing...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.13 views

BBSXP 2008 'ShowPost.asp' Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/38542/info BBSXP is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.19 views

Zikula Application Framework 1.2.2 index.php func Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/39717/info Zikula Application Framework is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code i...

7.1AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2014/06/25 5:53 a.m.5 views

Web Kyukincho vulnerable to cross-site scripting

Overview Web Kyukincho provided by Intercom, Inc. is a software that digitizes and distributes a pay statement and others. Web Kyukincho contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed in the user's web browser. Solution Update the Software Update to the...

4.3CVSS6.1AI score0.01148EPSS
Exploits0References5
CERT
CERT
added 2014/06/23 12:0 a.m.40 views

SpamTitan contains a reflected cross-site scripting (XSS) vulnerability

Overview SpamTitan contains a reflected cross-site scripting XSS vulnerability. Description CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting'SpamTitan contains a reflected cross-site scripting vulnerability in the auth-settings-x.php page of the management...

4.3CVSS6AI score0.02499EPSS
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2014/06/20 4:56 a.m.2 views

Usermin vulnerable to cross-site scripting

Overview Usermin is a web-based interface used to manage webmail. Usermin contains a cross-site scripting vulnerability. Keigo Yamazaki of LAC Co., Ltd reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An...

4.3CVSS6AI score0.01351EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2014/06/04 5:32 a.m.2 views

SOY CMS vulnerable to cross-site scripting

Overview SOY CMS contains a cross-site scripting vulnerability. SOY CMS provided by Nippon Institute of Agroinformatics Ltd. is an open source content management system CMS. SOY CMS contains a cross-site scripting vulnerability. Ken Asai reported this vulnerability to IPA. JPCERT/CC coordinated...

4.3CVSS6AI score0.00931EPSS
Exploits0References5
NVD
NVD
added 2014/05/27 12:55 a.m.17 views

CVE-2014-0218

Cross-site scripting XSS vulnerability in the URL downloader repository in repository/url/lib.php in Moodle through 2.3.11, 2.4.x before 2.4.10, 2.5.x before 2.5.6, and 2.6.x before 2.6.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS5.5AI score0.01832EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2014/05/06 12:0 a.m.19 views

ownCloud Multiple Cross-Site Scripting & Directory Traversal Vulnerabilities

ownCloud is prone to session fixation vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:owncloud:owncloud"; if...

4CVSS6.3AI score0.0204EPSS
Exploits0References6
exploitpack
exploitpack
added 2014/05/05 12:0 a.m.23 views

PrestaShop - getSimilarManufacturer.php?id_manufacturer SQL Injection

PrestaShop - getSimilarManufacturer.php?idmanufacturer SQL Injection source: https://www.securityfocus.com/bid/67249/info PrestaShop is prone to an SQL-injection vulnerability and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may...

0.1AI score
Exploits0
Cvelist
Cvelist
added 2014/04/30 2:0 p.m.19 views

CVE-2014-3135

Multiple cross-site scripting XSS vulnerabilities in vBulletin 5.1.1 Alpha 9 allow remote attackers to inject arbitrary web script or HTML via 1 the PATHINFO to privatemessage/new/, 2 the folderid parameter to a private message in privatemessage/view, 3 a fragment indicator to /help, or 4 the vie...

5.8AI score0.01932EPSS
Exploits0References3
Rows per page
Query Builder