GetSimple CMS /admin/filebrowser.php Multiple Parameter XSS

GetSimple CMS /admin/filebrowser.php Multiple Parameter XSS. CVE-2013-1420. Webapps exploit for php platform source: http://www.securityfocus.com/bid/59600/info GetSimple CMS is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. A...

WordPress Theme Colormix - Multiple Vulnerabilities

source: https://www.securityfocus.com/bid/59371/info The Colormix theme for WordPress is prone to multiple security vulnerabilities, including: 1. A cross-site scripting vulnerability 2. A path-disclosure vulnerability 3. Multiple content-spoofing vulnerabilities An attacker may leverage these...

Microsoft InfoPath HTML Sanitisation Component XSS Vulnerability (2821818)

This host is missing an important security update according to Microsoft Bulletin MS13-035. OpenVAS Vulnerability Test $Id: secpodofficeinfopathms13-035.nasl 5339 2017-02-18 16:28:22Z cfi $ Microsoft InfoPath HTML Sanitisation Component XSS Vulnerability 2821818 Authors: Antu Sanadi Copyright:...

WordPress Plugin Traffic Analyzer - 'aoid' Cross-Site Scripting

source: https://www.securityfocus.com/bid/58948/info The Traffic Analyzer plugin for WordPress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

WordPress Plugin Traffic Analyzer - aoid Cross-Site Scripting

WordPress Plugin Traffic Analyzer - aoid Cross-Site Scripting source: https://www.securityfocus.com/bid/58948/info The Traffic Analyzer plugin for WordPress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this...

C2 WebResource - File Cross-Site Scripting

C2 WebResource - File Cross-Site Scripting source: https://www.securityfocus.com/bid/58838/info C2 WebResource is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...

C2 WebResource - 'File' Cross-Site Scripting

source: https://www.securityfocus.com/bid/58838/info C2 WebResource is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the contex...

WordPress Plugin Feedweb - 'wp_post_id' Cross-Site Scripting

source: https://www.securityfocus.com/bid/58771/info Feedweb plugin for WordPress is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting...

WordPress Plugin Feedweb - wp_post_id Cross-Site Scripting

WordPress Plugin Feedweb - wppostid Cross-Site Scripting source: https://www.securityfocus.com/bid/58771/info Feedweb plugin for WordPress is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute...

jPlayer - 'Jplayer.swf' Script Cross-Site Scripting

source: https://www.securityfocus.com/bid/59030/info jPlayer is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of...

Cross site scripting

Cross-site scripting XSS vulnerability in the Manager Change for Organic Groups ogmanagerchange module 7.x-2.x before 7.x-2.1 for Drupal might allow remote attackers to inject arbitrary web script or HTML via the username in the new manager autocomplete field...

OrionDB Web Directory - Multiple Cross-Site Scripting Vulnerabilities

OrionDB Web Directory - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/58720/info OrionDB Web Directory is prone to multiple cross-site scripting vulnerabilities because it fails to sanitize user-supplied input. An attacker may leverage these issues to...

Atmail WebMail - searchResultsTab5?filter Reflected Cross-Site Scripting

Atmail WebMail - searchResultsTab5?filter Reflected Cross-Site Scripting source: https://www.securityfocus.com/bid/65408/info Atmail is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execut...

Jaow CMS - 'add_ons' Cross-Site Scripting

source: https://www.securityfocus.com/bid/58658/info Jaow CMS is prone to a cross-site scripting vulnerability. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal...

Jaow CMS - add_ons Cross-Site Scripting

Jaow CMS - addons Cross-Site Scripting source: https://www.securityfocus.com/bid/58658/info Jaow CMS is prone to a cross-site scripting vulnerability. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site...

Petite Annonce - Cross-Site Scripting

Petite Annonce - Cross-Site Scripting source: https://www.securityfocus.com/bid/58508/info Petite Annonce is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

Cisco Video Surveillance Operations Manager - Multiple Vulnerabilities

source: https://www.securityfocus.com/bid/58476/info Cisco Video Surveillance Operations Manager is prone to multiple security vulnerabilities, including: 1. Multiple local file-include vulnerabilities 2. A security-bypass vulnerability 3. Multiple cross-site scripting vulnerabilities An attacker...

WordPress Plugin podPress - playerID Cross-Site Scripting

WordPress Plugin podPress - playerID Cross-Site Scripting source: https://www.securityfocus.com/bid/58421/info The podPress plugin for WordPress is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to...

TinyMCE 3.5.8 Cross Site Scripting

Vulnerability Report Author: Justin C. Klein Keane Date: 5 March, 2013 CVE-2012-4230 Description of Vulnerability: ----------------------------- "TinyMCE in itself can not be insecure" http://www.tinymce.com/wiki.php/Security "TinyMCE is a platform independent web based Javascript HTML WYSIWYG...

Asteriskguru Queue Statistics - warning Cross-Site Scripting

Asteriskguru Queue Statistics - warning Cross-Site Scripting source: https://www.securityfocus.com/bid/58418/info Asteriskguru Queue Statistics is prone to an cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute...