Cross site scripting

Cross-site scripting XSS vulnerability in includes/templates/templatedefault/templates/tplgvsenddefault.php in Zen Cart before 1.5 allows remote attackers to inject arbitrary web script or HTML via the message parameter in a gvsend action to index.php, a different vulnerability than CVE-2011-4547...

Manx 1.0.1 - adminadmin_blocks.php?Filename Traversal Arbitrary File Access

Manx 1.0.1 - adminadminblocks.php?Filename Traversal Arbitrary File Access source: https://www.securityfocus.com/bid/50839/info Manx is prone to multiple cross-site scripting and directory-traversal vulnerabilities because it fails to sufficiently sanitize user-supplied input. Exploiting these...

WordPress Plugin Skysa App Bar - 'idnews' Cross-Site Scripting

source: https://www.securityfocus.com/bid/50824/info Skysa App Bar Plugin for WordPress is prone to a cross-site-scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspectin...

Manx 1.0.1 - '/admin/admin_blocks.php?Filename' Traversal Arbitrary File Access

source: https://www.securityfocus.com/bid/50839/info Manx is prone to multiple cross-site scripting and directory-traversal vulnerabilities because it fails to sufficiently sanitize user-supplied input. Exploiting these issues will allow an attacker to execute arbitrary script code in the browser...

HP Network Node Manager (NMM) i 9.10 - nnmprotectedconfigurationpoll.jsp?nodename Cross-Site Scripting

HP Network Node Manager NMM i 9.10 - nnmprotectedconfigurationpoll.jsp?nodename Cross-Site Scripting source: https://www.securityfocus.com/bid/50806/info HP Network Node Manager i is prone to multiple unspecified cross-site scripting vulnerabilities because it fails to properly sanitize...

HP Network Node Manager (NMM) i 9.10 - nnmprotectedstatuspoll.jsp?nodename Cross-Site Scripting

HP Network Node Manager NMM i 9.10 - nnmprotectedstatuspoll.jsp?nodename Cross-Site Scripting source: https://www.securityfocus.com/bid/50806/info HP Network Node Manager i is prone to multiple unspecified cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied...

PrestaShop 1.4.4.1 - adminajaxfilemanagerajax_save_text.php Multiple Cross-Site Scripting Vulnerabilities

PrestaShop 1.4.4.1 - adminajaxfilemanagerajaxsavetext.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/50784/info PrestaShop is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker...

WordPress Plugin Featurific For WordPress 1.6.2 - snum Cross-Site Scripting

WordPress Plugin Featurific For WordPress 1.6.2 - snum Cross-Site Scripting source: https://www.securityfocus.com/bid/50779/info Featurific For WordPress plugin for WordPress is prone to a cross-site-scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker ma...

Zen Cart CMS 1.3.9h - Multiple Cross-Site Scripting Vulnerabilities

Zen Cart CMS 1.3.9h - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/50787/info Zen Cart is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content. A...

PrestaShop 1.4.4.1 - '/modules/mondialrelay/googlemap.php' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/50784/info PrestaShop is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...

WordPress Plugin Featurific For WordPress 1.6.2 - 'snum' Cross-Site Scripting

source: https://www.securityfocus.com/bid/50779/info Featurific For WordPress plugin for WordPress is prone to a cross-site-scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

PrestaShop 1.4.4.1 mondialrelay (kit_mondialrelay) - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/50784/info PrestaShop is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...

WordPress Plugin Adminimize 1.7.21 - page Cross-Site Scripting

WordPress Plugin Adminimize 1.7.21 - page Cross-Site Scripting source: https://www.securityfocus.com/bid/50745/info Adminimize plugin for WordPress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to...

WordPress Plugin Lanoba Social 1.0 - action Cross-Site Scripting

WordPress Plugin Lanoba Social 1.0 - action Cross-Site Scripting source: https://www.securityfocus.com/bid/50746/info Lanoba Social Plugin for WordPress is prone to a cross-site-scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue ...

WordPress Plugin Adminimize 1.7.21 - 'page' Cross-Site Scripting

source: https://www.securityfocus.com/bid/50745/info Adminimize plugin for WordPress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting...

WordPress Plugin Flexible Custom Post Type - id Cross-Site Scripting

WordPress Plugin Flexible Custom Post Type - id Cross-Site Scripting source: https://www.securityfocus.com/bid/50719/info Flexible Custom Post Type plugin for WordPress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may...

WordPress Plugin Flexible Custom Post Type - 'id' Cross-Site Scripting

source: https://www.securityfocus.com/bid/50719/info Flexible Custom Post Type plugin for WordPress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

Joomla! Component com_alfcontact 1.9.3 - Multiple Cross-Site Scripting Vulnerabilities

Joomla! Component comalfcontact 1.9.3 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/50637/info Joomla! 'comalfcontact' extension is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An...

AShop - Open Redirection Cross-Site Scripting

AShop - Open Redirection Cross-Site Scripting source: https://www.securityfocus.com/bid/50616/info AShop is prone to multiple open-redirection issues and multiple cross-site scripting issues because it fails to sufficiently sanitize user-supplied input. Attackers can exploit these issues to execu...

Iwate Portal Bar vulnerable to arbitrary script execution

Overview Iwate Portal Bar is vulnerable to arbitrary script execution. Iwate Portal Bar is an add-on to Internet Explorer that adds a toolbar and provides multiple functions. The RSS/Atom feed reader function in Iwate Portal Bar is vulnerable to arbitrary script execution due to the improper...