JVN#33861625: Iwate Portal Bar vulnerable to arbitrary script execution

Iwate Portal Bar is an add-on to Internet Explorer that adds a toolbar and provides multiple functions. The RSS/Atom feed reader function in Iwate Portal Bar is vulnerable to arbitrary script execution due to the improper processing during HTML page output based on feed information. Impact An...

ChaSen -- buffer overflow

JVN iPedia reports: ChaSen provided by Nara Institute of Science and Technology is a software for morphologically analyzing Japanese. ChaSen contains an issue when reading in strings, which may lead to a buffer overflow. An arbitrary script may be executed by an attacker with access to a system...

XAMPP 1.7.7 - 'PHP_SELF' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/50564/info XAMPP is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...

WebObjects vulnerable to cross-site scripting

Overview WebObjects provided by Apple, contains a cross-site scripting vulnerability. WebObjects provided by Apple is a web application server. WebObjects contains a cross-site scripting vulnerability. Daiki Fukumori of Cyber Defense Institute, Inc. reported this vulnerability to IPA. JPCERT/CC...

WordPress Theme Bonus 1.0 - s Cross-Site Scripting

WordPress Theme Bonus 1.0 - s Cross-Site Scripting source: https://www.securityfocus.com/bid/50527/info The Bonus theme for WordPress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrar...

WordPress Theme Bonus 1.0 - 's' Cross-Site Scripting

source: https://www.securityfocus.com/bid/50527/info The Bonus theme for WordPress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting use...

S9Y Serendipity 1.5.5 - 'serendipity[filter][bp.ALT]' Cross-Site Scripting

source: https://www.securityfocus.com/bid/50502/info Serendipity is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the contex...

CmyDocument - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/50512/info CmyDocument is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in...

vBulletin 4.1.7 - Multiple Remote File Inclusions

source: https://www.securityfocus.com/bid/50455/info vBulletin is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these vulnerabilities to obtain potentially sensitive information or to execute arbitrary scri...

XAMPP 1.7.4 - Cross-Site Scripting

source: https://www.securityfocus.com/bid/50381/info XAMPP is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...

vTiger CRM 5.2.1 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities (2)

source: https://www.securityfocus.com/bid/50364/info vtiger CRM is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...

InverseFlow 2.4 - Multiple Cross-Site Scripting Vulnerabilities

InverseFlow 2.4 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/50344/info InverseFlow is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied data. An attacker could exploit these...

Tine 2.0 - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/50307/info Tine is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied data. An attacker could exploit these vulnerabilities to execute arbitrary script code in the context of the...

Mozilla Products Same Origin Policy Bypass Vulnerability (MAC OS X)

The host is installed with Mozilla firefox/thunderbird/seamonkey and is prone to same origin policy bypass vulnerability. OpenVAS Vulnerability Test $Id: gbmozillaprdtssecbypassvulnmacosx.nasl 7024 2017-08-30 11:51:43Z teissa $ Mozilla Products Same Origin Policy Bypass Vulnerability MAC OS X...

POSH Local File Include and Cross Site Scripting Vulnerabilities

POSH is prone to a local file-include vulnerability and a cross-site scripting vulnerability because it fails to properly sanitize user- supplied input. An attacker can exploit the local file-include vulnerability using directory-traversal strings to view and execute local files within the contex...

WordPress Plugin Pretty Link 1.4.56 - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/50096/info The Pretty Link plugin for WordPress is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of a...

BugFree 2.1.3 - Multiple Cross-Site Scripting Vulnerabilities

BugFree 2.1.3 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/50083/info BugFree is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied data. An attacker could exploit these...

BugFree 2.1.3 - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/50083/info BugFree is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied data. An attacker could exploit these vulnerabilities to execute arbitrary script code in the context of the...

2Moons 1.4 - Multiple Remote File Inclusions

2Moons 1.4 - Multiple Remote File Inclusions source: https://www.securityfocus.com/bid/50046/info 2Moons is prone to multiple remote file-include vulnerabilities because the application fails to sufficiently sanitize user-supplied input. Exploiting these issues may allow a remote attacker to obta...

Microsoft Forefront Unified Access Gateway (CVE-2011-1897) Cross-Site Scripting Vulnerability

Description Microsoft Forefront Unified Access Gateway is prone to a cross-site scripting vulnerability because Web Monitor fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of...