Internet Explorer vulnerable in handling MHTML protocol

Overview Internet Explorer is vulnerable in handling MHTML MIME Encapsulation of Aggregate HTML protocol, which allows the download dialog box to be bypassed. Some versions of Outlook Express are affected because the vulnerability is contained in Outlook Express component used by Internet Explore...

sHTTPd cross-site scripting vulnerability

Overview sHTTPd, from Uchu Ninja Neko-dan, contains a cross-site scripting vulnerability. sHTTPd from Uchu Ninja Neko-dan is a web server for Windows. sHTTPd contains a cross-site scripting vunerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the...

MouseoverDictionary vulnerable to arbitrary script execution

Overview MouseoverDictionary, an add-on for Mozilla Firefox, contains a vulnerability that allows an attacker to execute an arbitrary script. MouseoverDictionary, an add-on mouseover English-Japanese dictionary for Mozilla Firefox, contains a vulnerability that allows an attacker to execute an...

Sleipnir and Grani Bookmark Search vulnerable to arbitrary script execution

Overview Sleipnir and Grani, web browsers from Fenrir & Co., contain a vulnerability in the bookmark search function that allows an attacker to execute an arbitrary script. Sleipnir and Grani, web browsers from Fenrir & Co., have a bookmark search function. When a user runs the search function, t...

Google Web Toolkit vulnerable to cross-site scripting

Overview Google Web Toolkit GWT is vulnerable to cross-site scripting. Google Web Toolkit GWT is an open source software development framework that allows web developers to create Ajax applications in Java. The benchmark reporting system in GWT is vulnerable to cross-site scripting. Impact An...

Chama Cargo cross-site scripting vulnerability

Overview Chama Cargo, a cgi program written in perl for creating shopping websites, contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution None...

Starsgames Control Panel 4.6.2 - index.php Cross-Site Scripting

Starsgames Control Panel 4.6.2 - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/29295/info Starsgames Control Panel is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in admin/inc/header.php in Maian Greeting 2.1 allow remote attackers to inject arbitrary web script or HTML via the 1 msgscript and 2 msgscript2 parameters...

PicsEngine 1.0 - index.php Cross-Site Scripting

PicsEngine 1.0 - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/29214/info PicsEngine is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...

Cross site scripting

Cross-site scripting XSS vulnerability in index.php in Chilek Content Management System aka ChiCoMaS 2.0.4 allows remote attackers to inject arbitrary web script or HTML via the q parameter...

CVE-2008-2179

Cross-site scripting XSS vulnerability in SystemList.jsp in SysAid 5.1.08 allows remote attackers to inject arbitrary web script or HTML via the searchField parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

Cisco BBSM Captive Portal 5.3 - 'AccesCodeStart.asp' Cross-Site Scripting Vulnerability

Cisco BBSM Captive Portal 5.3 'AccesCodeStart.asp' Cross-Site Scripting Vulnerability. CVE-2008-2165. Webapps exploit for asp platform source: http://www.securityfocus.com/bid/29191/info Cisco BBSM Building Broadband Service Manager is prone to a cross-site scripting vulnerability because the...

Cross site scripting

The WHM interface 11.15.0 for cPanel 11.18 before 11.18.4 and 11.22 before 11.22.3 allows remote attackers to bypass XSS protection and inject arbitrary script or HTML via repeated, improperly-ordered "" characters in the 1 issue parameter to scripts2/knowlegebase, 2 user parameter to...

CVE-2008-2070

The WHM interface 11.15.0 for cPanel 11.18 before 11.18.4 and 11.22 before 11.22.3 allows remote attackers to bypass XSS protection and inject arbitrary script or HTML via repeated, improperly-ordered "" characters in the 1 issue parameter to scripts2/knowlegebase, 2 user parameter to...

cPanel 11.x - '/scripts2/changeip?user' Cross-Site Scripting

source: https://www.securityfocus.com/bid/29125/info cPanel is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting us...

cPanel 11.x - scripts2changeip?user Cross-Site Scripting

cPanel 11.x - scripts2changeip?user Cross-Site Scripting source: https://www.securityfocus.com/bid/29125/info cPanel is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute...

SonicWALL Email Security 6.1.1 - Error Page Cross-Site Scripting

source: https://www.securityfocus.com/bid/29107/info SonicWALL Email Security is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input when displaying URI address data in an error page. An attacker may leverage this issue to execute...

SAP Internet Transaction Server 6200.1017.50954.0 Bu (WGate) - 'wgate.dll?~service' Cross-Site Scripting

source: https://www.securityfocus.com/bid/29103/info SAP Internet Transaction Server is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the...

SonicWALL Email Security 6.1.1 - Error Page Cross-Site Scripting

SonicWALL Email Security 6.1.1 - Error Page Cross-Site Scripting source: https://www.securityfocus.com/bid/29107/info SonicWALL Email Security is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input when displaying URI address data i...

Sphider 1.3.4 - query Cross-Site Scripting

Sphider 1.3.4 - query Cross-Site Scripting source: https://www.securityfocus.com/bid/29074/info Sphider is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in...