phpMyAdmin 2.11.1 - setup.php Cross-Site Scripting

phpMyAdmin 2.11.1 - setup.php Cross-Site Scripting source: https://www.securityfocus.com/bid/26020/info phpMyAdmin is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in th...

NetWin DNews - 'Dnewsweb.exe' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/25981/info DNews is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting use...

phpMyAdmin 2.11.1 - 'setup.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/26020/info phpMyAdmin is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of...

DRBGuestbook 1.1.13 - index.php Cross-Site Scripting

DRBGuestbook 1.1.13 - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/25911/info DRBGuestbook is prone to a cross-site scripting vulnerability because the application fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in JSPWiki 2.4.103 and 2.5.139-beta allow remote attackers to inject arbitrary web script or HTML via the 1 group and 2 members parameters in a NewGroup.jsp; the 3 edittime parameter in b Edit.jsp; the 4 edittime, 5 author, and 6 link parameters i...

SimpGB 1.46.2 - admin?l_username Cross-Site Scripting

SimpGB 1.46.2 - admin?lusername Cross-Site Scripting source: https://www.securityfocus.com/bid/25808/info SimpGB is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied input. An attacker may leverage these issues to execute...

SimpNews 2.41.3 - backurl Cross-Site Scripting

SimpNews 2.41.3 - backurl Cross-Site Scripting source: https://www.securityfocus.com/bid/25809/info SimpNews is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied input. An attacker may leverage these issues to execute...

SimpNews 2.41.3 - l_username Cross-Site Scripting

SimpNews 2.41.3 - lusername Cross-Site Scripting source: https://www.securityfocus.com/bid/25809/info SimpNews is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied input. An attacker may leverage these issues to execute...

WordPress 2.0 - wp-register.php Multiple Cross-Site Scripting Vulnerabilities

WordPress 2.0 - wp-register.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/25769/info WordPress is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues t...

WebBatch - webbatch.exe Cross-Site Scripting

WebBatch - webbatch.exe Cross-Site Scripting source: https://www.securityfocus.com/bid/25744/info WebBatch is prone to a cross-site scripting vulnerability and an information-disclosure vulnerability because it fails to adequately sanitize user-supplied input. An attacker may leverage the...

CVE-2007-4913

ipskernel/classupload.php in Invision Power Board IPB or IP.Board 2.3.1 up to 20070912 allows remote attackers to upload arbitrary script files with crafted image filenames to uploads/, where they are saved with a .txt extension and are not executable. NOTE: there are limited usage scenarios unde...

Design/Logic Flaw

ipskernel/classupload.php in Invision Power Board IPB or IP.Board 2.3.1 up to 20070912 allows remote attackers to upload arbitrary script files with crafted image filenames to uploads/, where they are saved with a .txt extension and are not executable. NOTE: there are limited usage scenarios unde...

CVE-2007-4913

ipskernel/classupload.php in Invision Power Board IPB or IP.Board 2.3.1 up to 20070912 allows remote attackers to upload arbitrary script files with crafted image filenames to uploads/, where they are saved with a .txt extension and are not executable. NOTE: there are limited usage scenarios unde...

PHP-Stats 0.1.9.2 - Tracking.php Cross-Site Scripting

PHP-Stats 0.1.9.2 - Tracking.php Cross-Site Scripting source: https://www.securityfocus.com/bid/25674/info Php-Stats is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary...

BOINC 5.10.20 - 'forum_forum.php?id' Cross-Site Scripting

source: https://www.securityfocus.com/bid/25644/info BOINC Berkeley Open Infrastructure for Network Computing is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage these issues to execute arbitrary...

Toms Gastebuch 1.001.01 - header.php Multiple Cross-Site Scripting Vulnerabilities

Toms Gastebuch 1.001.01 - header.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/25598/info Toms Gastebuch is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage thes...

JVN#82276964 Tuigwaa cross-site scripting vulnerability

Tuigwaa from the Tuigwaa Project is open source software to develop web applications. Tuigwaa contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Apply the latest update provided by the developer. For mo...

AutoIndex PHP Script 2.2.2 - PHP_SELF index.php Cross-Site Scripting

AutoIndex PHP Script 2.2.2 - PHPSELF index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/26411/info AutoIndex PHP Script is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to...

Arcadem 2.01 Remote SQL Injection / RFI Vulnerabilties

Exploit for unknown platform in category web applications ====================================================== Arcadem 2.01 Remote SQL Injection / RFI Vulnerabilties ====================================================== Arcadem Remote File Inclusion Flaw / SQL Injection Software: Arcadem 2.01...

m-phorum 0.3 - 'index.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/25394/info m-phorum is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...