DirectAdmin 1.28/1.29 - 'CMD_TICKET_CREATE' Cross-Site Scripting

source: https://www.securityfocus.com/bid/21049/info DirectAdmin is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in th...

DirectAdmin 1.281.29 - CMD_EMAIL_VACATION_MODIFY Cross-Site Scripting

DirectAdmin 1.281.29 - CMDEMAILVACATIONMODIFY Cross-Site Scripting source: https://www.securityfocus.com/bid/21049/info DirectAdmin is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute...

DirectAdmin 1.28/1.29 - 'CMD_TICKET' Cross-Site Scripting

source: https://www.securityfocus.com/bid/21049/info DirectAdmin is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in th...

DirectAdmin 1.28/1.29 - 'CMD_EMAIL_LIST' Cross-Site Scripting

source: https://www.securityfocus.com/bid/21049/info DirectAdmin is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in th...

LandShop 0.6.3 - ls.php Multiple Cross-Site Scripting Vulnerabilities

LandShop 0.6.3 - ls.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/20989/info LandShop is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied input data. Exploiting these issues could allow an...

LandShop 0.6.3 - 'ls.php' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/20989/info LandShop is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied input data. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, access or modif...

LandShop 0.6.3 - 'ls.php' Multiple SQL Injections

source: https://www.securityfocus.com/bid/20989/info LandShop is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied input data. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, access or modif...

Kayako SupportSuite 3.0.32 - index.php Cross-Site Scripting

Kayako SupportSuite 3.0.32 - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/20954/info Kayako SupportSuite is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to have...

AIOCP 1.3.x - cp_forum_view.php Cross-Site Scripting

AIOCP 1.3.x - cpforumview.php Cross-Site Scripting source: https://www.securityfocus.com/bid/20931/info All In One Control Panel AIOCP is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied input data. Exploiting these issues could allow an...

AIOCP 1.3.x - 'cp_show_page_help.php' Full Path Disclosure

source: https://www.securityfocus.com/bid/20931/info All In One Control Panel AIOCP is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied input data. Exploiting these issues could allow an attacker to steal cookie-based authentication...

AIOCP 1.3.x - 'cp_users_online.php' SQL Injection

source: https://www.securityfocus.com/bid/20931/info All In One Control Panel AIOCP is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied input data. Exploiting these issues could allow an attacker to steal cookie-based authentication...

AIOCP 1.3.x - 'cp_dpage.php' SQL Injection

source: https://www.securityfocus.com/bid/20931/info All In One Control Panel AIOCP is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied input data. Exploiting these issues could allow an attacker to steal cookie-based authentication...

AIOCP 1.3.x - cp_forum_view.php SQL Injection

AIOCP 1.3.x - cpforumview.php SQL Injection source: https://www.securityfocus.com/bid/20931/info All In One Control Panel AIOCP is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied input data. Exploiting these issues could allow an attacker...

AIOCP 1.3.x - 'cp_codice_fiscale.php' SQL Injection

source: https://www.securityfocus.com/bid/20931/info All In One Control Panel AIOCP is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied input data. Exploiting these issues could allow an attacker to steal cookie-based authentication...

AIOCP 1.3.x - 'cp_news.php' SQL Injection

source: https://www.securityfocus.com/bid/20931/info All In One Control Panel AIOCP is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied input data. Exploiting these issues could allow an attacker to steal cookie-based authentication...

AIOCP 1.3.x - cp_users_online.php SQL Injection

AIOCP 1.3.x - cpusersonline.php SQL Injection source: https://www.securityfocus.com/bid/20931/info All In One Control Panel AIOCP is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied input data. Exploiting these issues could allow an attack...

AIOCP 1.3.x - cp_show_ec_products.php Full Path Disclosure

AIOCP 1.3.x - cpshowecproducts.php Full Path Disclosure source: https://www.securityfocus.com/bid/20931/info All In One Control Panel AIOCP is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied input data. Exploiting these issues could allow...

AIOCP 1.3.x - 'cp_show_ec_products.php' SQL Injection

source: https://www.securityfocus.com/bid/20931/info All In One Control Panel AIOCP is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied input data. Exploiting these issues could allow an attacker to steal cookie-based authentication...

AIOCP 1.3.x - 'cp_show_ec_products.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/20931/info All In One Control Panel AIOCP is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied input data. Exploiting these issues could allow an attacker to steal cookie-based authentication...

AIOCP 1.3.x - cp_show_ec_products.php SQL Injection

AIOCP 1.3.x - cpshowecproducts.php SQL Injection source: https://www.securityfocus.com/bid/20931/info All In One Control Panel AIOCP is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied input data. Exploiting these issues could allow an...