OneWorldStore - 'OWContactUs.asp' Cross-Site Scripting

source: https://www.securityfocus.com/bid/13184/info OneWorldStore is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browse...

All4WWW-HomePageCreator 1.0 - index.php Remote File Inclusion

All4WWW-HomePageCreator 1.0 - index.php Remote File Inclusion source: https://www.securityfocus.com/bid/13169/info All4WWW-Homepagecreator is affected by an arbitrary remote file include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input befo...

OneWorldStore - OWListProduct.asp Cross-Site Scripting

OneWorldStore - OWListProduct.asp Cross-Site Scripting source: https://www.securityfocus.com/bid/13185/info OneWorldStore is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this iss...

SPHPBlog 0.4 - 'search.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/13170/info sphpBlog is affected by a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser ...

Pinnacle Cart - 'index.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/13138/info Pinnacle Cart is affected by a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting use...

Comersus Cart 4.0/5.0 - 'Comersus_Search_Item.asp' Cross-Site Scripting

source: https://www.securityfocus.com/bid/13125/info Comersus Cart is affected by a cross-site scripting vulnerability. This issue is due to a failure in the application to properly validate user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the...

CVE-2005-1027

Multiple cross-site scripting XSS vulnerabilities in PHP-Nuke 6.x through 7.6 allow remote attackers to inject arbitrary web script or HTML via the 1 username parameter in the YourAccount module, 2 avatarcategory parameter in the YourAccount module, or 3 lid parameter in the Downloads module...

PostNuke Phoenix 0.760 RC3 - 'OP' Cross-Site Scripting

source: https://www.securityfocus.com/bid/13075/info A remote cross-site scripting vulnerability affects PostNuke. This issue is due to a failure of the application to properly sanitize user-supplied input prior to including it in dynamically generated Web content. An attacker may leverage this...

PHP-Nuke 7.6 Web_Links Module - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/13025/info PHP-Nuke is reportedly affected by multiple cross-site scripting vulnerabilities in the WebLinks Module. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to hav...

Ocean12 Membership Manager Pro - Cross-Site Scripting

source: https://www.securityfocus.com/bid/13046/info Ocean12 Membership Manager Pro is reportedly affected by a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary...

UApplication Ublog 1.0.x - Cross-Site Scripting

source: https://www.securityfocus.com/bid/12931/info Ublog is affected by a cross-site scripting vulnerability. An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentia...

CPG Dragonfly 9.0.2.0 - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/12930/info CPG Dragonfly is prone to multiple cross-site scripting vulnerabilities in various modules. An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of...

CPG Dragonfly 9.0.2.0 - Multiple Cross-Site Scripting Vulnerabilities

CPG Dragonfly 9.0.2.0 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/12930/info CPG Dragonfly is prone to multiple cross-site scripting vulnerabilities in various modules. An attacker may leverage these issues to have arbitrary script code executed in th...

Nuke BookMarks 0.6 - Multiple Cross-Site Scripting Vulnerabilities

Nuke BookMarks 0.6 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/12907/info Nuke Bookmarks is prone to multiple cross-site scripting vulnerabilities. An attacker may leverage this issue to have arbitrary script code executed in the browser of an...

Nuke BookMarks 0.6 - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/12907/info Nuke Bookmarks is prone to multiple cross-site scripting vulnerabilities. An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based...

ESMI PayPal StoreFront 1.7 - Cross-Site Scripting

source: https://www.securityfocus.com/bid/12904/info ESMI PayPal Storefrom is affected by a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in...

Dream4 Koobi CMS 4.2.3 - index.php Cross-Site Scripting

Dream4 Koobi CMS 4.2.3 - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/12895/info Koobi CMS is reportedly affected by a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may levera...

PHPSysInfo 2.0/2.3 - 'system_footer.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/12887/info phpSysInfo is reportedly affected by multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script co...

Interspire ArticleLive 2005 - NewComment Cross-Site Scripting

source: https://www.securityfocus.com/bid/12879/info Interspire ArticleLive 2005 is reportedly affected by a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script...

PHPSysInfo 2.02.3 - sensor_program Cross-Site Scripting

PHPSysInfo 2.02.3 - sensorprogram Cross-Site Scripting source: https://www.securityfocus.com/bid/12887/info phpSysInfo is reportedly affected by multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacke...