Invision Power Services Invision Board 2.0.4 - Members Action Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/17144/info Invision Power Board is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code...

CVE-2006-1222

Multiple cross-site scripting XSS vulnerabilities in zeroboard 4.1 pl7 allows allow remote attackers to inject arbitrary web script or HTML via the 1 memo box title, 2 user email, and 3 homepage fields...

vCard 2.9 - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/18122/info vCard is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in the...

Cross site scripting

Cross-site scripting XSS vulnerability in Gallery 2 up to 2.0.2 allows remote attackers to inject arbitrary web script or HTML via the X-Forwarded-For XFORWARDEDFOR HTTP header, which is not properly handled when adding a comment to an album...

MyBloggie 2.1.22.1.3 - delcomment.php Cross-Site Scripting

MyBloggie 2.1.22.1.3 - delcomment.php Cross-Site Scripting source: https://www.securityfocus.com/bid/17048/info MyBloggie is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may...

DCP-Portal 3.74.x5.x6.x - inbox.php Multiple Cross-Site Scripting Vulnerabilities

DCP-Portal 3.74.x5.x6.x - inbox.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/17050/info DCP Portal is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied inpu...

TextFileBB 1.0 - Multiple Cross-Site Scripting Vulnerabilities

TextFileBB 1.0 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/17029/info The 'textfileBB' application is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input...

DVGuestbook 1.01.2.2 - dv_gbook.php?f Cross-Site Scripting

DVGuestbook 1.01.2.2 - dvgbook.php?f Cross-Site Scripting source: https://www.securityfocus.com/bid/16968/info DVGuestbook is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may...

RunCMS 1.x - 'Bigshow.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/16970/info RunCMS is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before including it in dynamically generated HTML content. An attacker may leverage this issue t...

DVGuestbook 1.0/1.2.2 - 'dv_gbook.php?f' Cross-Site Scripting

source: https://www.securityfocus.com/bid/16968/info DVGuestbook is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code executed i...

Qto File Manager 1.0 - index.php Cross-Site Scripting

Qto File Manager 1.0 - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/18510/info Qto file manager is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this...

HitHost 1.0 - viewuser.php?hits Cross-Site Scripting

HitHost 1.0 - viewuser.php?hits Cross-Site Scripting source: https://www.securityfocus.com/bid/17025/info HitHost is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage thes...

HitHost 1.0 - 'viewuser.php?hits' Cross-Site Scripting

source: https://www.securityfocus.com/bid/17025/info HitHost is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code executed in th...

CutePHP CuteNews 1.4.1 - index.php Cross-Site Scripting

CutePHP CuteNews 1.4.1 - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/16961/info CuteNews is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before including it in dynamically...

VBZooM Forum 1.11 - 'comment.php?UserID' Cross-Site Scripting

source: https://www.securityfocus.com/bid/16956/info VBZooM Forum is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues to have arbitrary script code...

QwikiWiki 1.4 - index.php Cross-Site Scripting

QwikiWiki 1.4 - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/16874/info QwikiWiki is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have...

myPHPNuke 1.8.8 - 'download.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/16815/info MyPHPNuke is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code executed in...

EV0080.txt

New eVuln Advisory: M. Blom HTML::BBCode perl module XSS Vulnerabilities http://evuln.com/vulns/80/summary.html --------------------Summary---------------- eVuln ID: EV0080 Software: M. Blom HTML::BBCode Sowtware's Web Site: http://menno.b10m.net/perl/ Versions: 1.04 1.03 and earlier Critical...

WordPress < 2.0.1 Arbitrary Script Injection

Binary data 3435.prm...

CVE-2006-0658

Vulnerability family: incomplete blacklist in FCKeditor. Affected: FCKeditor 2.0/2.2 as used in RunCMS and related products. Issue: remote attackers can upload and execute arbitrary script files by using extensions not listed in Config[DeniedExtensions][File] (e.g., .php.txt) due to inadequate ex...