Gastebuch 1.3.2 - Cross-Site Scripting

Gastebuch 1.3.2 - Cross-Site Scripting source: https://www.securityfocus.com/bid/16615/info Gastebuch is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before including it in dynamically generated HTML...

CVE-2006-0518

Cross-site scripting XSS vulnerability in index.php3 in SPIP 1.8.2-e and earlier and 1.9 Alpha 2 5539 and earlier allows remote attackers to inject arbitrary web script or HTML via the lang parameter...

CyberShop Ultimate E-Commerce - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/16473/info CyberShop Ultimate E-commerce is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issue to have arbitrary scrip...

SPIP 1.81.9 - index.php3 Cross-Site Scripting

SPIP 1.81.9 - index.php3 Cross-Site Scripting source: https://www.securityfocus.com/bid/16461/info SPIP is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitra...

Ashwebstudio Ashnews 0.83 - Cross-Site Scripting

Ashwebstudio Ashnews 0.83 - Cross-Site Scripting source: https://www.securityfocus.com/bid/16426/info Ashnews is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have...

CheesyBlog-1.0.txt

New eVuln Advisory: CheesyBlog XSS Vulnerability http://evuln.com/vulns/49/summary.html --------------------Summary---------------- Software: CheesyBlog Sowtware's Web Site: http://cheesepizza.net/ Versions: 1.0 Critical Level: Harmless Type: Cross-Site Scripting Class: Remote Status: Unpatched...

[Full-disclosure] RockLiffe MailSite wconsole.dll Denial of Service/Script Injection Vulnerability

OS2A RockLiffe MailSite wconsole.dll Denial of Service/Script Injection Vulnerability OS2A ID: OS2A1004 Status 01/06/2006 Issue Discovered 01/06/2006 Reported to the vendor 01/19/2006 Patch Released 01/20/2006 Advisory Released Class: Denial of Service / Script Injection Severity: CRITICAL...

[eVuln] aoblogger Multiple Vulnerabilities

New eVuln Advisory: aoblogger Multiple Vulnerabilities http://evuln.com/vulns/37/summary/bt/ --------------------Summary---------------- Software: aoblogger Sowtware's Web Site: http://mikeheltonisawesome.com/ Versions: 2.3 Critical Level: Moderate Type: Multiple Vulnerabilities Class: Remote...

PowerPortal 1.11.3 - search.php Cross-Site Scripting

PowerPortal 1.11.3 - search.php Cross-Site Scripting source: https://www.securityfocus.com/bid/16279/info PowerPortal is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage...

GTP iCommerce - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/16255/info GTP iCommerce is prone to multiple cross-site scripting vulnerabilities. An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitat...

Ubuntu 4.10 / 5.04 : mozilla vulnerabilities (USN-155-1)

Secunia.com reported that one of the recent security patches in Firefox reintroduced the frame injection patch that was originally known as CAN-2004-0718. This allowed a malicious website to spoof the contents of other websites. CAN-2005-1937 It was discovered that a malicious website could injec...

Web Host Automation Ltd. Helm 3.2.8 - 'ForgotPassword.asp' Cross-Site Scripting

source: https://www.securityfocus.com/bid/16234/info Helm is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of an...

[eVuln] Foxrum BBCode XSS Vulnerabilty

New eVuln Advisory: Foxrum BBCode XSS Vulnerabilty --------------------Summary---------------- Software: Foxrum Sowtware's Web Site: http://www.foxrum.fr.st/ Versions: 4.0.4f Critical Level: Harmless Type: Cross-Site Scripting Class: Remote Status: Unpatched Exploit: Available Solution: Available...

EV0014.txt

New eVuln Advisory: TinyPHPForum Multiple Vulnerabilities --------------------Summary---------------- Software: TinyPHPForum Sowtware's Web Site: http://www.ralpharama.co.uk/tpf/ Versions: 3.6 and earlier Critical Level: Moderate Type: Multiple Vulnerabilities Class: Remote Status: Unpatched...

[eVuln] TinyPHPForum Multiple Vulnerabilities

New eVuln Advisory: TinyPHPForum Multiple Vulnerabilities --------------------Summary---------------- Software: TinyPHPForum Sowtware's Web Site: http://www.ralpharama.co.uk/tpf/ Versions: 3.6 and earlier Critical Level: Moderate Type: Multiple Vulnerabilities Class: Remote Status: Unpatched...

phpDocumentor 1.2/1.3 - Forum Lib Variable Cross-Site Scripting

source: https://www.securityfocus.com/bid/16101/info phpDocumentor is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browse...

Kayako SupportSuite 3.0 0.26 - Multiple Cross-Site Scripting Vulnerabilities

Kayako SupportSuite 3.0 0.26 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/16094/info Kayako SupportSuite is prone to multiple cross-site scripting vulnerabilities. An attacker may leverage these issues to have arbitrary script code executed in the...

FatWire UpdateEngine 6.2 - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/16073/info FatWire UpdateEngine is prone to multiple cross-site scripting vulnerabilities. An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may...

httprint 202.0 - HTTP Response Server Field Arbitrary Script Injection

source: https://www.securityfocus.com/bid/16031/info httprint is prone to multiple remote vulnerabilities. The first issue may allow remote attackers to execute arbitrary HTML and script code in a user's browser. The second issue may allow remote attackers to crash an instance of the application...

Commercial Interactive Media SCOOP! 2.3 - articleZone.asp?Invalid Cross-Site Scripting

Commercial Interactive Media SCOOP! 2.3 - articleZone.asp?Invalid Cross-Site Scripting source: https://www.securityfocus.com/bid/16015/info Commercial Interactive Media SCOOP! is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to proper...