7610 matches found
EveryAuction 1.53 - Auction.pl Cross-Site Scripting
source: https://www.securityfocus.com/bid/15824/info EveryAuction is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to run arbitrary script code in the browser of an unsuspecting user in the context of t...
PHP JackKnife 2.21 - Cross-Site Scripting
source: www.securityfocus.com/bid/15841/info PHP JackKnife is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of an...
EveryAuction 1.53 - Auction.pl Cross-Site Scripting
EveryAuction 1.53 - Auction.pl Cross-Site Scripting source: https://www.securityfocus.com/bid/15824/info EveryAuction is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to run arbitrary script code in the...
Magic Book Professional 2.0 - Book.cfm Cross-Site Scripting
Magic Book Professional 2.0 - Book.cfm Cross-Site Scripting source: https://www.securityfocus.com/bid/15805/info Magic Book Professional is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may...
CF_Nuke 4.6 - 'index.cfm' Cross-Site Scripting
source: https://www.securityfocus.com/bid/15778/info CFNuke is prone to multiple cross-site scripting vulnerabilities. These are due to a lack of proper sanitization of user-supplied input. An attacker may leverage these issues to have arbitrary script code executed in the browser of an...
CVE-2005-4061
Cross-site scripting XSS vulnerability in PASearch.asp in XcPhotoAlbum 1.x allows remote attackers to inject arbitrary web script or HTML via the search parameters...
Thwboard Beta 2.8 - 'misc.php?userid' SQL Injection
source: https://www.securityfocus.com/bid/15763/info ThWboard is prone to multiple input validation vulnerabilities. The application is vulnerable to HTML injection, cross-site scripting, and SQL injection; these issues are due to a lack of proper sanitization of user-supplied input. A remote...
IISWorks ASPKnowledgeBase 2.0 - KB.asp Cross-Site Scripting
IISWorks ASPKnowledgeBase 2.0 - KB.asp Cross-Site Scripting source: https://www.securityfocus.com/bid/15734/info ASPKnowledgeBase is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage...
DuWare DuPortalPro 3.4.3 - Password.asp Cross-Site Scripting
DuWare DuPortalPro 3.4.3 - Password.asp Cross-Site Scripting source: https://www.securityfocus.com/bid/15731/info DuPortalPro is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this...
Easy Search System 1.1 - 'search.cgi' Cross-Site Scripting
source: https://www.securityfocus.com/bid/15705/info Easy Search System is prone to a cross-site scripting vulnerability. An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the...
SiteBeater News 4.0 - Archive.asp Cross-Site Scripting
SiteBeater News 4.0 - Archive.asp Cross-Site Scripting source: https://www.securityfocus.com/bid/15697/info SiteBeater News is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this...
ASPS Shopping Cart Lite 2.1Professional 2.9 d - bsearch.asp?b_search Cross-Site Scripting
ASPS Shopping Cart Lite 2.1Professional 2.9 d - bsearch.asp?bsearch Cross-Site Scripting source: https://www.securityfocus.com/bid/15694/info ASPS Shopping Cart is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize...
phpMyChat0146.txt
phpMyChat Multiple XSS vulnerabilities. I. BACKGROUND phpMyChat is an easy-to-install, easy-to-use multi-room chat based on PHP and a database, supporting MySQL, PostgreSQL, and ODBC. II. DESCRIPTION phpMyChat 0.14.6 startpage.css.php, style.css.php, userspopupL.php are prone to Cross-site...
Java Search Engine 0.9.34 - search.jsp Cross-Site Scripting
source: https://www.securityfocus.com/bid/15687/info Java Search Engine is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the...
PHPMyChat 0.14.6 - 'style.css.php?medium' Cross-Site Scripting
source: https://www.securityfocus.com/bid/15679/info phpMyChat is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting...
PHPMyChat 0.14.6 - start_page.css.php?medium Cross-Site Scripting
PHPMyChat 0.14.6 - startpage.css.php?medium Cross-Site Scripting source: https://www.securityfocus.com/bid/15679/info phpMyChat is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues t...
CVE-2005-3544
Cross-site scripting XSS vulnerability in u2u.php in XMB 1.9.3 allows remote attackers to inject arbitrary web script or HTML via the username parameter...
CVE-2003-1278
Cross-site scripting vulnerability XSS in OpenTopic 2.3.1 allows remote attackers to execute arbitrary script as other users and possibly steal authentication information via cookies by injecting arbitrary HTML or script into IMG tags...
CVE-2003-1277
CVE-2003-1277 describes cross-site scripting (XSS) in YaBB 1.5.0. The vulnerability allows remote attackers to execute arbitrary scripts as other users and potentially steal authentication information via cookies by injecting HTML/script into (1) news_icon of news_template.php and (2) threadid an...
CVE-2003-1277
Cross-site scripting XSS vulnerabilities in Yet Another Bulletin Board YaBB 1.5.0 allow remote attackers to execute arbitrary script as other users and possibly steal authentication information via cookies by injecting arbitrary HTML or script into 1 newsicon of newstemplate.php, and 2 threadid a...