Comdev eCommerce 3.0 - 'config.php' Remote File Inclusion

source: https://www.securityfocus.com/bid/14478/info Comdev eCommerce is prone to a remote file include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary server-side script code on an...

Jax PHP Scripts 1.01.342.143.31 - jax_newsletter.php?language Cross-Site Scripting

Jax PHP Scripts 1.01.342.143.31 - jaxnewsletter.php?language Cross-Site Scripting source: https://www.securityfocus.com/bid/14481/info Jax PHP Scripts are affected by multiple cross-site scripting vulnerabilities. These issues are due to a failure in the applications to properly sanitize...

Jax PHP Scripts 1.0/1.34/2.14/3.31 - 'sign_in.php?language' Cross-Site Scripting

source: https://www.securityfocus.com/bid/14481/info Jax PHP Scripts are affected by multiple cross-site scripting vulnerabilities. These issues are due to a failure in the applications to properly sanitize user-supplied input. An attacker may leverage any of these issues to have arbitrary script...

Jax PHP Scripts 1.01.342.143.31 - jax_calendar.php Multiple Cross-Site Scripting Vulnerabilities

Jax PHP Scripts 1.01.342.143.31 - jaxcalendar.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/14481/info Jax PHP Scripts are affected by multiple cross-site scripting vulnerabilities. These issues are due to a failure in the applications to properly...

Jax PHP Scripts 1.01.342.143.31 - sign_in.php?language Cross-Site Scripting

Jax PHP Scripts 1.01.342.143.31 - signin.php?language Cross-Site Scripting source: https://www.securityfocus.com/bid/14481/info Jax PHP Scripts are affected by multiple cross-site scripting vulnerabilities. These issues are due to a failure in the applications to properly sanitize user-supplied...

Fusebox 4.1 - index.cfm Cross-Site Scripting

Fusebox 4.1 - index.cfm Cross-Site Scripting source: https://www.securityfocus.com/bid/14460/info Fusebox is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have...

Web Content Management - 'list.php?strTable' Cross-Site Scripting

source: https://www.securityfocus.com/bid/14464/info Web content management is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues to have arbitrary scri...

Easypx41 - Multiple Cross-Site Scripting Vulnerabilities

Easypx41 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/14416/info Easypx41 is prone to cross-site scripting vulnerabilities. An attacker may leverage these issue to have arbitrary script code executed in the browser of an unsuspecting user in the contex...

Easypx41 - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/14416/info Easypx41 is prone to cross-site scripting vulnerabilities. An attacker may leverage these issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. These may facilitate the theft of...

@Mail 4.04.13 - Multiple Cross-Site Scripting Vulnerabilities

@Mail 4.04.13 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/14408/info @Mail is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may levera...

USN-155-1: Mozilla vulnerabilities

Secunia.com reported that one of the recent security patches in Firefox reintroduced the frame injection patch that was originally known as CAN-2004-0718. This allowed a malicious web site to spoof the contents of other web sites. CAN-2005-1937 It was discovered that a malicious website could...

Clever Copy 2.0 - results.php Cross-Site Scripting

Clever Copy 2.0 - results.php Cross-Site Scripting source: https://www.securityfocus.com/bid/14395/info Clever Copy is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage an...

BMForum 3.0 - 'topic.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/14396/info BMForum is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues to have arbitrary script code execute...

SPI Dynamics WebInspect 5.0.196 - Cross Application Script Injection

SPI Dynamics WebInspect 5.0.196 - Cross Application Script Injection source: https://www.securityfocus.com/bid/14385/info WebInspect is vulnerable to a cross-application script injection vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied data prior...

SPI Dynamics WebInspect 5.0.196 - Cross Application Script Injection

source: https://www.securityfocus.com/bid/14385/info WebInspect is vulnerable to a cross-application script injection vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied data prior to including it in content rendered in an Internet Explorer COM...

Asn Guestbook 1.5 - 'footer.php?version' Cross-Site Scripting

source: https://www.securityfocus.com/bid/14356/info Asn Guestbook is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues to have arbitrary script code...

Pyrox Search 1.0.5 - Newsearch.php Whatdoreplace Cross-Site Scripting

Pyrox Search 1.0.5 - Newsearch.php Whatdoreplace Cross-Site Scripting source: https://www.securityfocus.com/bid/14343/info A cross-site scripting vulnerability affects Pyrox Search. This issue is due to a failure of the application to properly sanitize user-supplied URI input that will be output ...

JVN#60776919 tDiary cross-site request forgery vulnerability

Impact If a user loads a malicious web page, an attacker could alter or delete the diary text or alter tDiary configurations. In addition, a remote attacker could execute an arbitrary script or command on the web server running tDiary with privileges of the tDiary user. Solution Products Affected...

CVE-2004-2279

Cross-site scripting XSS vulnerability in Invision Power Board 1.3 Final allows remote attackers to execute arbitrary script as other users via the pop parameter in a chat action to index.php...

CVE-2004-2261

CVE-2004-2261 is an XSS vulnerability in the e107 content management system. The issue allows remote attackers to inject arbitrary script or HTML via the login name/author field in the News Submit or Article Submit functions. The connected sources confirm the vulnerability details but do not prov...