Acme thttpd 1.9/2.0.x CGI Test Script Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9474/info thttpd is prone to a cross-site scripting vulnerability in the CGI test script. This could permit a remote attacker to create a malicious link to the web server that includes hostile HTML and script code. If thi...

FlatNuke 2.5.6 USR Parameter Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/14704/info FlatNuke is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary scrip...

OSCommerce 2.1/2.2 Error_Message Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7151/info It has been reported that osCommerce does not sufficiently filter URI parameters supplied to multiple osCommerce scripts. As a result of this deficiency, it is possible for a remote attacker to create a maliciou...

Eagle Software Aeries Student Information System 3.7.2.2/3.8.2.8 ClassList.asp Term Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/27924/info Aeries Student Information System is prone to multiple input-validation vulnerabilities, including multiple SQL-injection issues and an HTML-injection issue, because it fails to sufficiently sanitize...

EsContacts 1.0 - login.php msg Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/28825/info EsContacts is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. Attackers may leverage these issues to execute arbitrary script code in the browse...

MMGallery 1.55 Thumbs.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/21281/info The mmgallery script is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code execute in the...

Eagle Software Aeries Student Information System 3.7.2.2/3.8.2.8 GradebookStuScores.asp GrdBk Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/27924/info Aeries Student Information System is prone to multiple input-validation vulnerabilities, including multiple SQL-injection issues and an HTML-injection issue, because it fails to sufficiently sanitize...

Claroline <= 1.8.3 $_SERVER['PHP_SELF'] Parameter Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/24742/info Claroline is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the brows...

PHD Help Desk 1.43 caso_insert.php URL Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/37029/info PHD Help Desk is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied data. Attacker-supplied HTML or JavaScript code could run in the...

ARISg 5.0 'wflogin.jsp' Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/38441/info ARISg is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

Tiny Portal 1.0 - 'shouts' Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/28630/info Tiny Portal is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

Mantis 0.x/1.0 View_filters_page.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/15842/info Mantis is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script...

Ultimate PHP Board 1.8/1.9 - Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/13971/info Ultimate PHP Board is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these...

NPDS 4.8 /5.0 Modules.php Lettre Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/13803/info NPDS is affected by multiple vulnerabilities resulting from input validation errors. These issues may allow remote attackers to carry out HTML injection, cross-site scripting and SQL injection attacks. This may...

ExpressionEngine 1.6 Avtaar Name HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/34193/info ExpressionEngine is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and...

Php-Stats 0.1.9 .2 WhoIs.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/25275/info Php-Stats is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...

PHP iCalendar 1.1/2.x rss/index.php getdate Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/21792/info PHP icalendar is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script cod...

MyBB 1.0.1/1.0.2 Notepad UserCP.PHP HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/16361/info MyBB is prone to an HTML-injection vulnerability. This issue is due to a lack of proper sanitization of user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script co...

JShop E-Commerce Suite 1.2 Product.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/12403/info JShop E-Commerce Suite is affected by a cross-site scripting vulnerability in the 'product.php' script. As a result of this vulnerability, it is possible for a remote attacker to create a malicious link...

PHPFreeNews 1.x Multiple Cross Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/14439/info PHPFreeNews is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issue to have...