ProArcadeScript 'search.php' Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/39749/info ProArcadeScript is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of...

TextfileBB 1.0 - Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/17029/info The 'textfileBB' application is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage an...

Advanced Guestbook 2.4.2 Picture.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/23873/info Advanced Guestbook is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code i...

ACS Blog 0.8/0.9/1.0/1.1 Search.ASP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/12836/info ACS Blog is reportedly affected by a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have...

QwikiWiki 1.4 Index.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/16874/info QwikiWiki is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary scri...

Alumni 1.0.8/1.0.9 - info.php id Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/29019/info Project Alumni is prone to a cross-site scripting vulnerability and an SQL-injection vulnerability because the application fails to sufficiently sanitize user-supplied input. Exploiting these issues could allow...

Blog System 1.x Multiple Input Validation Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/39406/info Blog System is prone to multiple input-validation vulnerabilities because it fails to adequately sanitize user-supplied input. These vulnerabilities include local file-include, SQL-injection, and...

Snipe Gallery 3.1.4 image.php image_id Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/15844/info Snipe Gallery is prone to multiple input-validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. Successful exploitation of these vulnerabiliti...

Acme thttpd 1.9/2.0.x CGI Test Script Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9474/info thttpd is prone to a cross-site scripting vulnerability in the CGI test script. This could permit a remote attacker to create a malicious link to the web server that includes hostile HTML and script code. If thi...

FlatNuke 2.5.6 USR Parameter Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/14704/info FlatNuke is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary scrip...

OSCommerce 2.1/2.2 Error_Message Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7151/info It has been reported that osCommerce does not sufficiently filter URI parameters supplied to multiple osCommerce scripts. As a result of this deficiency, it is possible for a remote attacker to create a maliciou...

Eagle Software Aeries Student Information System 3.7.2.2/3.8.2.8 ClassList.asp Term Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/27924/info Aeries Student Information System is prone to multiple input-validation vulnerabilities, including multiple SQL-injection issues and an HTML-injection issue, because it fails to sufficiently sanitize...

EsContacts 1.0 - login.php msg Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/28825/info EsContacts is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. Attackers may leverage these issues to execute arbitrary script code in the browse...

MMGallery 1.55 Thumbs.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/21281/info The mmgallery script is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code execute in the...

Eagle Software Aeries Student Information System 3.7.2.2/3.8.2.8 GradebookStuScores.asp GrdBk Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/27924/info Aeries Student Information System is prone to multiple input-validation vulnerabilities, including multiple SQL-injection issues and an HTML-injection issue, because it fails to sufficiently sanitize...

IBM Websphere Edge Server 3.6/4.0 Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6000/info A vulnerability has been discoverered in the Caching Proxy component bundled with the IBM Websphere Edge Server. It has been reported that the Caching Proxy is vulnerable to cross site scripting attacks. Due to...

Claroline <= 1.8.3 $_SERVER['PHP_SELF'] Parameter Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/24742/info Claroline is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the brows...

PHD Help Desk 1.43 caso_insert.php URL Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/37029/info PHD Help Desk is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied data. Attacker-supplied HTML or JavaScript code could run in the...

ARISg 5.0 'wflogin.jsp' Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/38441/info ARISg is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

Tiny Portal 1.0 - 'shouts' Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/28630/info Tiny Portal is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...