Phorum 5.2 versioncheck.php upgrade_available Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/34551/info Phorum is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied input. An attacker can exploit these issues to steal cookie-based...

AzDGDatingLite 2.1.1 view.php id Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/10084/info Multiple cross-site scripting vulnerabilities have been reported in AzDGDatingLite. These issues may be exploited by enticing a victim user to visit a malicious link that includes hostile HTML and script code...

LinksCaffe 3.0 links.php newdays Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/19149/info LinksCaffe is prone to multiple input-validation vulnerabilities. The issues include cross-site scripting and SQL-injection vulnerabilities. These issues are due to a failure in the application to properly...

Jinzora 2.7.5 slim.php Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/27876/info Jinzora is prone to multiple HTML-injection and cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary...

efiction 1.0/1.1/2.0 titles.php let Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/15568/info eFiction is prone to SQL injection, remote file upload, and cross site scripting vulnerabilities. These vulnerabilities may allow an attacker to view and modify sensitive information, gain unauthorized access,...

Simplog 0.9.3 ImageList.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/17653/info Simplog is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script...

WebEvent <= 4.03 Webevent.CGI Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/25148/info WebEvent is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...

Indexu 5.0/5.3 user_detail.php u Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/22084/info Indexu is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in the...

Ultimate Bulletin Board 5.4/6.0/6.2 Cross-Agent Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3829/info UBB Ultimate Bulletin Board is commercial web forums/community software that is written in Perl. It runs on various Unix/Linux variants, as well as Microsoft Windows NT/2000. UBB is prone to cross-agent scriptin...

Owl Intranet Engine 0.95 'register.php' Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/30410/info Owl Intranet Engine is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browse...

McGallery 1.0/1.1/2.2 show.php Multiple Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/15845/info mcGallery PRO is prone to multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. Successful exploitation of these vulnerabiliti...

Grayscale BandSite CMS 1.1 shows_content.php the_band Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/20137/info Grayscale BandSite CMS is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied input data. These issues may allow an attacker to access sensitive informatio...

The Rat CMS viewarticle.php id Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/29959/info The Rat CMS is prone to multiple input-validation vulnerabilities, including SQL-injection issues and cross-site scripting issues, because it fails to sufficiently sanitize user-supplied data. Exploiting these...

MetaCart2 IntCatalogID Parameter Remote SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13382/info A remote SQL-injection vulnerability affects MetaCart2 because the application fails to properly sanitize user-supplied input before including it in SQL queries. An attacker may exploit this issue to manipulate...

InstantASP 4.1 Logon.aspx SessionID Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/22052/info InstantForum.NET is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied input. An attacker can exploit these issues to steal cookie-based...

Snitz Forums 2000 3.0/3.1/3.3 Image Tag Cross-Agent Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/4192/info Snitz Forums 2000 is ASP-based web forum software. It runs on Microsoft Windows operating systems. Snitz Forums 2000 allows users to include images in forum messages using image tags, with the following syntax:...

phpArcadeScript 2.0 browse.php Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/16957/info phpArcadeScript is prone to multiple cross-site scripting vulnerabilities. These issues are due to a lack of proper sanitization of user-supplied input. An attacker may leverage these issues to have arbitrary...

VerliAdmin 0.3 'index.php' Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/34845/info VerliAdmin is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script cod...

New-CMS 1.08 Multiple Local File Include and HTML-Injection Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/38307/info New-CMS is prone to multiple local file-include vulnerabilities and an HTML-Injection vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit the local file-include...

McMurtrey/Whitaker & Associates Cart32 2-5 GetLatestBuilds Script Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10617/info Cart32 is reported prone to a cross-site scripting vulnerability. This issue presents itself due to insufficient sanitization of user-supplied data. A remote attacker can exploit this issue by creating a...