NPDS 4.8 /5.0 reviews.php title Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/13803/info NPDS is affected by multiple vulnerabilities resulting from input validation errors. These issues may allow remote attackers to carry out HTML injection, cross-site scripting and SQL injection attacks. This may...

NetauctionHelp 3.0 - Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/15737/info NetAuctionHelp is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to...

ScareCrow 2.13 forum.cgi forum Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/15915/info ScareCrow is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have...

Hosting Controller 1.x Error.ASP Cross-site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/18933/info Hosting Controller is prone to a cross-site scripting vulnerability because it fails to sanitize input before displaying it to users of the application. An attacker may leverage this issue to have arbitrary...

Exponent CMS 0.96.5/ 0.96.6 iconspopup.php icodir Variable Traversal Arbitrary Directory Listing

No description provided by source. source: http://www.securityfocus.com/bid/23574/info Exponent CMS is prone to multiple input-validation vulnerabilities because the application fails to properly sanitize user-supplied input. Exploiting these issues could allow an attacker to steal cookie-based...

Rapid Classified 3.1 viewad.asp id Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/21197/info Rapid Classified is prone to multiple input-validation issues, including multiple cross-site scripting issues and an SQL-injection issue, because the application fails to properly sanitize user-supplied input. ...

fuzzylime (cms) 3.0 'usercheck.php' Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/31306/info fuzzylime cms is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. Exploiting this vulnerability may allow an attacker to perform cross-site scripting...

NOCC 1.0 filter_prefs.php html_filter_select Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/16793/info NOCC Webmail is prone to multiple input-validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these issues to inject...

PunBB 1.3 'viewtopic.php' Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/37930/info PunBB is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

myBloggie 2.1.2/2.1.3 delcomment.php Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/17048/info MyBloggie is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have...

OSTicket 1.2/1.3 - Multiple Input Validation and Remote Code Injection Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/13478/info osTicket is affected by multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. Reportedly the application permits the inclusion...

ADP Forum 2.0.x Subject Field HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/17047/info ADP Forum is prone to an HTML-injection vulnerability. The application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code wou...

MyNews 1.6.2 - Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/17823/info MyNews is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code...

phpwebnews 0.1 iklan.php m_txt Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/23448/info The 'phpwebnews' package is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script co...

Enthrallweb eHomes result.asp Multiple Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/21193/info eHome is prone to multiple input-validation vulnerabilities, including cross-site scripting, and SQL-injection issues, because the application fails to properly sanitize user-supplied input. A successful exploi...

IT!CMS 0.2 menu-ed.php wndtitle Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/25129/info IT!CMS is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage these issues...

InstantASP 4.1 Members1.aspx Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/22052/info InstantForum.NET is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied input. An attacker can exploit these issues to steal cookie-based...

MegaBBS 1.5.14b 'upload.asp' Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/27368/info MegaBBS is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the brows...

Tunez 1.21 search.php searchFor Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/15548/info Tunez is prone to multiple input validation vulnerabilities. The application is affected by an SQL injection vulnerability and a cross-site scripting issue. Successful exploitation of the SQL injection issue...

MKPortal 1.x Multiple Modules Cross Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/36216/info Multiple modules of MKPortal are prone to cross-site scripting vulnerabilities because the software fails to sufficiently sanitize user-supplied data. Attacker-supplied HTML or JavaScript code could run in the...