4774 matches found
INFINICART search.asp search Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/21043/info Infinicart is prone to multiple input-validation vulnerabilities, including HTML-injection and SQL-injection issues, because the application fails to properly sanitize user-supplied input. A successful exploit ...
FreePBX 2.5.2 admin/config.php tech Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/37482/info FreePBX is prone to a cross-site scripting vulnerability and multiple HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content...
Grandora Rialto 1.6 printmain.asp ID Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/21191/info Grandora Rialto is prone to multiple input-validation vulnerabilities, including SQL-injection and cross-site scripting issues, because it fails to sufficiently sanitize user-supplied data. Exploiting this issu...
XRMS 1.99.2 - activities/some.php title Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/31008/info XRMS CRM is prone to multiple input-validation vulnerabilities, including an unspecified SQL-injection issue, an HTML-injection issue, and multiple cross-site scripting issues. The vulnerabilities occur because...
Bitweaver 1.3.1 Articles and Blogs Multiple Cross-Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/22169/info Bitweaver is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code...
PHPBB 2.0.6 URL BBCode HTML Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8570/info phpBB BBCode has been reported prone to an HTML injection vulnerability. It has been reported that an attacker may inject malicious script into areas of phpBB where BBCode is rendered, for example, bulletin boar...
XOOPS 2.2.5 register.php Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/26835/info XOOPS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...
Insanely Simple Blog 0.4/0.5 index.php current_subsection Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/24934/info Insanely Simple Blog is prone to multiple input-validation vulnerabilities, including cross-site scripting, HTML-injection, and SQL-injection issues, because the application fails to properly sanitize...
Adobe RoboHelp Frameset-7.HTML Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/23878/info RoboHelp is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...
Messageriescripthp 2.0 lire-avis.php aa Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/21513/info Messageriescripthp is prone to multiple input-validation vulnerabilities, including SQL-injection and cross-site scripting issues, because it fails to sufficiently sanitize user-supplied data. Exploiting these...
iPlanet Web Server 4.1 Search Module Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/21977/info iPlanet Web Server is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code...
Maximus SchoolMAX 4.0.1 Error_msg Parameter Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/18563/info Maximus SchoolMAX is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input before displaying it to users of the application. An attacker may leverage this issue to have...
PHP Linkliste 1.0 Linkliste.PHP Multiple Cross-Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/17828/info PHP Linkliste is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script cod...
RMSOFT Gallery System 2.0 Images.PHP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/20676/info RMSOFT Gallery System is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code...
Inside Systems Mail 2.0 Error.PHP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/21424/info Inside Systems Mail is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code...
Usenet 0.5 Index.PHP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/18662/info Usenet is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script...
Vt-Forum Lite 1.3 vf_info.asp StrMes Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/21428/info Vt-Forum Lite is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in...
Connect Daily 3.2.8/3.2.9 ViewCal.html item_type_id Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/17287/info Connect Daily is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to...
tinyserver 1.1 - Directory Traversal
No description provided by source. source: http://www.securityfocus.com/bid/9485/info TinyServer is prone to multiple vulnerabilities. A directory traversal issue is present in TinyServer that could allow a remote user to view or download any file to which the server has access. A denial of servi...
SunGard Banner Student 7.3 'add1' Parameter Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/27490/info Banner Student is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute arbitrary script code in the...