CoolPHP Index.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/18124/info CoolPHP is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script...

IBM Rational ClearCase 7/8 Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/32574/info IBM Rational ClearCase is prone to a cross-site scripting vulnerability because the software fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code ...

tinyserver 1.1 - Directory Traversal

No description provided by source. source: http://www.securityfocus.com/bid/9485/info TinyServer is prone to multiple vulnerabilities. A directory traversal issue is present in TinyServer that could allow a remote user to view or download any file to which the server has access. A denial of servi...

BoardPower Forum ICQ.CGI Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10734/info BoardPower Forum is reportedly affected by a cross-site scripting vulnerability in the icq.cgi script. This issue is due to a failure of the application to properly sanitize user-supplied URI input. A remote...

PhpGedView 2.61 Search Script Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9369/info PhpGedView is prone to a cross-site scripting vulnerability. Remote attackers may create malicious links to this script that include hostile HTML and script code. If such a link was followed by a victim user, th...

TurboTrafficTrader C 1.0 - Multiple Cross-Site Scripting and HTML Injection Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/10359/info It has been reported that TurboTrafficTrader C does not properly sanitize input received from users. It has been conjectured that this may allow a remote user to launch cross-site scripting and HTML injection...

XMB 1.9.3 U2U.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/15342/info XMB is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser o...

Ades Design AdesGuestbook 2.0 Read Script Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/16090/info Ades Design AdesGuestbook is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script...

MusicBox 2.3 cart.php Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/17149/info MusicBox is prone to multiple input-validation vulnerabilities. The issues include cross-site scripting and SQL-injection vulnerabilities. These issues are due to a failure in the application to properly saniti...

Grayscale BandSite CMS 1.1 header.php the_band Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/20137/info Grayscale BandSite CMS is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied input data. These issues may allow an attacker to access sensitive informatio...

Deerfield VisNetic WebSite 3.5.13 .1 Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6369/info A vulnerability has been discovered in VisNetic Website when generating a 404 page for a non-existent resources. The issue is due to insufficient sanitization of the HTTP 'referer' header. It is possible to caus...

SunGard Banner Student 7.3 'add1' Parameter Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/27490/info Banner Student is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute arbitrary script code in the...

ProjectPier 0.8 Multiple HTML Injection and Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/27857/info ProjectPier is prone to multiple HTML-injection and cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary...

Eagle Software Aeries Student Information System 3.7.2.2/3.8.2.8 ClassList.asp Term Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/27924/info Aeries Student Information System is prone to multiple input-validation vulnerabilities, including multiple SQL-injection issues and an HTML-injection issue, because it fails to sufficiently sanitize...

PK-Designs PKs Movie Database 3.0.3 'index.php' SQL Injection and Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/27713/info PKs Movie Database is prone to a cross-site scripting vulnerability and an SQL-injection vulnerability because the application fails to sufficiently sanitize user-supplied input. Exploiting these issues could...

MyServer 0.8 Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13578/info myServer is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary scrip...

DCP-Portal 3.7/4.x/5.x announcement.php cid Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/11338/info DCP-Portal is reported prone to multiple cross-site scripting vulnerabilities. It is reported that DCP-Portal does not sufficiently filter URI parameters supplied to several scripts. Because of this deficiency,...

PluggedOut CMS 0.4.8 admin.php XSS

No description provided by source. source: http://www.securityfocus.com/bid/14426/info PluggedOut CMS is prone to multiple cross-site scripting and SQL injection vulnerabilities. Exploitation could allow for theft of cookie-based authentication credentials or unauthorized access to database data...

.netCART Settings.XML Information Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8210/info .netCART is a web based e-commerce and shopping cart site designed for ASP.NET. It has been alleged that .netCART fails to adequately protect the contents of a directory in a default install. It is therefore...

Novell Teaming 1.0 User Enumeration Weakness and Multiple Cross Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/34531/info Novell Teaming is prone to a user-enumeration weakness and multiple cross-site scripting vulnerabilities. A remote attacker can exploit the user-enumeration weakness to enumerate valid usernames and then perfor...