bcoos 1.0.10 modules/mylinks/ratelink.php lid Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/26629/info The 'bcoos' program is prone to multiple input-validation vulnerabilities, including SQL-injection issues and cross-site scripting issues, because it fails to sufficiently sanitize user-supplied data. These...

Rapid Classified 3.1 advsearch.asp dosearch Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/21197/info Rapid Classified is prone to multiple input-validation issues, including multiple cross-site scripting issues and an SQL-injection issue, because the application fails to properly sanitize user-supplied input. ...

PhpGedView 2.5/2.6 Calendar.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/11907/info It is reported that PhpGedView is affected by a cross-site scripting vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied URI input. This issue could permit a remo...

E-Php B2B Trading Marketplace Script Multiple Cross Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/33551/info E-Php B2B Trading Marketplace Script is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute...

BBSXP 5.13 'error.asp' Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/33411/info BBSXP is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

The Rat CMS viewarticle.php Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/29959/info The Rat CMS is prone to multiple input-validation vulnerabilities, including SQL-injection issues and cross-site scripting issues, because it fails to sufficiently sanitize user-supplied data. Exploiting these...

YaBB 1.40/1.41 Login Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6004/info A cross-site scripting vulnerability has been reported in the YaBB Yet Another Bulletin Board forum login script. HTML tags or script code are not sanitized from the error output of erroneous login attempts. As ...

ATutor 1.5.x admin/fix_content.php submit Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/18857/info ATutor is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues to...

WordPress WP-FeedStats 2.1 HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/25085/info The WP-FeedStats plugin for WordPress is prone to an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied input data. Exploiting this issue may allow an attacker to execute HTML...

VWar 1.x war.php page Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/19327/info Vwar is prone to multiple input-validation vulnerabilities, including cross-site scripting and SQL-injection issues. These issues occur because the application fails to properly sanitize user-supplied input. A...

pMachine Pro 2.4.1 Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/27282/info pMachine Pro is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the...

DCP-Portal 5.3.1 Calendar.php Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7144/info It has been reported that DCP-Portal does not sufficiently filter URI parameters supplied to the DCP-Portal 'calender' script. As a result of this deficiency, it is possible for a remote attacker to create a...

iSupport 1.8 ticket_function.php Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/37380/info iDevSpot iSupport is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied input An attacker may leverage these issues to execute arbitrary...

Chimera Web Portal 0.2 linkcategory.php id Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/16113/info Chimera Web Portal is prone to multiple input validation vulnerabilities. The issues include cross-site scripting and SQL injection vulnerabilities. These issues are due to a failure in the application to...

Microsoft Internet Explorer 5/6 MSXML XML File Parsing Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7938/info A vulnerability has been reported for the Microsoft Internet Explorer that may result in cross-site scripting attacks. If IE, using the MSXML parser, is unable to parse the requested XML file, it will display a...

OpenEMR 2.8.2 Login_Frame.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/22348/info OpenEMR is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the brows...

glFusion 1.1 Anonymous Comment 'username' Field HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/33683/info glFusion is prone to an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied data. Attacker-supplied HTML or JavaScript code could run in the context of the affected site,...

ATutor 1.4.3 tile.php Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/13972/info ATutor is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues to...

Chucky A. Ivey N.T. 1.1 Index.PHP Multiple HTML Injection Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/17387/info N.T. is prone to multiple HTML-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and scrip...

e107 website system 0.7.5 news.php Query String (PATH_INFO) Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/19997/info e107 CMS is prone to multiple cross-site scripting vulnerabilities because the application fails to sanitize user-supplied input. An attacker may levearge this issue to have arbitrary script code execute in the...