Xt-News 0.1 show_news.php id_news Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/21719/info Xt-News is prone to multiple input-validation vulnerabilities, including cross-site scripting and SQL-injection issues, because it fails to sufficiently sanitize user-supplied input. An attacker could exploit...

Caravel CMS 3.0 Beta 1 Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/15939/info Caravel CMS is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to hav...

DigitalHive 2.0 msg.php XSS

No description provided by source. source: http://www.securityfocus.com/bid/12883/info DigitalHive is reportedly affected by a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to hav...

Grayscale BandSite CMS 1.1 login_header.php the_band Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/20137/info Grayscale BandSite CMS is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied input data. These issues may allow an attacker to access sensitive informatio...

Linksys Web Camera Software 2.10 Next_file Parameter Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10533/info It is reported that Linksys Web Camera software is prone to a cross-site scripting vulnerability that may allow a remote attacker to steal cookie-based authentication credentials or carry out other attacks. The...

PhpGedView 2.5/2.6 Source.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/11888/info It is reported that PhpGedView is affected by a cross-site scripting vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied URI input. This issue could permit a remo...

OpenDB 1.0.6 user_profile.php redirect_url Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/30989/info Open Media Collectors Database OpenDb is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute...

OpenDB 1.0.6 user_admin.php user_id Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/30989/info Open Media Collectors Database OpenDb is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute...

Bloo 1.00 Googlespell_Proxy.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/21130/info Bloo is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code execute in the...

Linksys Wireless-G ADSL Gateway WAG54GS 1.0.6 Setup.CGI Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/24682/info Linksys Wireless-G ADSL Gateway is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. Attackers may exploit this issue by enticing...

Active Calendar 1.2 data/m_2.php css Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/22705/info Active Calendar is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the...

Private Message System 2.x index.php Page Parameter Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9308/info Private Message System is prone to a cross-site scripting vulnerability. This issue may be exploited by creating a malicious link to a site hosting the software with hostile HTML and script code embedded in URI...

vBulletin 3.6.10/3.7.2 '$newpm[title]' Parameter Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/30777/info vBulletin is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...

SMF 1.1 Index.PHP HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/22143/info SMF is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code would execute i...

PHP Event Calendar 1.4/1.5 Index.PHP Multiple Cross Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/20001/info PHP Event Calendar is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to steal cookie-based...

ProjectApp 3.3 login.asp ret_page Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/16011/info ProjectApp is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have...

VideoGirls view.php p Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/36168/info VideoGirls is prone to multiple cross site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied data. Attacker-supplied HTML or JavaScript code could run in the context...

Baby Katie Media VSReal and VScal 1.0 index.php lid Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/18350/info vsREAL and vSCAL are prone to multiple cross-site scripting vulnerabilities. These issues are due to the applications' failure to properly sanitize user-supplied input. An attacker may leverage these issues to...

Citrix NetScaler 8.0 build 47.8 Generic_API_Call.PL Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/26491/info Citrix NetScaler is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in...

Claroline 1.8 tracking/toolaccess_details.php toolId Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/30346/info Claroline is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the brows...