Claroline 1.8 tracking/toolaccess_details.php toolId Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/30346/info Claroline is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the brows...

Dojo Toolkit <= 1.4.1 dijit\tests\_testCommon.js theme Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/38739/info Dojo is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the browser...

Joomla! Letterman Subscriber Module 1.2.4 Mod_Lettermansubscribe.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/24479/info The Joomla! Letterman Subscriber module is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute...

HP Operations Manager Default Manager 8.1 Account Remote Security Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/36253/info HP Operations Manager is prone to a remote security vulnerability. Operations Manager 8.1 for Windows is vulnerable; other versions may also be vulnerable. NOTE: This issue may be related to the issue documente...

Indexu 5.0/5.3 send_pwd.php Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/22084/info Indexu is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in the...

Active Bids search.asp search Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/33306/info Active Auction House and Active Auction Pro are prone to SQL-injection and cross-site scripting vulnerabilities because they fail to sufficiently sanitize user-supplied data. Exploiting these issues could allow...

Cisco User-Changeable Password (UCP) 3.3.4.12.5 - CSUserCGI.exe Help Facility XSS

No description provided by source. source: http://www.securityfocus.com/bid/28222/info Cisco User-Changeable Password UCP is prone to multiple remote vulnerabilities, including cross-site scripting and buffer-overflow vulnerabilities. Exploiting the cross-site scripting issues may help the attack...

UseModWiki 1.0 Wiki.PL Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/11924/info It is reported that UseModWiki is affected by a cross-site scripting vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied URI input before outputting it in Web...

Confixx 3.0/3.1 Index.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/17984/info Confixx is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script...

Limbo CMS 1.0.4 'com_option' Parameter Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/27027/info Limbo CMS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

webSPELL 4.1.2 calendar.php Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/26787/info webSPELL is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browse...

LANDesk Management Gateway 4.x Multiple Security Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/38119/info LANDesk Management Gateway is prone to a cross-site request-forgery vulnerability and a cross-site scripting vulnerability. An attacker can exploit the cross-site request forgery issue to alter the settings on...

DCP-Portal 3.7/4.x/5.x contents.php cid Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/11338/info DCP-Portal is reported prone to multiple cross-site scripting vulnerabilities. It is reported that DCP-Portal does not sufficiently filter URI parameters supplied to several scripts. Because of this deficiency,...

b2evolution 1.8.2/1.9 _410_stats_gone.page.php app_name Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/21334/info The b2evolution application is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script co...

PhpGedView 2.5/2.6 Imageview.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/11890/info It is reported that PhpGedView is affected by a cross-site scripting vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied URI input. This issue could permit a remo...

ScareCrow 2.13 profile.cgi user Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/15915/info ScareCrow is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have...

Faq-O-Matic 2.6/2.7 Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/4023/info FAQ-O-Matic is a freely available, open-source FAQ Frequently Asked Questions manager. It is intended to run on Linux and Unix variants. FAQ-O-Matic does not sufficiently filter script code from URL parameters. ...

MF Piadas 1.0 Admin.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/18676/info MF Piadas is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code execute in the browser of ...

LightBlog <= 5 Add_Comment.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/24741/info LightBlog is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...

VMware ESX 2.x Multiple Information Disclosure Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/19249/info VMware ESX is prone to multiple information-disclosure vulnerabilities. These issues are due to a design error in the application. The following issues were reported: 1. An information disclosure vulnerability...