TIPS MailPost 5.1.1 Error Message Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/11598/info MailPost is reported prone to a cross-site scripting vulnerability. This issue presents itself due to insufficient sanitization of user-supplied data and can allow an attacker to execute arbitrary HTML and scri...

OpenBB 1.0.x post.php Multiple Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/10214/info It has been reported that OpenBB is affected by multiple input validation vulnerabilities. These issues are due to a failure of the application to properly sanitize user supplied user input. The SQL issues may...

Audins Audiens 3.3 system/index.php Cookie PHPSESSID Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/22728/info Audins Audiens is prone to multiple input-validation vulnerabilities, including SQL-injection issues and a cross-site scripting issue, because the application fails to sufficiently sanitize user-supplied input...

OneWorldStore OWListProduct.ASP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13185/info OneWorldStore is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary...

OneWorldStore OWContactUs.ASP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13184/info OneWorldStore is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary...

FreznoShop 1.2.3/1.3 Search Script Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9359/info FreznoShop is prone to a cross-site scripting vulnerability. Remote attackers may create malicious links to the software that include hostile HTML and script code. If such a link was followed by a victim user, t...

M-TECH P-Synch 6.2.5 nph-psa.exe css Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/7745/info P-Synch does not adequately filter HTML code from URL parameters, making it prone to cross-site scripting attacks. Code will be executed in the security context of the system running P-Synch. This may enable a...

SWsoft Plesk Reloaded 7.1 - Login_name Parameter Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/11024/info It is reported that Plesk Reloaded may be affected by a cross-site scripting vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied URI input. This issue could permi...

ForumJBC 4.0 Haut.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/19992/info ForumJBC is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverge this issue to have arbitrary script code execute in the browser of...

FatWire UpdateEngine 6.2 - Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/16073/info FatWire UpdateEngine is prone to multiple cross-site scripting vulnerabilities. An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context...

MG2 'list' Parameter - Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/28098/info MG2 is prone to a cross-site scripting vulnerability because it fails to adequately sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

Elite Forum 1.0 HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/15257/info Elite Forum is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script...

OlateDownload 3.4 details.php page Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/20278/info OlateDownload is prone to multiple input-validation vulnerabilities, including HTML-injection and SQL-injection issues, because the application fails to properly sanitize user-supplied input. A successful explo...

Pilot Group eTraining lessons_login.php Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/35834/info PG eTraining is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the...

Chris LaPointe Download Center 1.2 - search_results Action search Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/28219/info Download Center is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in...

Macromedia ColdFusion MX 6.0 SQL Error Message Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8840/info It has been reported that Macromedia ColdFusion MX may be prone to a cross-site scripting vulnerability due to improper handling of error messages generated by the underlying database. This problem may be...

myBloggie 2.1 index.php year Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/13507/info myBloggie is affected by multiple vulnerabilities. An attacker may leverage these issues to carry out cross-site scripting, HTML injection and SQL injection attacks against the affected application. This may...

DFLabs PTK <= 1.0.5 - Multiple Vulnerabilities (Steal Authentication Credentials)

No description provided by source. +---------------------------------------------------------------------------------------------------------------------------------------------------+ Exploit Title : DFLabs PTK = 1.0.5 Multiple Vulnerabilities Steal Authentication Credentials Date : 22-02-2012...

GNU MyProxy 20030629 Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9846/info It has been reported that GNU MyProxy may be prone to a cross-site scripting vulnerability that may allow a remote attacker to execute HTML or script code in a user's browser. The issue presents itself due to...

IntranetApp 3.3 content.asp Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/16010/info IntranetApp is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to hav...