myBloggie 2.1 index.php year Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/13507/info myBloggie is affected by multiple vulnerabilities. An attacker may leverage these issues to carry out cross-site scripting, HTML injection and SQL injection attacks against the affected application. This may...

DFLabs PTK <= 1.0.5 - Multiple Vulnerabilities (Steal Authentication Credentials)

No description provided by source. +---------------------------------------------------------------------------------------------------------------------------------------------------+ Exploit Title : DFLabs PTK = 1.0.5 Multiple Vulnerabilities Steal Authentication Credentials Date : 22-02-2012...

GNU MyProxy 20030629 Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9846/info It has been reported that GNU MyProxy may be prone to a cross-site scripting vulnerability that may allow a remote attacker to execute HTML or script code in a user's browser. The issue presents itself due to...

IntranetApp 3.3 content.asp Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/16010/info IntranetApp is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to hav...

WordPress 1.2.1/1.2.2 link-categories.php cat_id Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/11984/info Wordpress is reported vulnerable to multiple cross-site scripting, HTML injection, and SQL injection vulnerabilities. These issues are due to a lack of proper sanitization of user-supplied data. The cross-site...

Dokeos <= 1.8.4 main/calendar/myagenda.php courseCode Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/27792/info Dokeos is prone to multiple input-validation vulnerabilities including five SQL-injection issues, one HTML-injection issue, three cross-site scripting issues, and one arbitrary-file-upload issue. Attackers can...

Sitekit CMS 6.6 Default.aspx Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/16016/info Sitekit CMS is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to hav...

Yogurt Social Network 3.2 rc1 Module for XOOPS scrapbook.php uid Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/30618/info Yogurt Social Network is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code ...

LXR 0.9.x Cross Referencer Multiple Cross Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/37612/info LXR Cross Referencer is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script cod...

Hogstorps Guestbook 2.0 Unauthorized Access Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/18205/info Hogstorps guestbook is prone to an access-authorization vulnerability. The issue occurs because the affected script fails to prompt for authentication credentials. An attacker can exploit this issue to delete a...

ScareCrow 2.13 profile.cgi user Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/15915/info ScareCrow is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have...

b2evolution 1.8.2/1.9 _410_stats_gone.page.php app_name Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/21334/info The b2evolution application is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script co...

MF Piadas 1.0 Admin.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/18676/info MF Piadas is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code execute in the browser of ...

Jax PHP Scripts 1.0/1.34/2.14/3.31 jnl_records User Database Disclosure

No description provided by source. source: http://www.securityfocus.com/bid/14482/info Jax PHP Scripts are affected by multiple cross-site scripting vulnerabilities. These issues are due to a failure in the applications to properly sanitize user-supplied input. An attacker may leverage any of the...

Faq-O-Matic 2.6/2.7 Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/4023/info FAQ-O-Matic is a freely available, open-source FAQ Frequently Asked Questions manager. It is intended to run on Linux and Unix variants. FAQ-O-Matic does not sufficiently filter script code from URL parameters. ...

PHP JackKnife 2.21 (PHPJK) UserArea/Authenticate.php sUName Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/24253/info PHP JackKnife is prone to multiple input-validation vulnerabilities, including cross-site scripting and SQL-injection issues. Exploiting these issues could allow an attacker to steal cookie-based authentication...

Ruby on Rails 1.2.3 To_JSON - Script Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/24161/info Ruby on Rails is prone to a script-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied script code...

Learn.com Learncenter.ASP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/19781/info Learn.com learncenter is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code...

NeoMail NeoMail.PL SessionID Parameter Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/17728/info NeoMail is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script...

D-Link Airspot DSA-3100 Gateway Login_error.SHTML Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/18168/info The D-Link Airspot DSA-3100 Gateway device is prone to a cross-site scripting vulnerability. This issue is due to a failure to properly sanitize user-supplied input. An attacker may leverage this issue to have...