S9Y Serendipity 1.6.2 - serendipity_admin_image_selector.php Cross-Site Scripting

S9Y Serendipity 1.6.2 - serendipityadminimageselector.php Cross-Site Scripting source: https://www.securityfocus.com/bid/61138/info Serendipity is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to...

OpenEMR 4.1 - 'note' HTML Injection

source: https://www.securityfocus.com/bid/61154/info OpenEMR is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. Successful exploits will allow attacker-supplied HTML and script code to run in the...

Corda .NET Redirector - 'redirector.corda' Cross-Site Scripting

source: https://www.securityfocus.com/bid/61156/info Corda .NET Redirector is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...

S9Y Serendipity 1.6.2 - 'serendipity_admin_image_selector.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/61138/info Serendipity is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the conte...

Air Drive Plus - Multiple Input Validation Vulnerabilities

source: https://www.securityfocus.com/bid/61081/info Air Drive Plus is prone to multiple input validation vulnerabilities including a local file-include vulnerability, an arbitrary file-upload vulnerability, and an HTML-injection vulnerability. An attacker can exploit these issues to upload...

IBM Lotus Domino 8.5.x < 8.5.3 FP 4 Multiple Vulnerabilities

According to its banner, the version of Lotus Domino on the remote host is 8.5.x earlier than 8.5.3 FP4. It is, therefore, affected by the following vulnerabilities : - An error exists related to the 'Autonomy KeyView' file parser that could allow arbitrary code execution. CVE-2012-6277 - A memor...

WordPress Plugin Xorbin Digital Flash Clock - widgetUrl Cross-Site Scripting

WordPress Plugin Xorbin Digital Flash Clock - widgetUrl Cross-Site Scripting source: https://www.securityfocus.com/bid/60862/info The Xorbin Digital Flash Clock plugin for WordPress is prone to a cross-site-scripting vulnerability because it fails to properly sanitize user-supplied input. An...

WordPress Plugin Xorbin Digital Flash Clock - &#039;widgetUrl&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/60862/info The Xorbin Digital Flash Clock plugin for WordPress is prone to a cross-site-scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser ...

Motion - Multiple Vulnerabilities

Motion - Multiple Vulnerabilities source: https://www.securityfocus.com/bid/60818/info Motion is prone to multiple security vulnerabilities including multiple buffer-overflow vulnerabilities, a cross-site scripting vulnerability and a cross-site request-forgery vulnerability. An attacker may...

FtpLocate - HTML Injection

FtpLocate - HTML Injection source: https://www.securityfocus.com/bid/60760/info FtpLocate is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input. Successful exploits will allow attacker-supplied HTML and script code to run in the context of the...

TaxiMonger for Android - &#039;name&#039; HTML Injection

source: https://www.securityfocus.com/bid/60566/info TaxiMonger for Android is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input. Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser,...

Caucho Resin - index.php?logout Cross-Site Scripting

Caucho Resin - index.php?logout Cross-Site Scripting source: https://www.securityfocus.com/bid/60426/info Resin Professional is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute...

Caucho Resin - &#039;index.php?logout&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/60426/info Resin Professional is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting use...

Telaen 2.7.x - Cross-Site Scripting

source: https://www.securityfocus.com/bid/60288/info Telaen is prone to a cross-site-scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the...

Elastix - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/60262/info Elastix is prone to multiple cross-site scripting vulnerabilities because it fails to sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of...

WordPress ADIF Log Search Widget Plugin - Cross Site Scripting

WordPressADIF Log Search Widget plugin's "logbooksearch.php" is prone to a cross-site scripting vulnerability. It fails to properly clean up user-supplied input. An attacker may execute arbitrary script code in the browser of an user in the context of the affected site. In this way the attacker c...

Matterdaddy Market - Multiple Vulnerabilities

Matterdaddy Market - Multiple Vulnerabilities source: https://www.securityfocus.com/bid/60150/info Matterdaddy Market is prone to multiple security vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to execute arbitrary...

Matterdaddy Market - Multiple Vulnerabilities

source: https://www.securityfocus.com/bid/60150/info Matterdaddy Market is prone to multiple security vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to execute arbitrary script code, upload arbitrary files, steal...

Jojo CMS - &#039;search&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/59933/info Jojo CMS is prone to a cross-site scripting vulnerability. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal...

WordPress Securimage-WP Plugin - Cross Site Scripting

WordPress Securimage-WP plugin's "siwptest.php" is prone to a cross-site scripting vulnerability. It fails to properly clean up user-supplied input. An attacker may execute arbitrary script code in the browser of an user in the context of the affected site. In this way the attacker can steal...