4774 matches found
WordPress Audio Player Plugin - Cross Site Scripting
WordPress Audio Player plugin is prone to a cross-site scripting vulnerability. It fails to properly clean up user-supplied input. An attacker may execute arbitrary script code in the browser of an user in the context of the affected site. In this way the attacker can steal cookie-based...
WordPress Plugin Audio Player - playerID Cross-Site Scripting
WordPress Plugin Audio Player - playerID Cross-Site Scripting source: https://www.securityfocus.com/bid/57848/info The Audio Player plugin for WordPress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue ...
WordPress Plugin Audio Player - 'playerID' Cross-Site Scripting
source: https://www.securityfocus.com/bid/57848/info The Audio Player plugin for WordPress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...
RHEL 5 / 6 : spacewalk-backend (RHSA-2012:0101)
Updated spacewalk-backend packages that fix one security issue and two bugs are now available for Red Hat Network Satellite 5.4. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...
WordPress Plugin WP-Table Reloaded - id Cross-Site Scripting
WordPress Plugin WP-Table Reloaded - id Cross-Site Scripting source: https://www.securityfocus.com/bid/57664/info The WP-Table Reloaded plugin for WordPress is prone to a cross-site scripting vulnerability. An attacker may leverage this issue to execute arbitrary script code in the browser of an...
MantisBT CVE-2013-1934 HTML Injection Vulnerability
Description MantisBT is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied data. Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser, potentially allowing the attacker to steal cookie-based...
gpEasy CMS - 'section' Cross-Site Scripting
source: https://www.securityfocus.com/bid/57522/info gpEasy CMS is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the...
Perforce P4Web - Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/57514/info Perforce P4Web is prone to multiple cross site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an...
Scripts Genie Classified Ultra - SQL Injection Cross-Site Scripting
Scripts Genie Classified Ultra - SQL Injection Cross-Site Scripting source: https://www.securityfocus.com/bid/57465/info Classified Ultra is prone to an SQL-injection vulnerability and a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting...
luci, ricci security update
CentOS Errata and Security Advisory CESA-2013:0128 Updated conga packages that fix one security issue, multiple bugs, and add two enhancements are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. A Common...
TinyBrowser - edit.php Directory Listing
TinyBrowser - edit.php Directory Listing source: https://www.securityfocus.com/bid/57230/info TinyBrowser is prone to multiple vulnerabilities. An attacker may leverage these issues to obtain potentially sensitive information and to execute arbitrary script code in the browser of an unsuspecting...
Quick.CMS Quick.Cart - Cross-Site Scripting
Quick.CMS Quick.Cart - Cross-Site Scripting source: https://www.securityfocus.com/bid/57254/info Quick.Cms and Quick.Cart are prone to a cross-site scripting vulnerability because they fail to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in th...
TinyBrowser - 'edit.php' Directory Listing
source: https://www.securityfocus.com/bid/57230/info TinyBrowser is prone to multiple vulnerabilities. An attacker may leverage these issues to obtain potentially sensitive information and to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site...
Quick.CMS / Quick.Cart - Cross-Site Scripting
source: https://www.securityfocus.com/bid/57254/info Quick.Cms and Quick.Cart are prone to a cross-site scripting vulnerability because they fail to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...
Dell OpenManage Server Administrator - Cross-Site Scripting
source: https://www.securityfocus.com/bid/57212/info Dell OpenManage Server Administrator is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...
TinyBrowser - 'tinybrowser.php' Directory Listing
source: https://www.securityfocus.com/bid/57230/info TinyBrowser is prone to multiple vulnerabilities. An attacker may leverage these issues to obtain potentially sensitive information and to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site...
Microsoft System Center Operations Manager CVE-2013-0010 Cross Site Scripting Vulnerability
Description Microsoft System Center Operations Manager is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the...
WordPress Plugin NextGEN Gallery - 'test-head' Cross-Site Scripting
source: https://www.securityfocus.com/bid/57200/info The NextGEN Gallery plugin for WordPress is prone to a cross-site-scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...
Havalite CMS - 'comment' HTML Injection
source: https://www.securityfocus.com/bid/57169/info Havalite CMS is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input. Attacker-supplied HTML or JavaScript code could run in the context of the affected site, potentially allowing the attacker to...
Astaro Security Gateway 8.1 - HTML Injection
Astaro Security Gateway 8.1 - HTML Injection source: https://www.securityfocus.com/bid/51301/info Astaro Security Gateway is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML...