WordPress SimpleMail Plugin 1.0.6 - Stored XSS

WordPress SimpleMail plugin is prone to a stored XSS vulnerability. It fails to properly clean up user-supplied input. An attacker may execute arbitrary script code in the browser of an user in the context of the affected site. In this way the attacker can steal cookie-based authentication...

Worksforweb iAuto - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities

source: https://www.securityfocus.com/bid/54812/info Worksforweb iAuto is prone to multiple cross-site scripting and HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input. Successful exploits will allow attacker-supplied HTML and script code to run in the contex...

Open Constructor - datafileedit.php?result Cross-Site Scripting

Open Constructor - datafileedit.php?result Cross-Site Scripting source: https://www.securityfocus.com/bid/54822/info Open Constructor is prone to multiple input-validation vulnerabilities because it fails to properly sanitize user-supplied input. Exploiting these vulnerabilities could allow an...

Open Constructor - usersusers.php?keyword Cross-Site Scripting

Open Constructor - usersusers.php?keyword Cross-Site Scripting source: https://www.securityfocus.com/bid/54822/info Open Constructor is prone to multiple input-validation vulnerabilities because it fails to properly sanitize user-supplied input. Exploiting these vulnerabilities could allow an...

Open Constructor - 'confirm.php?q' Cross-Site Scripting

source: https://www.securityfocus.com/bid/54822/info Open Constructor is prone to multiple input-validation vulnerabilities because it fails to properly sanitize user-supplied input. Exploiting these vulnerabilities could allow an attacker to execute arbitrary script code, steal cookie-based...

Elefant CMS - id Cross-Site Scripting

Elefant CMS - id Cross-Site Scripting source: https://www.securityfocus.com/bid/54805/info Elefant CMS is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

Elefant CMS - 'id' Cross-Site Scripting

source: https://www.securityfocus.com/bid/54805/info Elefant CMS is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the...

Mahara 1.4.1 - Multiple Cross-Site Scripting HTML Injection Vulnerabilities

Mahara 1.4.1 - Multiple Cross-Site Scripting HTML Injection Vulnerabilities source: https://www.securityfocus.com/bid/54776/info Mahara is prone to multiple cross-site scripting vulnerabilities and an HTML-injection vulnerability because it fails to properly sanitize user-supplied text. Successfu...

Barracuda Email Security Service - Multiple HTML Injection Vulnerabilities

Barracuda Email Security Service - Multiple HTML Injection Vulnerabilities source: https://www.securityfocus.com/bid/54773/info Barracuda Email Security Service is prone to multiple HTML-injection vulnerabilities because it fails to properly validate user-supplied input. An attacker may leverage...

Scientific Linux Security Update : NetworkManager on SL5.x i386/x86_64

CVE-2009-4145 NetworkManager: information disclosure by nm-connection-editor CVE-2009-4144 NetworkManager: WPA enterprise network not verified when certificate is removed A missing network certificate verification flaw was found in NetworkManager. If a user created a WPA Enterprise or 802.1x...

Distimo Monitor - Multiple Cross-Site Scripting Vulnerabilities

Distimo Monitor - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/54757/info Distimo Monitor is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execut...

DataWatch Monarch Business Intelligence - Multiple Input Validation Vulnerabilities

DataWatch Monarch Business Intelligence - Multiple Input Validation Vulnerabilities source: https://www.securityfocus.com/bid/54733/info DataWatch Monarch Business Intelligence is prone to multiple input validation vulnerabilities. Successful exploits will allow an attacker to manipulate the XPat...

DataWatch Monarch Business Intelligence - Multiple Input Validation Vulnerabilities

source: https://www.securityfocus.com/bid/54733/info DataWatch Monarch Business Intelligence is prone to multiple input validation vulnerabilities. Successful exploits will allow an attacker to manipulate the XPath query logic to carry out unauthorized actions on the XML documents of the...

Scrutinizer 9.0.1.19899 - Multiple Cross-Site Scripting Vulnerabilities

Scrutinizer 9.0.1.19899 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/54725/info Scrutinizer is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to...

Zenoss 3.2.1 - (Authenticated) Remote Command Execution

Zenoss 3.2.1 - Authenticated Remote Command Execution source: https://www.securityfocus.com/bid/54793/info Zenoss is prone to the following security vulnerabilities: 1. Multiple arbitrary command-execution vulnerabilities 2. Multiple HTML-injection vulnerabilities 3. An open-redirection...

CentOS Update for cyrus-imapd CESA-2011:0859 centos5 x86_64

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

REDAXO 'subpage' Parameter Cross Site Scripting Vulnerability

REDAXO 'subpage' Parameter Cross Site Scripting Vulnerability. Webapps exploit for php platform source: http://www.securityfocus.com/bid/54670/info REDAXO is prone to a cross-site-scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issu...

Barracuda SSL VPN - launchAgent.do?return-To Cross-Site Scripting

Barracuda SSL VPN - launchAgent.do?return-To Cross-Site Scripting source: https://www.securityfocus.com/bid/54593/info Barracuda SSL VPN 680 is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues t...

Barracuda SSL VPN - fileSystem.do Multiple Cross-Site Scripting Vulnerabilities

Barracuda SSL VPN - fileSystem.do Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/54593/info Barracuda SSL VPN 680 is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage...

Simple Machines 2.0.2 - Multiple HTML Injection Vulnerabilities

Simple Machines 2.0.2 - Multiple HTML Injection Vulnerabilities source: https://www.securityfocus.com/bid/54456/info Simple Machines is prone to multiple HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content...