4774 matches found
Event Calender PHP - Multiple Input Validation Vulnerabilities
source: https://www.securityfocus.com/bid/54455/info Event Calender PHP is prone to multiple input validation vulnerabilities. Exploiting these vulnerabilities could allow an attacker to execute arbitrary script code, steal cookie-based authentication credentials, compromise the application, acce...
Low: Red Hat Security Advisory: jbosscache security update
An update for JBoss Enterprise Web Platform 5.1.2 that fixes one security issue is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...
Phonalisa - Multiple HTML Injection Cross-Site Scripting Vulnerabilities
Phonalisa - Multiple HTML Injection Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/54401/info Phonalisa is prone to multiple HTML-injection, cross-site-scripting, and arbitrary code-execution vulnerabilities because the application fails to sufficiently sanitize...
Authentication Capture: MSSQL
This module provides a fake MSSQL service that is designed to capture authentication credentials. The modules supports both the weak encoded database logins as well as Windows logins NTLM. This module requires Metasploit: https://metasploit.com/download Current source:...
Kajona - getAllPassedParams() Multiple Cross-Site Scripting Vulnerabilities
Kajona - getAllPassedParams Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/54391/info Kajona is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execu...
Flogr - tag Multiple Cross-Site Scripting Vulnerabilities
Flogr - tag Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/54354/info Flogr is prone to multiple unspecified cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute...
WordPress Plugin church_admin - id Cross-Site Scripting
WordPress Plugin churchadmin - id Cross-Site Scripting source: https://www.securityfocus.com/bid/54329/info The churchadmin plugin for WordPress is prone to a cross-site-scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execu...
WordPress Plugin church_admin - 'id' Cross-Site Scripting
source: https://www.securityfocus.com/bid/54329/info The churchadmin plugin for WordPress is prone to a cross-site-scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...
WordPress Plugin Knews Multilingual Newsletters - Cross-Site Scripting
source: https://www.securityfocus.com/bid/54330/info Knews Multilingual Newsletters for WordPress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...
WordPress Plugin SocialFit - 'msg' Cross-Site Scripting
source: https://www.securityfocus.com/bid/54320/info SocialFit plugin for WordPress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting us...
WordPress Plugin PHPFreeChat - 'url' Cross-Site Scripting
source: https://www.securityfocus.com/bid/54332/info PHPFreeChat is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the...
PHP MBB - Cross-Site Scripting SQL Injection
PHP MBB - Cross-Site Scripting SQL Injection source: https://www.securityfocus.com/bid/54271/info php MBB is prone to multiple cross-site scripting and SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to...
PHP MBB - Cross-Site Scripting / SQL Injection
source: https://www.securityfocus.com/bid/54271/info php MBB is prone to multiple cross-site scripting and SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials,...
TEMENOS T24 - Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/54235/info TEMENOS T24 is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in th...
CMS Lokomedia - Multiple Cross-Site Scripting HTML Injection Vulnerabilities
CMS Lokomedia - Multiple Cross-Site Scripting HTML Injection Vulnerabilities source: https://www.securityfocus.com/bid/54150/info CMS Lokomedia is prone to multiple cross-site scripting and HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input. Successful exploi...
CMS Lokomedia - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities
source: https://www.securityfocus.com/bid/54150/info CMS Lokomedia is prone to multiple cross-site scripting and HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input. Successful exploits will allow attacker-supplied HTML and script code to run in the context of...
Adiscan LogAnalyzer 3.4.3 - Cross-Site Scripting
source: https://www.securityfocus.com/bid/54117/info Adiscan LogAnalyzer is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...
Commentics - index.php Cross-Site Scripting
Commentics - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/54111/info Commentics is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...
CMS Balitbang - Multiple HTML Injection Cross-Site Scripting Vulnerabilities
CMS Balitbang - Multiple HTML Injection Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/54084/info CMS Balitbang is prone to HTML-injection and cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. Successful exploits will...
MediaWiki 1.x - uselang Cross-Site Scripting
MediaWiki 1.x - uselang Cross-Site Scripting source: https://www.securityfocus.com/bid/53998/info MediaWiki is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the brows...