4774 matches found
gpEasy 2.3.3 - 'jsoncallback' Cross-Site Scripting
source: https://www.securityfocus.com/bid/53269/info gpEasy is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected...
ownCloud 3.0.0 - index.php?redirect_url Arbitrary Site Redirect
ownCloud 3.0.0 - index.php?redirecturl Arbitrary Site Redirect source: https://www.securityfocus.com/bid/53145/info ownCloud is prone to a URI open-redirection vulnerability, multiple cross-site scripting vulnerabilities and multiple HTML-injection vulnerabilities because it fails to properly...
XOOPS 2.5.4 - '/modules/pm/pmlite.php?to_userid' Cross-Site Scripting
source: https://www.securityfocus.com/bid/53143/info XOOPS is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...
CVE-2012-0942
Buffer overflow in rn5auth.dll in RealNetworks Helix Server and Helix Mobile Server 14.x before 14.3.x allows remote attackers to execute arbitrary code via crafted authentication credentials...
Buffer overflow
Buffer overflow in rn5auth.dll in RealNetworks Helix Server and Helix Mobile Server 14.x before 14.3.x allows remote attackers to execute arbitrary code via crafted authentication credentials...
TeamPass 2.1.5 - login HTML Injection
TeamPass 2.1.5 - login HTML Injection source: https://www.securityfocus.com/bid/53038/info TeamPass is prone to an HTML-injection vulnerability because it fails to sanitize user-supplied input. Attacker-supplied HTML or JavaScript code could run in the context of the affected site, potentially...
Acuity CMS 2.6.2 - Username Cross-Site Scripting
Acuity CMS 2.6.2 - Username Cross-Site Scripting source: https://www.securityfocus.com/bid/53048/info Acuity CMS is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser o...
TeamPass 2.1.5 - 'login' HTML Injection
source: https://www.securityfocus.com/bid/53038/info TeamPass is prone to an HTML-injection vulnerability because it fails to sanitize user-supplied input. Attacker-supplied HTML or JavaScript code could run in the context of the affected site, potentially allowing the attacker to steal...
Joomla! Plugin Beatz 1.1 - Multiple Cross-Site Scripting Vulnerabilities
Joomla! Plugin Beatz 1.1 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/53030/info Joomla! Beatz Plugin is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker could leverage these...
WordPress All-in-One Event Calendar Plugin 1.4 - Multiple Parameter XSS
WordPress All-in-One Event Calendar plugin's /wp-content/plugins/all-in-one-event-calendar/app/view/agenda-widget.php multiple parameter is prone to a cross-site scripting vulnerability. It fails to properly clean up user-supplied input. An attacker may execute arbitrary script code in the browse...
BGS CMS 2.2.1 - Multiple Cross-Site Scripting HTML Injection Vulnerabilities
BGS CMS 2.2.1 - Multiple Cross-Site Scripting HTML Injection Vulnerabilities source: https://www.securityfocus.com/bid/52983/info BGS CMS is prone to multiple cross-site scripting and HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input. An attacker could...
WordPress Plugin All-in-One Event Calendar 1.4 - agenda-widget-form.php?title Cross-Site Scripting
WordPress Plugin All-in-One Event Calendar 1.4 - agenda-widget-form.php?title Cross-Site Scripting source: https://www.securityfocus.com/bid/52986/info All-in-One Event Calendar plugin for WordPress is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize...
WordPress Plugin All-in-One Event Calendar 1.4 - 'agenda-widget.php' Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/52986/info All-in-One Event Calendar plugin for WordPress is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the...
WordPress Plugin All-in-One Event Calendar 1.4 - 'box_publish_button.php?button_value' Cross-Site Scripting
source: https://www.securityfocus.com/bid/52986/info All-in-One Event Calendar plugin for WordPress is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the...
WordPress Plugin Uploadify Integration 0.9.6 - Multiple Cross-Site Scripting Vulnerabilities
WordPress Plugin Uploadify Integration 0.9.6 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/52944/info Uploadify Integration plugin for WordPress is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplie...
osCMax 2.5 - adminnew_attributes_include.php Multiple Cross-Site Scripting Vulnerabilities
osCMax 2.5 - adminnewattributesinclude.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/52886/info osCMax is prone to multiple SQL-injection vulnerabilities and multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize...
osCMax 2.5 - adminstats_monthly_sales.php?status SQL Injection
osCMax 2.5 - adminstatsmonthlysales.php?status SQL Injection source: https://www.securityfocus.com/bid/52886/info osCMax is prone to multiple SQL-injection vulnerabilities and multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. Exploiting...
osCMax 2.5 - admininformation_manager.php?information_id Cross-Site Scripting
osCMax 2.5 - admininformationmanager.php?informationid Cross-Site Scripting source: https://www.securityfocus.com/bid/52886/info osCMax is prone to multiple SQL-injection vulnerabilities and multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied inpu...
osCMax 2.5 - '/admin/geo_zones.php?zID' Cross-Site Scripting
source: https://www.securityfocus.com/bid/52886/info osCMax is prone to multiple SQL-injection vulnerabilities and multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. Exploiting these vulnerabilities could allow an attacker to steal...
osCMax 2.5 - '/admin/login.php?Username' SQL Injection
source: https://www.securityfocus.com/bid/52886/info osCMax is prone to multiple SQL-injection vulnerabilities and multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. Exploiting these vulnerabilities could allow an attacker to steal...