Fork CMS 3.x - '/backend/modules/error/actions/index.php?parse()' Multiple Error Display Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/52236/info Fork CMS is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage these issues to execute arbitrary script cod...

Endian Firewall 2.4 - dansguardian.cgi?addrule Cross-Site Scripting

Endian Firewall 2.4 - dansguardian.cgi?addrule Cross-Site Scripting source: https://www.securityfocus.com/bid/52076/info Endian Firewall is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an...

Endian Firewall 2.4 - dnat.cgi?createrule Cross-Site Scripting

Endian Firewall 2.4 - dnat.cgi?createrule Cross-Site Scripting source: https://www.securityfocus.com/bid/52076/info Endian Firewall is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attack...

Endian Firewall 2.4 - 'dansguardian.cgi?addrule' Cross-Site Scripting

source: https://www.securityfocus.com/bid/52076/info Endian Firewall is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to execute arbitrary script on the affected server and steal...

Endian Firewall 2.4 - 'openvpn_users.cgi?PATH_INFO' Cross-Site Scripting

source: https://www.securityfocus.com/bid/52076/info Endian Firewall is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to execute arbitrary script on the affected server and steal...

Webglimpse 2.x - Multiple Cross-Site Scripting Vulnerabilities

Webglimpse 2.x - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/52170/info Webglimpse is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to...

Webglimpse 2.x - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/52170/info Webglimpse is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to execute arbitrary script on the affected server and steal...

DFLabs PTK 1.0.5 Cross Site Request Forgery

+---------------------------------------------------------------------------------------------------------------------------------------------------+ Exploit Title : DFLabs PTK = 1.0.5 Multiple Vulnerabilities Steal Authentication Credentials Date : 22-02-2012 Author : Ivano Binetti...

pfile <= 1.02 Multiple Vulnerabilities - Active Check

pfile is prone to a cross-site scripting XSS vulnerability and an SQL injection SQLi vulnerability because it fails to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

Oxwall 1.1.1 - plugin Cross-Site Scripting

Oxwall 1.1.1 - plugin Cross-Site Scripting source: https://www.securityfocus.com/bid/52125/info Oxwall is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of...

DFLabs PTK <= 1.0.5 Multiple Vulnerabilities

Exploit for php platform in category web applications +---------------------------------------------------------------------------------------------------------------------------------------------------+ Exploit Title : DFLabs PTK = 1.0.5 Multiple Vulnerabilities Steal Authentication Credentials...

DFLabs PTK 1.0.5 - Steal Authentication Credentials

+---------------------------------------------------------------------------------------------------------------------------------------------------+ Exploit Title : DFLabs PTK = 1.0.5 Multiple Vulnerabilities Steal Authentication Credentials Date : 22-02-2012 Author : Ivano Binetti...

Oxwall 1.1.1 - &#039;plugin&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/52125/info Oxwall is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the...

Chyrp 2.1.2 - &#039;/includes/error.php?body&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/52117/info Chyrp is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input. Attacker-supplied HTML and script code would run in the context of the affected browser, potentially allowing the attacker to steal...

Xavi 7968 ADSL Router - Multiple Cross-Site Request Forgery Vulnerabilities

source: https://www.securityfocus.com/bid/52098/info Xavi 7968 ADSL Router is prone to cross-site scripting, HTML-injection and cross-site request forgery vulnerabilities. The attacker can exploit the issues to execute arbitrary script code in the context of the vulnerable site, potentially...

F*EX 2010020820111129-2 - Multiple Cross-Site Scripting Vulnerabilities

FEX 2010020820111129-2 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/52085/info FEX is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker t...

F*EX 20100208/20111129-2 - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/52085/info FEX is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to execute arbitrary script on the affected server and steal cookie-base...

JaWiki - versionNo Cross-Site Scripting

JaWiki - versionNo Cross-Site Scripting source: https://www.securityfocus.com/bid/52060/info JaWiki is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

swDesk Multiple Input Validation Vulnerabilities

swDesk is prone to the following vulnerabilities: 1. An arbitrary file-upload vulnerability. 2. Multiple cross-site scripting vulnerabilities. 3. Multiple PHP code-injection vulnerabilities. An attacker can exploit these issues to execute arbitrary script code in the context of the affected site,...

Tube Ace - q Cross-Site Scripting

Tube Ace - q Cross-Site Scripting source: https://www.securityfocus.com/bid/52046/info Tube Ace is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...