11in1 Cross Site Request Forgery and Local File Include Vulnerabilities

11in1 is prone to a cross-site request-forgery and a local file include vulnerability. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, steal cookie-based authentication credentials, and open or run...

Tube Ace - 'q' Cross-Site Scripting

source: https://www.securityfocus.com/bid/52046/info Tube Ace is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of t...

Zimbra - view Cross-Site Scripting

Zimbra - view Cross-Site Scripting source: https://www.securityfocus.com/bid/51974/info Zimbra is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

Powie pFile 1.02 - '/pfile/kommentar.php?filecat' Cross-Site Scripting

source: https://www.securityfocus.com/bid/51982/info pfile is prone to a cross-site scripting vulnerability and an SQL-injection vulnerability because it fails to properly sanitize user-supplied input. Exploiting these issues could allow an attacker to steal cookie-based authentication credential...

Zimbra - 'view' Cross-Site Scripting

source: https://www.securityfocus.com/bid/51974/info Zimbra is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of...

Low: Red Hat Security Advisory: jbosscache security update

An update for JBoss Enterprise Application Platform 5.1.2 that fixes one security issue is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a...

LxCenter Kloxo 6.1.10 - Multiple HTML Injection Vulnerabilities

LxCenter Kloxo 6.1.10 - Multiple HTML Injection Vulnerabilities source: https://www.securityfocus.com/bid/51964/info LxCenter Kloxo is prone to multiple HTML-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute...

RabbitWiki - title Cross-Site Scripting

RabbitWiki - title Cross-Site Scripting source: https://www.securityfocus.com/bid/51971/info RabbitWiki is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browse...

ProWiki - 'id' Cross-Site Scripting

source: https://www.securityfocus.com/bid/51987/info ProWiki is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of...

LxCenter Kloxo 6.1.10 - Multiple HTML Injection Vulnerabilities

source: https://www.securityfocus.com/bid/51964/info LxCenter Kloxo is prone to multiple HTML-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in th...

ManageEngine ADManager Plus 5.2 Build 5210 - 'Operation' Cross-Site Scripting

source: https://www.securityfocus.com/bid/51893/info ManageEngine ADManager Plus is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an...

Low: Red Hat Security Advisory: Red Hat Network Proxy spacewalk-backend security and bug fix update

Updated spacewalk-backend packages that fix one security issue are now available for Red Hat Network Proxy 5.4. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

project-open 3.4.x - account-closed.tcl Cross-Site Scripting

project-open 3.4.x - account-closed.tcl Cross-Site Scripting source: https://www.securityfocus.com/bid/51842/info project-open is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary...

project-open 3.4.x - 'account-closed.tcl' Cross-Site Scripting

source: https://www.securityfocus.com/bid/51842/info project-open is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the conte...

Joomla! Component Currency Converter 1.0.0 - from Cross-Site Scripting

Joomla! Component Currency Converter 1.0.0 - from Cross-Site Scripting source: https://www.securityfocus.com/bid/51804/info The Currency Converter component for Joomla! is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may...

GForge 5.7.1 - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/51799/info GForge is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to execute arbitrary script on the affected server and steal...

iknSupport 'search' Module - Cross-Site Scripting

source: https://www.securityfocus.com/bid/51803/info iknSupport is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of...

WordPress Plugin Slideshow Gallery 1.1.x - border Cross-Site Scripting

WordPress Plugin Slideshow Gallery 1.1.x - border Cross-Site Scripting source: https://www.securityfocus.com/bid/51678/info Slideshow Gallery for WordPress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this iss...

WordPress Plugin Slideshow Gallery 1.1.x - 'border' Cross-Site Scripting

source: https://www.securityfocus.com/bid/51678/info Slideshow Gallery for WordPress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting...

WordPress Plugin YouSayToo auto-publishing 1.0 - submit Cross-Site Scripting

WordPress Plugin YouSayToo auto-publishing 1.0 - submit Cross-Site Scripting source: https://www.securityfocus.com/bid/51649/info YouSayToo auto-publishing for WordPress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may...