6KBBS 8.0 build 20101201 - Cross-Site Scripting / Information Disclosure

source: https://www.securityfocus.com/bid/50050/info 6KBBS is prone to multiple cross-site scripting and information-disclosure vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to obtain potentially sensitive information and to execu...

Phorum 5.2.18 - adminindex.php Cross-Site Scripting

Phorum 5.2.18 - adminindex.php Cross-Site Scripting source: https://www.securityfocus.com/bid/49920/info Phorum is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...

Phorum 5.2.18 - '/admin/index.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/49920/info Phorum is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the...

WordPress Theme Morning Coffee 3.5 - 'index.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/49878/info The Morning Coffee theme for WordPress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

WordPress Theme EvoLve 1.2.5 - 's' Cross-Site Scripting

source: https://www.securityfocus.com/bid/49872/info The EvoLve theme for WordPress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting us...

Bitweaver 2.8.1 - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/49864/info Bitweaver is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...

Traq 2.2 - Multiple SQL Injections Cross-Site Scripting

Traq 2.2 - Multiple SQL Injections Cross-Site Scripting source: https://www.securityfocus.com/bid/49835/info Traq is prone to multiple SQL-injection and cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. Exploiting these vulnerabilities could allow...

WordPress Regular Subscriber Plugin 3.1.x - HTML Injection Vulnerability

WordPress Regular Subscriber plugin is prone to an HTML-injection vulnerability because of failure to sufficiently clean up user-supplied input. It allows an attacker to execute arbitrary script code in the browser in the context of the affected websites. In this way an attacker can steal...

WordPress BuddyPress Plugin 1.2.10 - HTML Injection Vulnerability

BuddyPress plugin is prone to an HTML-injection vulnerability because of failure to sufficiently clean up user-supplied input. It allows an attacker to execute arbitrary script code in the browser in the context of the affected websites. In this way an attacker can steal cookie-based authenticati...

AdaptCMS 2.0.1 - Cross-Site Scripting Information Disclosure

AdaptCMS 2.0.1 - Cross-Site Scripting Information Disclosure source: https://www.securityfocus.com/bid/49769/info AdaptCMS is prone to multiple cross-site scripting vulnerabilities and an information disclosure vulnerability because it fails to properly sanitize user-supplied input. An attacker m...

AdaptCMS 2.0.1 - Cross-Site Scripting / Information Disclosure

source: https://www.securityfocus.com/bid/49769/info AdaptCMS is prone to multiple cross-site scripting vulnerabilities and an information disclosure vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to obtain potentially sensitive...

WordPress Theme Trending 0.1 - cpage Cross-Site Scripting

WordPress Theme Trending 0.1 - cpage Cross-Site Scripting source: https://www.securityfocus.com/bid/49896/info The Trending theme for WordPress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execut...

WordPress Theme Hybrid 0.9 - cpage Cross-Site Scripting

WordPress Theme Hybrid 0.9 - cpage Cross-Site Scripting source: https://www.securityfocus.com/bid/49866/info The Hybrid theme for WordPress is prone to a cross-site-scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute...

WordPress Theme F8 Lite 4.2.1 - s Cross-Site Scripting

WordPress Theme F8 Lite 4.2.1 - s Cross-Site Scripting source: https://www.securityfocus.com/bid/49867/info The F8 Lite theme for WordPress is prone to a cross-site-scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute...

WordPress Theme Web Minimalist 1.1 - 'index.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/49874/info The Web Minimalist theme for WordPress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

TWiki 5.0.2 SlideShowPlugin - Slide Show Pages URI Cross-Site Scripting

TWiki 5.0.2 SlideShowPlugin - Slide Show Pages URI Cross-Site Scripting source: https://www.securityfocus.com/bid/49746/info TWiki is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execu...

AWStats 6.95/7.0 - 'awredir.pl' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/49749/info AWStats is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting...

i-Gallery 3.4 - d Cross-Site Scripting

i-Gallery 3.4 - d Cross-Site Scripting source: https://www.securityfocus.com/bid/49712/info i-Gallery is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker could leverage this issue to execute arbitrary script code in the browser o...

i-Gallery 3.4 - 'd' Cross-Site Scripting

source: https://www.securityfocus.com/bid/49712/info i-Gallery is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker could leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context o...

CVE-2011-2925

Cumin in Red Hat Enterprise Messaging, Realtime, and Grid MRG 2.0 records broker authentication credentials in a log file, which allows local users to bypass authentication and perform unauthorized actions on jobs and message queues via a direct connection to the broker...