4774 matches found
HTB22890: XSS in Rating-Widget wordpress plugin
Vulnerability ID: HTB22890 Reference: http://www.htbridge.ch/advisory/xssinratingwidgetwordpressplugin1.html Product: Rating-Widget wordpress plugin Vendor: Vova Feldman http://rating-widget.com/ Vulnerable Version: 1.3.1 Vendor Notification: 03 March 2011 Vulnerability Type: XSS Cross Site...
LotusCMS 3.0.3 - Multiple Vulnerabilities
Vulnerability ID: HTB22886 Reference: http://www.htbridge.ch/advisory/xsrfcsrfinlotuscms.html Product: LotusCMS Vendor: Arboroia Network http://www.lotuscms.org/ Vulnerable Version: 3.0.3 and probably prior versions Vendor Notification: 01 March 2011 Vulnerability Type: CSRF Cross-Site Request...
HP Power Manager Unspecified Cross Site Scripting Vulnerability
The HP Power Manager is prone to an unspecified cross-site scripting vulnerability because it fails to properly sanitize user- supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may...
Nagios 'layer' Parameter XSS Vulnerabilities
Nagios is prone to a cross-site scripting XSS vulnerability because it fails to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
Wikiwig 5.01 - Cross-Site Scripting HTML Injection
Wikiwig 5.01 - Cross-Site Scripting HTML Injection source: https://www.securityfocus.com/bid/46888/info Wikiwig is prone to a cross-site scripting vulnerability and an HTML-injection vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated...
WordPress Plugin Lazyest Gallery 1.0.26 - image Cross-Site Scripting
WordPress Plugin Lazyest Gallery 1.0.26 - image Cross-Site Scripting source: https://www.securityfocus.com/bid/46823/info The Lazyest Gallery WordPress Plugin is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this...
HTB22880: XSS vulnerability in CosmoShop
Vulnerability ID: HTB22880 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityincosmoshop1.html Product: CosmoShop Vendor: Zaunz Publishing GmbH http://www.cosmoshop.de/ Vulnerable Version: ePRO V10.05.00 Vendor Notification: 24 February 2011 Vulnerability Type: Stored XSS Cross Site...
HTB22878: XSS vulnerability in CosmoShop
Vulnerability ID: HTB22878 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityincosmoshop.html Product: CosmoShop Vendor: Zaunz Publishing GmbH http://www.cosmoshop.de/ Vulnerable Version: ePRO V10.05.00 Vendor Notification: 24 February 2011 Vulnerability Type: Stored XSS Cross Site...
Cosmoshop 10.05.00 - Multiple Cross-Site Scripting / SQL Injections
source: https://www.securityfocus.com/bid/46828/info CosmoShop is prone to multiple cross-site scripting vulnerabilities and an SQL-injection vulnerability because the application fails to sufficiently sanitize user-supplied input. Exploiting these issues could allow an attacker to steal...
PhotoSmash 1.0.1 Cross Site Scripting
Vulnerability ID: HTB22867 Reference: http://www.htbridge.ch/advisory/xssinphotosmashwordpressplugin.html Product: PhotoSmash wordpress plugin Vendor: Byron Bennett http://smashly.net/ Vulnerable Version: 1.0.1 Vendor Notification: 22 February 2011 Vulnerability Type: XSS Cross Site Scripting...
WordPress Plugin 1 Flash Gallery 0.2.5 - Cross-Site Scripting / SQL Injection
source: https://www.securityfocus.com/bid/46783/info 1 Flash Gallery is prone to an SQL-injection vulnerability and a cross-site scripting vulnerability. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify...
Ruubikcms 1.0.3 - 'head.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/46794/info RuubikCMS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage this issue to execute arbitrary script code in the...
WordPress Plugin PhotoSmash Galleries 1.0.x - 'action' Cross-Site Scripting
source: https://www.securityfocus.com/bid/46782/info The PhotoSmash Galleries WordPress Plugin is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...
Kodak InSite 5.5.2 - TroubleshootingDiagnosticReport.asp?HeaderWarning Cross-Site Scripting
Kodak InSite 5.5.2 - TroubleshootingDiagnosticReport.asp?HeaderWarning Cross-Site Scripting source: https://www.securityfocus.com/bid/46762/info Kodak InSite is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may levera...
Kodak InSite 5.5.2 - Pageslogin.aspx?Language Cross-Site Scripting
Kodak InSite 5.5.2 - Pageslogin.aspx?Language Cross-Site Scripting source: https://www.securityfocus.com/bid/46762/info Kodak InSite is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execut...
Kodak InSite 5.5.2 - '/Troubleshooting/DiagnosticReport.asp?HeaderWarning' Cross-Site Scripting
source: https://www.securityfocus.com/bid/46762/info Kodak InSite is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in t...
phpWebSite 'local' Parameter Cross Site Scripting Vulnerability
phpWebSite is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to...
Lms Web Ensino - Multiple Input Validation Vulnerabilities
Lms Web Ensino - Multiple Input Validation Vulnerabilities source: https://www.securityfocus.com/bid/46829/info LMS Web Ensino is prone to the following input-validation vulnerabilities: 1. Multiple cross-site scripting vulnerabilities 2. An SQL-injection vulnerability 3. A cross-site...
Support Incident Tracker (SiT!) 3.62 - Multiple Cross-Site Scripting Vulnerabilities
Support Incident Tracker SiT! 3.62 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/46671/info Support Incident Tracker SiT! is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker ma...
xtcModified 1.05 - Multiple HTML Injection Cross-Site Scripting Vulnerabilities
xtcModified 1.05 - Multiple HTML Injection Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/46681/info xtcModified is prone to multiple cross-site scripting and HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input. Successful...