PivotX 2.2 - pivotxincludesblogroll.php?color Cross-Site Scripting

PivotX 2.2 - pivotxincludesblogroll.php?color Cross-Site Scripting source: https://www.securityfocus.com/bid/45996/info PivotX is prone to multiple cross-site-scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute...

WordPress Plugin Featured Content 0.0.1 - listid Cross-Site Scripting

WordPress Plugin Featured Content 0.0.1 - listid Cross-Site Scripting source: https://www.securityfocus.com/bid/46001/info The Featured Content plugin for WordPress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage...

PivotX 2.2 - '/pivotx/includes/blogroll.php?color' Cross-Site Scripting

source: https://www.securityfocus.com/bid/45996/info PivotX is prone to multiple cross-site-scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...

WordPress Plugin Feature Slideshow 1.0.6 - src Cross-Site Scripting

WordPress Plugin Feature Slideshow 1.0.6 - src Cross-Site Scripting source: https://www.securityfocus.com/bid/46004/info The Feature Slideshow Plugin for WordPress is prone to a cross-site-scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage...

WordPress Plugin Powerhouse Museum Collection Image Grid 0.9.1.1 - tbpv_username Cross-Site Scripting

WordPress Plugin Powerhouse Museum Collection Image Grid 0.9.1.1 - tbpvusername Cross-Site Scripting source: https://www.securityfocus.com/bid/46006/info The Powerhouse Museum Collection Image Grid Plugin for WordPress is prone to a cross-site-scripting vulnerability because it fails to properly...

WordPress Plugin Uploader 1.0 - num Cross-Site Scripting

WordPress Plugin Uploader 1.0 - num Cross-Site Scripting source: https://www.securityfocus.com/bid/45984/info The Uploader Plugin for WordPress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execut...

WordPress Plugin oQey-Gallery 0.2 - 'tbpv_domain' Cross-Site Scripting

source: https://www.securityfocus.com/bid/46007/info The oQey-Gallery plugin for WordPress is prone to a cross-site-scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

WordPress Plugin RSS Feed Reader 0.1 - rss_url Cross-Site Scripting

WordPress Plugin RSS Feed Reader 0.1 - rssurl Cross-Site Scripting source: https://www.securityfocus.com/bid/45997/info The RSS Feed Reader WordPress Plugin is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this...

WordPress Plugin WP Featured Post with Thumbnail 3.0 - src Cross-Site Scripting

WordPress Plugin WP Featured Post with Thumbnail 3.0 - src Cross-Site Scripting source: https://www.securityfocus.com/bid/45998/info The WP Featured Post with Thumbnail Plugin for WordPress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input...

WordPress Plugin RSS Feed Reader 0.1 - 'rss_url' Cross-Site Scripting

source: https://www.securityfocus.com/bid/45997/info The RSS Feed Reader WordPress Plugin is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

WordPress Plugin Audio 0.5.1 - 'showfile' Cross-Site Scripting

source: https://www.securityfocus.com/bid/45991/info The Audio plugin for WordPress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting us...

CompactCMS 1.4.1 - Multiple Cross-Site Scripting Vulnerabilities (2)

CompactCMS 1.4.1 - Multiple Cross-Site Scripting Vulnerabilities 2 source: https://www.securityfocus.com/bid/45819/info CompactCMS is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. Attacker-supplied script code may be executed...

CompactCMS 1.4.1 - Multiple Cross-Site Scripting Vulnerabilities (2)

source: https://www.securityfocus.com/bid/45819/info CompactCMS is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. Attacker-supplied script code may be executed in the context of the affected site, potentially allowing the...

Joostina 1.3 - 'index.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/45732/info Joostina is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of t...

XSRF (CSRF) in PHP MicroCMS

Vulnerability ID: HTB22765 Reference: http://www.htbridge.ch/advisory/xsrfcsrfinphpmicrocms.html Product: PHP MicroCMS Vendor: ApPHP http://www.apphp.com/ Vulnerable Version: 1.0.1 and probably prior versions Vendor Notification: 21 December 2010 Vulnerability Type: CSRF Cross-Site Request Forger...

OpenEMR <= 3.2.0 Multiple Input Validation Vulnerabilities

OpenEMR is prone to SQL injection SQLi, HTML injection, and cross-site scripting XSS vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

Joomla! 1.0.x - ordering Cross-Site Scripting

Joomla! 1.0.x - ordering Cross-Site Scripting source: https://www.securityfocus.com/bid/45679/info The Joomla! Search component is prone to a cross-site-scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute...

Lexmark X651de - Printer Ready Message Value HTML Injection

Lexmark X651de - Printer Ready Message Value HTML Injection source: https://www.securityfocus.com/bid/45688/info Lexmark Printer X651de is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. Successfu...

Appweb Web Server Cross Site Scripting Vulnerability

Appweb is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal...

Coppermine Photo Gallery 1.5.10 - &#039;searchnew.php&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/45600/info Coppermine Photo Gallery is prone to multiple cross-site-scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecti...