Joomla! Component com_mailto - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/45356/info The 'commailto' component for Joomla! is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of ...

CMScout 2.09 - Cross-Site Request Forgery

CMScout 2.09 - Cross-Site Request Forgery Vulnerability ID: HTB22719 Reference: http://www.htbridge.ch/advisory/xsrfcsrfincmscout.html Product: CMScout Vendor: CMScout Team http://www.cmscout.co.za/ Vulnerable Version: 2.09 and probably prior versions Vendor Notification: 25 November 2010...

Exponent CMS Multiple Input Validation Vulnerabilities

Exponent CMS is prone to multiple input-validation vulnerabilities because it fails to adequately sanitize user-supplied input. These vulnerabilities include local file-include, information-disclosure, arbitrary-file-upload, arbitrary-file-modify, and cross-site-scripting vulnerabilities...

WordPress Safe Search Plugin - Cross-Site Scripting Vulnerability

Safe Search "v1" parameter plugin is prone to a cross-site scripting vulnerability. It fails to properly clean up user-supplied input. An attacker may execute arbitrary script code in the browser of an user in the context of the affected site. In this way the attacker can steal cookie-based...

WordPress Plugin Twitter Feed - 'url' Cross-Site Scripting

source: https://www.securityfocus.com/bid/45294/info The Twitter Feed Plugin for WordPress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

Zimplit CMS - 'English_manual_version_2.php?client' Cross-Site Scripting

source: https://www.securityfocus.com/bid/45252/info Zimplit CMS is prone to multiple cross-site-scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in th...

DotNetNuke 5.5.1 - 'InstallWizard.aspx' Cross-Site Scripting

source: https://www.securityfocus.com/bid/45180/info DotNetNuke is prone to a cross-site-scripting vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the contex...

Contenido CMS 4.8.12 - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/45160/info Contenido CMS is prone to multiple cross-site-scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in...

BugTracker.NET 3.4.4 - SQL Injection / Cross-Site Scripting

source: https://www.securityfocus.com/bid/45121/info BugTracker.NET is prone to an SQL-injection vulnerability and a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting these vulnerabilities could allow an attacker to steal cookie-based...

Easy Banner 2009.05.18 - index.php Multiple Cross-Site Scripting Vulnerabilities

Easy Banner 2009.05.18 - index.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/45066/info Easy Banner Free is prone to multiple SQL-injection and HTML-injection vulnerabilities because it fails to sufficiently sanitize user-supplied input. An attacker m...

SimpLISTic SQL 2.0 - email.cgi Cross-Site Scripting

SimpLISTic SQL 2.0 - email.cgi Cross-Site Scripting source: https://www.securityfocus.com/bid/45040/info SimpLISTic SQL is prone to a cross-site-scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary...

ZYXEL P-660R-T1 V2 - 'HomeCurrent_Date' Cross-Site Scripting

source: https://www.securityfocus.com/bid/45027/info ZyXEL P-660R-T1 V2 is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary HTML and script code in the browser of an unsuspecting us...

WonderCMS 'page' Parameter Cross Site Scripting And Information Disclosure Vulnerabilities

WonderCMS is prone to a cross-site scripting vulnerability and an information- disclosure vulnerability because it fails to properly sanitize user- supplied input. An attacker may leverage these issues to obtain potentially sensitive information and to execute arbitrary script code in the browser...

CompactCMS 1.4.1 - Multiple Cross-Site Scripting Vulnerabilities (1)

source: https://www.securityfocus.com/bid/44949/info CompactCMS is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. Attacker-supplied script code would execute in the context of the affected site, potentially allowing the attack...

Eclipse 3.6.1 - Help Server helpindex.jsp Cross-Site Scripting

Eclipse 3.6.1 - Help Server helpindex.jsp Cross-Site Scripting source: https://www.securityfocus.com/bid/44883/info Eclipse IDE Help component is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues...

Eclipse 3.6.1 - Help Server helpadvancedcontent.jsp Cross-Site Scripting

Eclipse 3.6.1 - Help Server helpadvancedcontent.jsp Cross-Site Scripting source: https://www.securityfocus.com/bid/44883/info Eclipse IDE Help component is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage...

DServe - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/44881/info DServe is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...

IBM OmniFind - 'command' Cross-Site Scripting

source: https://www.securityfocus.com/bid/44940/info IBM OmniFind is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the conte...

Ricoh Web Image Monitor 2.03 - Cross-Site Scripting

source: https://www.securityfocus.com/bid/44772/info Ricoh web image monitor is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in t...

pfSense - pkg_edit.php?id Cross-Site Scripting

pfSense - pkgedit.php?id Cross-Site Scripting source: https://www.securityfocus.com/bid/45272/info pfSense is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in...