WordPress Plugin FeedList 2.61.01 - handler_image.php Cross-Site Scripting

WordPress Plugin FeedList 2.61.01 - handlerimage.php Cross-Site Scripting source: https://www.securityfocus.com/bid/44704/info The FeedList Plugin for Wordpress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage thi...

pfSense - 'pkg.php?xml' Cross-Site Scripting

source: https://www.securityfocus.com/bid/45272/info pfSense is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...

pfSense - 'status_graph.php?if' Cross-Site Scripting

source: https://www.securityfocus.com/bid/45272/info pfSense is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...

WordPress Plugin FeedList 2.61.01 - 'handler_image.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/44704/info The FeedList Plugin for Wordpress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting...

Angel Learning Management System 7.3 - pdaview.asp Cross-Site Scripting

Angel Learning Management System 7.3 - pdaview.asp Cross-Site Scripting source: https://www.securityfocus.com/bid/44689/info Angel Learning Management System is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker may leverage th...

pfSense 2 Beta 4 - graph.php Multiple Cross-Site Scripting Vulnerabilities

pfSense 2 Beta 4 - graph.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/44738/info pfSense is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to...

Webmedia Explorer 6.13.1 Cross Site Scripting

Vulnerability ID: HTB22661 Reference: http://www.htbridge.ch/advisory/storedxssvulnerabilityinwebmediaexplorer.html Product: Webmedia Explorer Vendor: Marc Salmurri http://www.webmediaexplorer.com/ Vulnerable Version: 6.13.1 and probably prior versions Vendor Notification: 19 October 2010...

XSS vulnerability in Kandidat CMS

Vulnerability ID: HTB22649 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityinkandidatcms1.html Product: Kandidat CMS Vendor: Kan-Studio http://www.kan-studio.ru/ Vulnerable Version: 1.4.2 and probably prior versions Vendor Notification: 19 October 2010 Vulnerability Type: XSS Cross Sit...

Elastix 2.0.2 - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/44565/info Elastix is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...

WordPress Plugin cformsII 11.5/13.1 - 'lib_ajax.php' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/44587/info The cformsII plugin for WordPress is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an...

CMS WebManager-Pro 7.4.3 - Cross-Site Scripting / SQL Injection

source: https://www.securityfocus.com/bid/44591/info CMS WebManager-Pro is prone to an SQL-injection vulnerability and a cross-site scripting vulnerability. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modi...

openEngine Local File Include Vulnerability

openEngine is prone to a local file-include vulnerability and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit the local file-include vulnerability using directory-traversal strings to view and execute local files within the...

eoCMS <= 0.9.04 LFI Vulnerability

eoCMS is prone to multiple input-validation vulnerabilities, including: - HTML injection - SQL injection - Multiple local file include LFI Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, exploit...

BlogBird Cross Site Scripting

========================================== Vulnerability ID: HTB22646 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityinblogbird.html Product: BlogBird Vendor: BlogBird http://www.blogbird.nl/ Vulnerable Version: Current actual version on http://www.blogbird.nl/ Vendor Notification: 13...

IBM Tivoli Access Manager for E-Business - ibmwpmrule?method Cross-Site Scripting

IBM Tivoli Access Manager for E-Business - ibmwpmrule?method Cross-Site Scripting source: https://www.securityfocus.com/bid/44382/info IBM Tivoli Access Manager for e-business is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An...

Simple Directory Listing 2.1 - SDL2.php Cross-Site Scripting

Simple Directory Listing 2.1 - SDL2.php Cross-Site Scripting source: https://www.securityfocus.com/bid/42359/info Simple Directory Listing is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute...

IBM Tivoli Access Manager for E-Business - ibmwpmgso?method Cross-Site Scripting

IBM Tivoli Access Manager for E-Business - ibmwpmgso?method Cross-Site Scripting source: https://www.securityfocus.com/bid/44382/info IBM Tivoli Access Manager for e-business is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An...

IBM Tivoli Access Manager for E-Business - ibmwpmdomain?method Cross-Site Scripting

IBM Tivoli Access Manager for E-Business - ibmwpmdomain?method Cross-Site Scripting source: https://www.securityfocus.com/bid/44382/info IBM Tivoli Access Manager for e-business is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An...

W-Agora 4.2.1 - search.php3?bn Traversal Local File Inclusion

W-Agora 4.2.1 - search.php3?bn Traversal Local File Inclusion source: https://www.securityfocus.com/bid/44370/info w-Agora is prone to a local file-include vulnerability and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit the...

Sawmill Multiple Security Vulnerabilities

Sawmill is prone to multiple security vulnerabilities, including unauthorized- access, security-bypass, and cross-site-scripting issues. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...