Lantern CMS - 11-login.asp Cross-Site Scripting

Lantern CMS - 11-login.asp Cross-Site Scripting source: https://www.securityfocus.com/bid/43865/info Lantern CMS is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in...

Backbone Technology Expression 18.9.2010 - Cross-Site Scripting

source: https://www.securityfocus.com/bid/43910/info Backbone Technology Expression is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage these issues to execut...

SurgeMail SurgeWeb Cross Site Scripting Vulnerability

SurgeMail is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to...

Elxis 2009.2 rev2631 - SQL Injection

Elxis 2009.2 rev2631 - SQL Injection source: https://www.securityfocus.com/bid/43743/info Elxis is prone to an SQL-injection vulnerability and multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. Exploiting these vulnerabilities could allow ...

Elxis 2009.2 rev2631 - SQL Injection

source: https://www.securityfocus.com/bid/43743/info Elxis is prone to an SQL-injection vulnerability and multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. Exploiting these vulnerabilities could allow an attacker to steal cookie-based...

Surgemail SurgeWeb 4.3e - Cross-Site Scripting

Surgemail SurgeWeb 4.3e - Cross-Site Scripting source: https://www.securityfocus.com/bid/43679/info SurgeMail is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...

Zen Cart Multiple Input Validation Vulnerabilities

Zen Cart is prone to multiple input-validation vulnerabilities because it fails to adequately sanitize user-supplied input. These vulnerabilities include local file-include, SQL-injection, and HTML- injection issues. Exploiting these issues can allow attacker-supplied HTML and script code to run ...

Surgemail SurgeWeb 4.3e - Cross-Site Scripting

source: https://www.securityfocus.com/bid/43679/info SurgeMail is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context...

Docebo 3.6 - 'description' Cross-Site Scripting

source: https://www.securityfocus.com/bid/43721/info Docebo is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of...

Tiki Wiki CMS Groupware 5.2 - Multiple Vulnerabilities

source: https://www.securityfocus.com/bid/43507/info Tiki Wiki CMS Groupware is prone to a local file-include vulnerability and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit the local file-include vulnerability using...

MODX <= 2.0.2 Multiple Vulnerabilities - Active Check

MODX is prone to a local file include LFI vulnerability and a cross-site scripting XSS vulnerability because it fails to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

Flock Browser Malformed Bookmark Cross site scripting Vulnerability

This host is installed with Flock browser and is prone to cross site scripting vulnerability. OpenVAS Vulnerability Test $Id: secpodflockxsswin.nasl 5394 2017-02-22 09:22:42Z teissa $ Flock Browser Malformed Bookmark Cross site scripting Vulnerability Authors: Madhuri D Copyright: Copyright c 201...

Pluck CMS 4.6.3 - cont1 HTML Injection

Pluck CMS 4.6.3 - cont1 HTML Injection source: https://www.securityfocus.com/bid/43597/info Pluck is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. Successful exploits will allow attacker-supplie...

Getsimple CMS 2.01 - &#039;changedata.php&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/43593/info GetSimple CMS is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...

Flock Browser Malformed Bookmark Cross site scripting Vulnerability

Flock browser is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Micro CMS 1.0 - name HTML Injection (1)

Micro CMS 1.0 - name HTML Injection 1 source: https://www.securityfocus.com/bid/43556/info Micro CMS is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. Successful exploits will allow...

PHPMyFAQ 2.6.x - index.php Cross-Site Scripting

PHPMyFAQ 2.6.x - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/43560/info phpMyFAQ is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...

PHPMyFAQ 2.6.x - &#039;index.php&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/43560/info phpMyFAQ is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of t...

Micro CMS 1.0 - &#039;name&#039; HTML Injection (1)

source: https://www.securityfocus.com/bid/43556/info Micro CMS is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. Successful exploits will allow attacker-supplied HTML and script code to run in th...

Horde IMP Webmail 4.3.7 - &#039;fetchmailprefs.php&#039; HTML Injection

source: https://www.securityfocus.com/bid/43515/info Horde IMP Webmail is prone to an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied data before it is used in dynamic content. Attacker-supplied HTML or JavaScript code could run in the context of the affected...