4774 matches found
XSS vulnerability in Amethyst
Vulnerability ID: HTB22501 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityinamethyst1.html Product: Amethyst Vendor: Hulihan Applications http://hulihanapplications.com/projects/amethyst Vulnerable Version: 0.1.5 and Probably Prior Versions Vendor Notification: 22 July 2010...
Dataface 1.0 - 'admin.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/42282/info Dataface is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of t...
Prado Portal 1.2 - 'page' Cross-Site Scripting
source: https://www.securityfocus.com/bid/42276/info Prado Portal is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context ...
Open Blog v1.2.1 CSRF Vulnerability
Exploit for php platform in category web applications =================================== Open Blog v1.2.1 CSRF Vulnerability =================================== Vulnerability ID: HTB22496 Reference: http://www.htbridge.ch/advisory/xsrfcsrfinopenblog.html Product: Open Blog Vendor: Toma?? Muraus...
DiamondList - usermainupdate_category?category[description] Cross-Site Scripting
DiamondList - usermainupdatecategory?categorydescription Cross-Site Scripting source: https://www.securityfocus.com/bid/42252/info DiamondList is prone to a cross-site scripting vulnerability and an HTML-injection vulnerability because it fails to properly sanitize user-supplied input before usin...
Muraus Open Blog - Multiple HTML Injection Vulnerabilities
Muraus Open Blog - Multiple HTML Injection Vulnerabilities source: https://www.securityfocus.com/bid/42255/info Tomaž Muraus Open Blog is prone to multiple HTML-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in dynamically generat...
Hulihan Applications Amethyst 0.1.5 - Multiple HTML Injection Vulnerabilities
source: https://www.securityfocus.com/bid/42253/info Hulihan Applications Amethyst is prone to multiple HTML-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code...
DiamondList - '/user/main/update_settings?setting[site_title]' Cross-Site Scripting
source: https://www.securityfocus.com/bid/42252/info DiamondList is prone to a cross-site scripting vulnerability and an HTML-injection vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. Successful exploits will allow...
DiamondList - '/user/main/update_category?category[description]' Cross-Site Scripting
source: https://www.securityfocus.com/bid/42252/info DiamondList is prone to a cross-site scripting vulnerability and an HTML-injection vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. Successful exploits will allow...
Team Johnlong RaidenTunes 2.1.1 Remote Cross-Site Scripting Vulnerability
Summary RaidenTunes is a Web server based + application software that allows You to setup an online music server quickly. It can scan the music folders in Your PC and organize them into a database, allowing users to connect to this server and browser/search and listen to the music easily...
Sourcefabric Campsite - Multiple Cross-Site Scripting Vulnerabilities
Sourcefabric Campsite - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/42107/info Sourcefabric Campsite is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issu...
SPIP 2.1 - 'var_login' Cross-Site Scripting
source: https://www.securityfocus.com/bid/42060/info SPIP is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the...
Impact Software AdPeeps - Cross-Site Scripting HTML Injection
Impact Software AdPeeps - Cross-Site Scripting HTML Injection source: https://www.securityfocus.com/bid/42071/info Impact Software Ad Peeps is prone to multiple cross-site scripting vulnerabilities and multiple HTML-injection vulnerabilities because it fails to properly sanitize user-supplied inp...
Impact Software AdPeeps - Cross-Site Scripting / HTML Injection
source: https://www.securityfocus.com/bid/42071/info Impact Software Ad Peeps is prone to multiple cross-site scripting vulnerabilities and multiple HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content...
Joomla! Component FreiChat 1.0/2.x - HTML Injection
source: https://www.securityfocus.com/bid/41961/info Joomla! FreiChat component is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. Successful exploits will allow attacker-supplied HTML and script...
Pligg 'search.php' Cross Site Scripting Vulnerability
Pligg is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
Gekko Web Builder 0.90 ALPHA Cross Site Scripting
Vulnerability ID: HTB22474 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityingekkowebbuilder.html Product: Gekko Web Builder Vendor: Baby Gekko IT Consulting http://www.babygekko.com/ Vulnerable Version: v0.90 ALPHA and Probably Prior Versions Vendor Notification: 01 July 2010...
Pligg 'search.php' Cross Site Scripting Vulnerability
Pligg is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal...
XSS vulnerability in WebPress
Vulnerability ID: HTB22478 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityinwebpress.html Product: WebPress Vendor: YWP http://www.goywp.com/ Vulnerable Version: Current at 01.07.2010 and Probably Prior Versions Vendor Notification: 01 July 2010 Vulnerability Type: XSS Cross Site...
XSS vulnerability in WebPress
Vulnerability ID: HTB22480 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityinwebpress2.html Product: WebPress Vendor: YWP http://www.goywp.com/ Vulnerable Version: Current at 01.07.2010 and Probably Prior Versions Vendor Notification: 01 July 2010 Vulnerability Type: XSS Cross Site...