4774 matches found
EasyPublish CMS 23.04.2010 - URI Cross-Site Scripting
source: https://www.securityfocus.com/bid/40037/info EasyPublish CMS is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...
WordPress Plugin Cimy Counter 0.9.4 - HTTP Response Splitting Cross-Site Scripting
WordPress Plugin Cimy Counter 0.9.4 - HTTP Response Splitting Cross-Site Scripting source: https://www.securityfocus.com/bid/41132/info Cimy Counter for WordPress is prone to an HTTP response-splitting vulnerability and a cross-site scripting vulnerability because it fails to properly sanitize...
VMware View 3.1.x - URL Processing Cross-Site Scripting
source: https://www.securityfocus.com/bid/39949/info VMware View is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the contex...
Acuity CMS 2.6.2 Cross Site Scripting
Vulnerability ID: HTB22352 Reference: http://www.htbridge.ch/advisory/xssinacuitycms.html Product: Acuity CMS asp version Vendor: The Collective Vulnerable Version: 2.6.2 ASP and Probably Prior Versions Vendor Notification: 19 April 2010 Vulnerability Type: XSS Cross Site Scripting Status: Not...
osCommerce Local File Include and HTML Injection Vulnerabilities
osCommerce is prone to a local file-include vulnerability and an HTML- injection vulnerability because it fails to properly sanitize user- supplied input. An attacker can exploit the local file-include vulnerability using directory- traversal strings to execute local files within the context of t...
Mango Blog 1.4.1 - '/archives.cfm/search' Cross-Site Scripting
source: https://www.securityfocus.com/bid/39864/info Mango Blog is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of...
Apache ActiveMQ 'admin/queueBrowse' Cross Site Scripting Vulnerability
Apache ActiveMQ is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
Microsoft SharePoint Server 2007 - Cross-Site Scripting
Microsoft SharePoint Server 2007 - Cross-Site Scripting Vulnerability ID: HTB22350 Reference: http://www.htbridge.ch/advisory/xssinmicrosoftsharepointserver2007.html http://www.microsoft.com/technet/security/advisory/983438.mspx Product: Microsoft SharePoint Server 2007 Vendor: Microsoft...
Apache ActiveMQ 5.3 - 'admin/queueBrowse' Cross-Site Scripting
source: https://www.securityfocus.com/bid/39771/info Apache ActiveMQ is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the conte...
Apache ActiveMQ 5.3 - adminqueueBrowse Cross-Site Scripting
Apache ActiveMQ 5.3 - adminqueueBrowse Cross-Site Scripting source: https://www.securityfocus.com/bid/39771/info Apache ActiveMQ is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary...
SmartBlog 1.3 - SQL Injection Cross-Site Scripting
SmartBlog 1.3 - SQL Injection Cross-Site Scripting source: https://www.securityfocus.com/bid/39756/info SmartBlog is prone to an SQL-injection vulnerability and a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting these vulnerabilities coul...
ProArcadeScript - 'search.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/39749/info ProArcadeScript is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the conte...
Kasseler CMS 2.0.5 - index.php Cross-Site Scripting
Kasseler CMS 2.0.5 - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/39703/info Kasseler CMS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in...
Kasseler CMS 2.0.5 - 'index.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/39703/info Kasseler CMS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context ...
PowerEasy 2006 - ComeUrl Cross-Site Scripting
PowerEasy 2006 - ComeUrl Cross-Site Scripting source: https://www.securityfocus.com/bid/39696/info PowerEasy is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the...
vBulletin Two-Step External Link Module - 'externalredirect.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/39597/info Two-Step External Link module for vBulletin is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...
Ziggurat Farsi CMS - id Cross-Site Scripting
Ziggurat Farsi CMS - id Cross-Site Scripting source: https://www.securityfocus.com/bid/39311/info Ziggurat Farsi CMS is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code ...
Ziggurat Farsi CMS - 'id' Cross-Site Scripting
source: https://www.securityfocus.com/bid/39311/info Ziggurat Farsi CMS is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...
Axon Virtual PBX 2.13 Multiple Remote Vulnerabilities
NCH Software Axon virtual PBX is prone to multiple remote vulnerabilities, including: - A cross-site scripting vulnerability. - A cross-site request forgery vulnerability. - An arbitrary file deletion vulnerability. - A directory traversal vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG...
Blog System 1.x - Multiple Input Validation Vulnerabilities
source: https://www.securityfocus.com/bid/39406/info Blog System is prone to multiple input-validation vulnerabilities because it fails to adequately sanitize user-supplied input. These vulnerabilities include local file-include, SQL-injection, and cross-site-scripting issues. Exploiting these...