PacketVideo Twonky Server 4.4.17/5.0.65 - Cross-Site Scripting / HTML Injection

source: https://www.securityfocus.com/bid/41929/info Twonky Server is prone to a cross-site scripting vulnerability and multiple HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and...

PacketVideo Twonky Server 4.4.175.0.65 - Cross-Site Scripting HTML Injection

PacketVideo Twonky Server 4.4.175.0.65 - Cross-Site Scripting HTML Injection source: https://www.securityfocus.com/bid/41929/info Twonky Server is prone to a cross-site scripting vulnerability and multiple HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input...

TFTgallery 0.13 - 'album' Cross-Site Scripting

source: https://www.securityfocus.com/bid/36833/info TFTgallery is prone to a cross-site scripting vulnerability because the application fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user ...

OpenDocMan 1.2.5 - 'index.php?last_message' Cross-Site Scripting

source: https://www.securityfocus.com/bid/36777/info OpenDocMan is prone to an SQL-injection vulnerability and multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to steal cookie-based...

OpenDocMan 1.2.5 - 'user.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/36777/info OpenDocMan is prone to an SQL-injection vulnerability and multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to steal cookie-based...

OpenDocMan 1.2.5 - 'category.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/36777/info OpenDocMan is prone to an SQL-injection vulnerability and multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to steal cookie-based...

OpenDocMan 1.2.5 - view_file.php Cross-Site Scripting

OpenDocMan 1.2.5 - viewfile.php Cross-Site Scripting source: https://www.securityfocus.com/bid/36777/info OpenDocMan is prone to an SQL-injection vulnerability and multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues...

OpenDocMan 1.2.5 - profile.php Cross-Site Scripting

OpenDocMan 1.2.5 - profile.php Cross-Site Scripting source: https://www.securityfocus.com/bid/36777/info OpenDocMan is prone to an SQL-injection vulnerability and multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues...

OpenDocMan 1.2.5 - toBePublished.php Multiple Cross-Site Scripting Vulnerabilities

OpenDocMan 1.2.5 - toBePublished.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/36777/info OpenDocMan is prone to an SQL-injection vulnerability and multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied...

Snitz Forums 2000 Cross Site Scripting and HTML Injection Vulnerabilities

Snitz Forums 2000 is prone to a cross-site scripting vulnerability and an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied data. Attacker-supplied HTML or JavaScript code could run in the context of the affected site, potentially allowing the attacker to steal...

Amiro.CMS 5.4 - Multiple Input Validation Vulnerabilities

source: https://www.securityfocus.com/bid/42430/info Amiro.CMS is prone to multiple input-validation vulnerabilities including multiple cross-site scripting issues, an HTML-injection issue, and an information-disclosure issue. An attacker may leverage the issues to execute arbitrary script code i...

TBmnetCMS 1.0 - Cross-Site Scripting

TBmnetCMS 1.0 - Cross-Site Scripting source: https://www.securityfocus.com/bid/36733/info TBmnetCMS is prone to a cross-site scripting vulnerability because the application fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in...

Skybluecanvas 1.1 r237 - 'admin.php' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/44225/info SkyBlueCanvas is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in...

Snitz Forums 2000 3.4.7 - 'pop_send_to_friend.asp?url' Cross-Site Scripting

source: https://www.securityfocus.com/bid/36710/info Snitz Forums 2000 is prone to a cross-site scripting vulnerability and an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied data. Attacker-supplied HTML or JavaScript code could run in the context of the...

IBM Rational RequisitePro 7.10 - ReqWeb Help Feature ReqWebHelpadvancedworkingSet.jsp?Operation Cross-Site Scripting

IBM Rational RequisitePro 7.10 - ReqWeb Help Feature ReqWebHelpadvancedworkingSet.jsp?Operation Cross-Site Scripting source: https://www.securityfocus.com/bid/36721/info IBM Rational RequisitePro is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize...

Skybluecanvas 1.1 r237 - admin.php Multiple Cross-Site Scripting Vulnerabilities

Skybluecanvas 1.1 r237 - admin.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/44225/info SkyBlueCanvas is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these...

Snitz Forums 2000 3.4.7 - Sound Tag Onload Attribute Cross-Site Scripting

Snitz Forums 2000 3.4.7 - Sound Tag Onload Attribute Cross-Site Scripting source: https://www.securityfocus.com/bid/36710/info Snitz Forums 2000 is prone to a cross-site scripting vulnerability and an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied data...

Pentaho BI 1.x - Multiple Cross-Site Scripting / Information Disclosure Vulnerabilities

source: https://www.securityfocus.com/bid/36672/info Pentaho BI is prone to multiple cross-site scripting and information-disclosure vulnerabilities because it fails to properly validate user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of ...

Zainu 1.0 - 'searchSongKeyword' Cross-Site Scripting

source: https://www.securityfocus.com/bid/36701/info Zainu is prone to a cross-site scripting vulnerability in the Contact module because the application fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

FreeSchool - key_words Cross-Site Scripting

FreeSchool - keywords Cross-Site Scripting source: https://www.securityfocus.com/bid/42513/info FreeSchool is prone to a cross-site scripting vulnerability because the application fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script...