Eclipse BIRT 2.2.1 - run?__report Cross-Site Scripting

Eclipse BIRT 2.2.1 - run?report Cross-Site Scripting source: https://www.securityfocus.com/bid/36674/info Eclipse BIRT Business Intelligence and Reporting Tools is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage thi...

Dream Poll 3.1 - '/index.php' Cross-Site Scripting / SQL Injection

source: https://www.securityfocus.com/bid/36663/info Dream Poll is prone to a cross-site scripting vulnerability and multiple SQL-injection vulnerabilities. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modi...

Achievo 1.x - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities

source: https://www.securityfocus.com/bid/36661/info Achievo is prone to multiple cross-site scripting and HTML-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data. Attacker-supplied HTML or JavaScript code could run in the context of the affected site,...

Achievo 1.x - Multiple Cross-Site Scripting HTML Injection Vulnerabilities

Achievo 1.x - Multiple Cross-Site Scripting HTML Injection Vulnerabilities source: https://www.securityfocus.com/bid/36661/info Achievo is prone to multiple cross-site scripting and HTML-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data. Attacker-supplied HTML...

OpenSolution Quick.Cart - Local File Inclusion / Cross-Site Scripting

source: https://www.securityfocus.com/bid/42182/info Quick.Cart is prone to multiple local file-include vulnerabilities and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit the local file-include vulnerability using...

OpenSolution Quick.Cart - Local File Inclusion Cross-Site Scripting

OpenSolution Quick.Cart - Local File Inclusion Cross-Site Scripting source: https://www.securityfocus.com/bid/42182/info Quick.Cart is prone to multiple local file-include vulnerabilities and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attack...

e-Courier CMS - 'UserGUID' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/41970/info e-Courier CMS is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in...

e-Courier CMS - UserGUID Multiple Cross-Site Scripting Vulnerabilities

e-Courier CMS - UserGUID Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/41970/info e-Courier CMS is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to...

Microsoft Windows DNS Devolution Third-Level Domain Name Resolving Weakness (971888)

This host has Microsoft DNS Devolution and is prone to Third-Level Domain Name Resolving Weakness. OpenVAS Vulnerability Test $Id: secpodmsdnsdevolutionresolvingweakness.nasl 5363 2017-02-20 13:07:22Z cfi $ Microsoft Windows DNS Devolution Third-Level Domain Name Resolving Weakness 971888 Authors...

Vastal I-Tech DVD Zone - 'view_mag.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/36487/info DVD Zone is prone to an SQL-injection vulnerability and a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to steal cookie-based authentication...

Vastal I-Tech DVD Zone - 'view_mag.php' SQL Injection

source: https://www.securityfocus.com/bid/36487/info DVD Zone is prone to an SQL-injection vulnerability and a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to steal cookie-based authentication...

Juniper Junos 8.5/9.0 J-Web Interface - '/configuration' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/36537/info Juniper Networks JUNOS is prone to multiple cross-site scripting and HTML-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data to J-Web Juniper Web Management. Attacker-supplied HTML or JavaScript code could ru...

Juniper Junos 8.59.0 J - Web Interface PATH_INFO Cross-Site Scripting

Juniper Junos 8.59.0 J - Web Interface PATHINFO Cross-Site Scripting source: https://www.securityfocus.com/bid/36537/info Juniper Networks JUNOS is prone to multiple cross-site scripting and HTML-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data to J-Web Junip...

Vastal I-Tech DVD Zone - view_mag.php Cross-Site Scripting

Vastal I-Tech DVD Zone - viewmag.php Cross-Site Scripting source: https://www.securityfocus.com/bid/36487/info DVD Zone is prone to an SQL-injection vulnerability and a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could...

PaoLink 1.0 - 'scrivi.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/42420/info PaoLink is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of th...

PaoBacheca 2.1 - 'scrivi.php' URI Cross-Site Scripting

source: https://www.securityfocus.com/bid/42423/info PaoBacheca is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...

TuttoPHP Morris Guestbook - 'view.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/36415/info Morris Guestbook is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...

Mega File Hosting Script 1.2 - 'emaillinks.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/36413/info Mega File Hosting Script is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in...

PaoBacheca 2.1 - scrivi.php URI Cross-Site Scripting

PaoBacheca 2.1 - scrivi.php URI Cross-Site Scripting source: https://www.securityfocus.com/bid/42423/info PaoBacheca is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary scri...

PaoBacheca 2.1 - index.php URI Cross-Site Scripting

PaoBacheca 2.1 - index.php URI Cross-Site Scripting source: https://www.securityfocus.com/bid/42423/info PaoBacheca is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary scrip...