GlassFish Enterprise Server 2.1 - Admin Console configurationauditModuleEdit.jsf?name Cross-Site Scripting

GlassFish Enterprise Server 2.1 - Admin Console configurationauditModuleEdit.jsf?name Cross-Site Scripting source: https://www.securityfocus.com/bid/34824/info GlassFish Enterprise Server is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize...

VerliAdmin 0.3 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/34845/info VerliAdmin is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspectin...

GlassFish Enterprise Server 2.1 - Admin Console /customMBeans/customMBeans.jsf URI Cross-Site Scripting

source: https://www.securityfocus.com/bid/34824/info GlassFish Enterprise Server is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. Attacker-supplied HTML and script code would run in the context of the affected site, potential...

Axigen Mail Server HTML Injection Vulnerability

Axigen Mail Server is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input. Attacker-supplied HTML and script code would run in the context of the affected site, potentially allowing the attacker to steal cookie-based authentication...

Atmail WebMail <= 5.6.1 (5.61) webadmin/admin.php Multiple Parameter XSS

The version of Atmail WebMail running on the remote host is vulnerable to multiple cross-site scripting issues. 'webadmin/admin.php' fails to sanitize input to the 'func' parameter, and to the 'type' parameter when 'func' is set to 'stats'. This is known to affect version 5.6.1 5.61 and may affec...

Invision Power Board (IP.Board) 3.0 - Multiple HTML Injection / Information Disclosure Vulnerabilities

source: https://www.securityfocus.com/bid/34725/info Invision Power Board is prone to an information-disclosure issue and multiple HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to determine path information or to...

Flat Calendar 1.1 - &#039;add.php&#039; HTML Injection

source: https://www.securityfocus.com/bid/34688/info Flat Calendar is prone to an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied data. Attacker-supplied HTML or JavaScript code could run in the context of the affected site, potentially allowing the attacker t...

SAP cFolders - Cross-Site Scripting / HTML Injection

source: https://www.securityfocus.com/bid/34658/info SAP cFolders is prone to multiple cross-site scripting and HTML-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data. Attacker-supplied HTML or JavaScript code could run in the context of the affected site,...

Online Contact Manager 3.0 - email.php?id Cross-Site Scripting

Online Contact Manager 3.0 - email.php?id Cross-Site Scripting source: https://www.securityfocus.com/bid/34626/info Online Contact Manager is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues ...

Online Contact Manager 3.0 - index.php?showGroup Cross-Site Scripting

Online Contact Manager 3.0 - index.php?showGroup Cross-Site Scripting source: https://www.securityfocus.com/bid/34626/info Online Contact Manager is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these...

Online Contact Manager 3.0 - delete.php?id Cross-Site Scripting

Online Contact Manager 3.0 - delete.php?id Cross-Site Scripting source: https://www.securityfocus.com/bid/34626/info Online Contact Manager is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues...

Online Contact Manager 3.0 - &#039;view.php?id&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/34626/info Online Contact Manager is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the browser of an...

Online Contact Manager 3.0 - &#039;edit.php?id&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/34626/info Online Contact Manager is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the browser of an...

Online Photo Pro 2.0 - &#039;section&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/34625/info Online Photo Pro is prone to a cross-site scripting vulnerability. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site and to steal cookie-based...

Online Contact Manager 3.0 - &#039;email.php?id&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/34626/info Online Contact Manager is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the browser of an...

Apache Geronimo 2.1.x - consoleportal URI Cross-Site Scripting

Apache Geronimo 2.1.x - consoleportal URI Cross-Site Scripting source: https://www.securityfocus.com/bid/34562/info Apache Geronimo Application Server is prone to multiple remote vulnerabilities: - Multiple directory-traversal vulnerabilities - A cross-site scripting vulnerability - Multiple...

Phorum 5.2 - adminbadwords.php?curr Cross-Site Scripting

Phorum 5.2 - adminbadwords.php?curr Cross-Site Scripting source: https://www.securityfocus.com/bid/34551/info Phorum is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied input. An attacker can exploit these issues to steal...

Apache Geronimo 2.1.x - Cross-Site Request Forgery (Multiple Admin Function)

Apache Geronimo 2.1.x - Cross-Site Request Forgery Multiple Admin Function source: https://www.securityfocus.com/bid/34562/info Apache Geronimo Application Server is prone to multiple remote vulnerabilities: - Multiple directory-traversal vulnerabilities - A cross-site scripting vulnerability -...

Apache Geronimo 2.1.x - Cross-Site Request Forgery (Multiple Admin Function)

source: https://www.securityfocus.com/bid/34562/info Apache Geronimo Application Server is prone to multiple remote vulnerabilities: - Multiple directory-traversal vulnerabilities - A cross-site scripting vulnerability - Multiple HTML-injection vulnerabilities - A cross-site request-forgery...

Phorum 5.2 - &#039;/admin/users.php&#039; Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/34551/info Phorum is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied input. An attacker can exploit these issues to steal cookie-based authentication credentials and launch other...