Phorum 5.2 - 'versioncheck.php?upgrade_available' Cross-Site Scripting

source: https://www.securityfocus.com/bid/34551/info Phorum is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied input. An attacker can exploit these issues to steal cookie-based authentication credentials and launch other...

MoziloCMS Local File Include and Cross Site Scripting Vulnerabilities

MoziloCMS is prone to a local file-include vulnerability and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit the local file-include vulnerability using directory-traversal strings to view and execute local files within the...

LinPHA 1.3.2/1.3.3 login.php XSS

LinPHA 1.3.2/1.3.3 login.php XSS. CVE-2008-6571. Webapps exploit for php platform source: http://www.securityfocus.com/bid/34500/info LinPHA is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input data. Attackers can leverage these...

Cisco Subscriber Edge Services Manager - Cross-Site Scripting HTML Injection

Cisco Subscriber Edge Services Manager - Cross-Site Scripting HTML Injection source: https://www.securityfocus.com/bid/34454/info Cisco Subscriber Edge Services Manager is prone to a cross-site scripting vulnerability and an HTML-injection vulnerability because it fails to sufficiently sanitize...

IBM Bladecenter Advanced Management Module 1.42 - Login 'Username' Cross-Site Scripting

source: https://www.securityfocus.com/bid/34447/info IBM BladeCenter Advanced Management Module is prone to the following remote vulnerabilities: - An HTML-injection vulnerability - A cross-site scripting vulnerability - An information-disclosure vulnerability - Multiple cross-site request-forger...

Xplode 'module_wrapper.asp' SQL Injection and Cross Site Scripting Vulnerabilities

Xplode is prone to an SQL-injection vulnerability and a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify...

Asbru Web Content Management 6.56.6.9 - SQL Injection Cross-Site Scripting

Asbru Web Content Management 6.56.6.9 - SQL Injection Cross-Site Scripting source: https://www.securityfocus.com/bid/34349/info Asbru Web Content Management is prone to multiple SQL-injection vulnerabilities and a cross-site scripting vulnerability because it fails to sufficiently sanitize...

Sun Java System Calendar Server 6 - command.shtml Cross-Site Scripting

Sun Java System Calendar Server 6 - command.shtml Cross-Site Scripting source: https://www.securityfocus.com/bid/34153/info Sun Java System Calendar Server is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this...

Turnkey eBook Store 1.1 - 'keywords' Cross-Site Scripting

source: https://www.securityfocus.com/bid/34324/info Turnkey eBook Store is prone to a cross-site scripting vulnerability. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site and to steal cookie-based...

Pixie CMS SQL Injection and Cross Site Scripting Vulnerabilities

Pixie CMS is prone to an SQL-injection vulnerability and a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modif...

Pixie CMS Multiple Vulnerabilities (Mar 2009) - Active Check

Pixie CMS is prone to an SQL injection SQLi vulnerability and a cross-site scripting XSS vulnerability because it fails to sufficiently sanitize user-supplied data. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C b...

Sun Java System Messenger Express 6.3-0.15 - 'error' Cross-Site Scripting

source: https://www.securityfocus.com/bid/34140/info Sun Java System Messenger Express is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

ejabberd -- cross-site scripting vulnerability

SecurityFocus reports: The ejabberd application is prone to a cross-site scripting vulnerability. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site and to steal cookie-based authentication credentials...

Multiple EditeurScripts Products 'msg' Parameter Cross Site Scripting Vulnerability

Multiple EditeurScripts products are prone to a cross-site scripting vulnerability because they fail to sufficiently sanitize user-supplied data. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective...

RevSense SQL Injection and Cross Site Scripting Vulnerabilities

RevSense is prone to an SQL-injection vulnerability and a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify...

Woltlab Burning Board <= 3.0.5 Multiple Input Validation Vulnerabilities - Active Check

Woltlab Burning Board is prone to multiple input-validation vulnerabilities. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Butterfly Organizer Multiple SQL Injection and Cross-Site Scripting Vulnerabilities

Butterfly Organizer is prone to multiple cross-site scripting and an SQL-injection vulnerability because the application fails to sufficiently sanitize user-supplied input. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application...

UMI CMS 2.7 - &#039;fields_filter&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/34018/info UMI CMS is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of...

Opera < 9.64 Multiple Vulnerabilities

Binary data 4945.prm...

Novaboard 1.0 - HTML Injection / Cross-Site Scripting

source: https://www.securityfocus.com/bid/33968/info NovaBoard is prone to an HTML-injection vulnerability and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage the issues to execute arbitrary script code in the browser of an...