Blogsa 1.0 - Widgets.aspx Cross-Site Scripting

Blogsa 1.0 - Widgets.aspx Cross-Site Scripting source: https://www.securityfocus.com/bid/33957/info Blogsa is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the...

Yektaweb Academic Web Tools CMS 1.4.2.81.5.7 - Multiple Cross-Site Scripting Vulnerabilities

Yektaweb Academic Web Tools CMS 1.4.2.81.5.7 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/33944/info Yektaweb Academic Web Tools CMS is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input...

Blogsa 1.0 - 'Widgets.aspx' Cross-Site Scripting

source: https://www.securityfocus.com/bid/33957/info Blogsa is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of...

Irokez Blog 0.7.3.2 - Multiple Input Validation Vulnerabilities

Irokez Blog 0.7.3.2 - Multiple Input Validation Vulnerabilities source: https://www.securityfocus.com/bid/33931/info Irokez Blog is prone to multiple input-validation vulnerabilities: - A cross-site scripting issue - An SQL-injection issue - Multiple remote file-include issues Exploiting these...

Irokez Blog 0.7.3.2 - Multiple Input Validation Vulnerabilities

source: https://www.securityfocus.com/bid/33931/info Irokez Blog is prone to multiple input-validation vulnerabilities: - A cross-site scripting issue - An SQL-injection issue - Multiple remote file-include issues Exploiting these issues could allow an attacker to steal cookie-based authenticatio...

IBM Websphere Application Server 6.17.0 - Administrative Console Cross-Site Scripting

IBM Websphere Application Server 6.17.0 - Administrative Console Cross-Site Scripting source: https://www.securityfocus.com/bid/34001/info IBM WebSphere Application Server WAS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker m...

Magento 1.2 - appcodecoreMageAdminModelSession.php?login[Username] Cross-Site Scripting

Magento 1.2 - appcodecoreMageAdminModelSession.php?loginUsername Cross-Site Scripting source: https://www.securityfocus.com/bid/33872/info Magento is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. Attacker-supplied HTML and...

Magento 1.2 - '/app/code/core/Mage/Admin/Model/Session.php?login['Username']' Cross-Site Scripting

source: https://www.securityfocus.com/bid/33872/info Magento is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. Attacker-supplied HTML and script code would execute in the context of the affected site, potentially allowing the...

Magento 1.2 - 'downloader/index.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/33872/info Magento is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. Attacker-supplied HTML and script code would execute in the context of the affected site, potentially allowing the...

FotoWeb 6.0 - Grid.fwx?search Cross-Site Scripting

FotoWeb 6.0 - Grid.fwx?search Cross-Site Scripting source: https://www.securityfocus.com/bid/33677/info FotoWeb is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. Attacker-supplied HTML and script code would execute in the...

Novell QuickFinder Server - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/33708/info Novell QuickFinder Server is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage these issues to execute arbitrary script code in the browser of an...

BBSXP 5.13 - error.asp Cross-Site Scripting

BBSXP 5.13 - error.asp Cross-Site Scripting source: https://www.securityfocus.com/bid/33411/info BBSXP is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser...

OBLOG - err.asp Cross-Site Scripting

OBLOG - err.asp Cross-Site Scripting source: https://www.securityfocus.com/bid/33416/info OBLOG is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

OBLOG - 'err.asp' Cross-Site Scripting

source: https://www.securityfocus.com/bid/33416/info OBLOG is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of t...

BBSXP 5.13 - 'error.asp' Cross-Site Scripting

source: https://www.securityfocus.com/bid/33411/info BBSXP is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of t...

MoinMoin 1.8 - AttachFile.py Cross-Site Scripting

MoinMoin 1.8 - AttachFile.py Cross-Site Scripting source: https://www.securityfocus.com/bid/33365/info MoinMoin is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute arbitrary script code...

Apache JackRabbit 1.4/1.5 Content Repository (JCR) - 'swr.jsp?q' Cross-Site Scripting

source: https://www.securityfocus.com/bid/33360/info Apache Jackrabbit is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting...

Apache JackRabbit 1.4/1.5 Content Repository (JCR) - 'search.jsp?q' Cross-Site Scripting

source: https://www.securityfocus.com/bid/33360/info Apache Jackrabbit is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting...

Blog Manager - 'categoryId' Cross-Site Scripting

source: https://www.securityfocus.com/bid/33314/info DMXReady Blog Manager is prone to a cross-site scripting vulnerability and an SQL-injection vulnerability because the application fails to sufficiently sanitize user-supplied input. Exploiting these issues could allow an attacker to steal...

Active Bids - search Cross-Site Scripting

Active Bids - search Cross-Site Scripting source: https://www.securityfocus.com/bid/33306/info Active Auction House and Active Auction Pro are prone to SQL-injection and cross-site scripting vulnerabilities because they fail to sufficiently sanitize user-supplied data. Exploiting these issues cou...