4775 matches found
firmCHANNEL Indoor Outdoor Digital Signage 3.24 - Cross-Site Scripting
firmCHANNEL Indoor Outdoor Digital Signage 3.24 - Cross-Site Scripting source: https://www.securityfocus.com/bid/32107/info firmCHANNEL Indoor & Outdoor Digital SIGNAGE is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may...
Opera Web Browser 9.62 - History Search Input Validation
Opera Web Browser 9.62 - History Search Input Validation source: https://www.securityfocus.com/bid/32015/info Opera Web Browser is prone to an input-validation vulnerability because of the way it stores data used for the History Search feature. Attacker-supplied HTML and script code would run in...
SonicWALL - Content Filtering Blocked Site Error Page Cross-Site Scripting
SonicWALL - Content Filtering Blocked Site Error Page Cross-Site Scripting source: https://www.securityfocus.com/bid/31998/info SonicWALL Content Filtering is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input when displaying URI...
KKE Info Media Kmita Gallery - Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/31970/info Kmita Gallery is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in...
Dorsa CMS - 'Default_.aspx' Cross-Site Scripting
source: https://www.securityfocus.com/bid/31992/info Dorsa CMS is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context ...
KKE Info Media Kmita Catalogue 2 - 'search.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/31968/info Kmita Catalogue is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the conte...
iPeGuestbook 1.72.0 - pg Cross-Site Scripting
iPeGuestbook 1.72.0 - pg Cross-Site Scripting source: https://www.securityfocus.com/bid/31911/info iPei Guestbook is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute arbitrary script co...
Jetbox CMS 2.1 - liste Cross-Site Scripting
Jetbox CMS 2.1 - liste Cross-Site Scripting source: https://www.securityfocus.com/bid/31890/info Jetbox CMS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the brows...
Adam Wright HTMLTidy 0.5 - html-tidy-logic.php Cross-Site Scripting
Adam Wright HTMLTidy 0.5 - html-tidy-logic.php Cross-Site Scripting source: https://www.securityfocus.com/bid/31908/info Adam Wright HTMLTidy is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute...
Habari 0.5.1 - habari_username Cross-Site Scripting
Habari 0.5.1 - habariusername Cross-Site Scripting source: https://www.securityfocus.com/bid/31794/info Habari is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute arbitrary script code ...
CVE-2008-4400
CVE-2008-4400 affects CA ARCserve Backup (BrightStor ARCserve Backup) r11.1–r12.0. The vulnerability is in asdbapi.dll and stems from insufficient validation of authentication credentials, allowing remote attackers to cause a denial of service by crashing multiple services. Remediation is availab...
Elxis CMS 2008.1 - PHPSESSID Variable Session Fixation
Elxis CMS 2008.1 - PHPSESSID Variable Session Fixation source: https://www.securityfocus.com/bid/31764/info Elxis CMS is prone to multiple cross-site scripting and session-fixation vulnerabilities because it fails to sufficiently sanitize user-supplied data. The application is also prone to a...
Elxis CMS 2008.1 - PHPSESSID Variable Session Fixation
source: https://www.securityfocus.com/bid/31764/info Elxis CMS is prone to multiple cross-site scripting and session-fixation vulnerabilities because it fails to sufficiently sanitize user-supplied data. The application is also prone to a session-fixation vulnerability. An attacker may leverage...
Proxim Tsunami MP.11 2411 Wireless Access Point - system.sysName.0 SNMP HTML Injection
Proxim Tsunami MP.11 2411 Wireless Access Point - system.sysName.0 SNMP HTML Injection source: https://www.securityfocus.com/bid/31666/info The Proxim Tsunami MP.11 2411 Wireless Access Point is prone to an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied input...
Authentication Capture: Telnet
This module provides a fake Telnet service that is designed to capture authentication credentials. DONTs and WONTs are sent to the client for all option negotiations, except for ECHO at the time of the password prompt since the server controls that for a bit more realism. This module requires...
Dreamcost HostAdmin 3.1 - index.php Cross-Site Scripting
Dreamcost HostAdmin 3.1 - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/31538/info Dreamcost HostAdmin is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute...
Dreamcost HostAdmin 3.1 - 'index.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/31538/info Dreamcost HostAdmin is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user...
WikyBlog 1.7.1 - Multiple Cross-Site Scripting Vulnerabilities
WikyBlog 1.7.1 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/31525/info WikyBlog is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute...
WikyBlog 1.7.1 - Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/31525/info WikyBlog is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...
MySQL 5 - Command Line Client HTML Special Characters HTML Injection
source: https://www.securityfocus.com/bid/31486/info MySQL is prone to an HTML-injection vulnerability because the application's command-line client fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code would run in...