Smart Survey 1.0 - surveyresults.asp Cross-Site Scripting

Smart Survey 1.0 - surveyresults.asp Cross-Site Scripting source: https://www.securityfocus.com/bid/30841/info Smart Survey is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script...

MatterDaddy Market 1.1 - 'login.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/30848/info MatterDaddy Market is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...

Bluemoon inc. PopnupBlog 3.30 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/30827/info Bluemoon inc. PopnupBlog is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecti...

One-News - Multiple Input Validation Vulnerabilities

One-News - Multiple Input Validation Vulnerabilities source: https://www.securityfocus.com/bid/30804/info One-News is prone to multiple input-validation vulnerabilities, including an SQL-injection issue and multiple HTML-injection issues. The vulnerabilities occur because the application fails to...

One-News - Multiple Input Validation Vulnerabilities

source: https://www.securityfocus.com/bid/30804/info One-News is prone to multiple input-validation vulnerabilities, including an SQL-injection issue and multiple HTML-injection issues. The vulnerabilities occur because the application fails to sufficiently sanitize user-supplied data. Exploiting...

PicturesPro Photo Cart 3.9 - Search Cross-Site Scripting

source: https://www.securityfocus.com/bid/30798/info Photo Cart is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...

TimeTrex Time 2.2 and Attendance Module - Multiple Cross-Site Scripting Vulnerabilities

TimeTrex Time 2.2 and Attendance Module - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/30789/info TimeTrex is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may...

TimeTrex Time 2.2 and Attendance Module - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/30789/info TimeTrex is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting...

PunBB 1.2.x - 'p' Parameter Multiple Cross-Site Scripting Vulnerabilities

PunBB 1.2.x 'p' Parameter Multiple Cross-Site Scripting Vulnerabilities. Webapps exploit for php platform source: http://www.securityfocus.com/bid/31082/info PunBB is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may...

vBulletin 3.6.103.7.2 - $newpm[title] Cross-Site Scripting

vBulletin 3.6.103.7.2 - $newpmtitle Cross-Site Scripting source: https://www.securityfocus.com/bid/30777/info vBulletin is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary...

Vanilla 1.1.4 - HTML Injection Cross-Site Scripting

Vanilla 1.1.4 - HTML Injection Cross-Site Scripting source: https://www.securityfocus.com/bid/30748/info Vanilla is prone to multiple HTML-injection vulnerabilities and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage these...

Ovidentia 6.6.5 - index.php Cross-Site Scripting

Ovidentia 6.6.5 - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/30735/info Ovidentia is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute arbitrary script code...

Intrinsic Swimage Encore does not securely manage login credentials

Overview Intrinsic Swimage Encore has an unencrypted, hardcoded, default password that could allow an attacker access to protected data. Description Intrinsic Swimage Encore automates remote desktop, server, and device deployment. This product includes both a server and a client solution. The...

AWStats 6.8 - 'AWStats.pl' Cross-Site Scripting

source: https://www.securityfocus.com/bid/30730/info AWStats is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...

Mambo Open Source 4.6.2 - mambotseditorsmostlyce PHPconnector.php?Query String Cross-Site Scripting

Mambo Open Source 4.6.2 - mambotseditorsmostlyce PHPconnector.php?Query String Cross-Site Scripting source: https://www.securityfocus.com/bid/30708/info Mambo is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may...

FlexCMS 2.5 - inc-core-admin-editor-previouscolorsjs.php Cross-Site Scripting

FlexCMS 2.5 - inc-core-admin-editor-previouscolorsjs.php Cross-Site Scripting source: https://www.securityfocus.com/bid/30709/info FlexCMS is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue t...

Mambo Open Source 4.6.2 - administratorpopupsindex3pop.php?mosConfig_sitename Cross-Site Scripting

Mambo Open Source 4.6.2 - administratorpopupsindex3pop.php?mosConfigsitename Cross-Site Scripting source: https://www.securityfocus.com/bid/30708/info Mambo is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverag...

FlexCMS 2.5 - 'inc-core-admin-editor-previouscolorsjs.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/30709/info FlexCMS is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...

Nortel Networks SRG V16 - 'modules.php?module' Cross-Site Scripting

source: https://www.securityfocus.com/bid/30687/info Navboard is prone to multiple local file-include vulnerabilities and a cross-site scripting vulnerability. An attacker can exploit the local file-include vulnerability using directory-traversal strings to execute local script code in the contex...

Datafeed Studio 1.6.2 - search.php Cross-Site Scripting

Datafeed Studio 1.6.2 - search.php Cross-Site Scripting source: https://www.securityfocus.com/bid/30660/info Datafeed Studio is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute arbitrar...