SamTodo 1.1 - 'tid' Cross-Site Scripting

source: https://www.securityfocus.com/bid/29568/info SamTodo is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of th...

WyMIEN PHP 1.0 - index.php Cross-Site Scripting

WyMIEN PHP 1.0 - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/29551/info WyMIEN PHP is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...

PHP Address Book 3.1.5 - Multiple SQL Injections / Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/29560/info PHP Address Book is prone to multiple cross-site scripting and SQL-injection vulnerabilities because the application fails to sufficiently sanitize user-supplied input. Exploiting these issues could allow an attacker to steal cookie-based...

CVE-2008-1033

The scheduler in CUPS in Apple Mac OS X 10.5 before 10.5.3, when debug logging is enabled and a printer requires a password, allows attackers to obtain sensitive information credentials by reading the log data, related to "authentication environment variables."...

DotNetNuke 4.8.3 - Default.aspx Cross-Site Scripting

DotNetNuke 4.8.3 - Default.aspx Cross-Site Scripting source: https://www.securityfocus.com/bid/29437/info DotNetNuke is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary...

xerox-xss.txt

XEROX DocuShare URL XSS Injection Vulnerabilities Xerox DocuShare is a flexible Web-based content management solution that brings greater productivity to every knowledge worker. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...

Xerox DocuShare 6 - dsdndswebSearchResults URI Cross-Site Scripting

Xerox DocuShare 6 - dsdndswebSearchResults URI Cross-Site Scripting source: https://www.securityfocus.com/bid/29430/info Xerox DocuShare is prone to multiple cross-site scripting vulnerabilities. An attacker may leverage these issues to execute arbitrary script code in the browser of an...

Xerox DocuShare 6 - docushare/dsweb/ServicesLib/Group URI Cross-Site Scripting

source: https://www.securityfocus.com/bid/29430/info Xerox DocuShare is prone to multiple cross-site scripting vulnerabilities. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the...

Xerox DocuShare 6 - dsdn/dsweb/SearchResults URI Cross-Site Scripting

source: https://www.securityfocus.com/bid/29430/info Xerox DocuShare is prone to multiple cross-site scripting vulnerabilities. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the...

Calcium 3.10/4.0.4 - 'Calcium40.pl' Cross-Site Scripting

source: https://www.securityfocus.com/bid/29411/info Calcium is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of th...

Tr Script News 2.1 - 'news.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/29388/info Tr Script News is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in t...

Campus Bulletin Board 3.4 - post3book.asp?review SQL Injection

Campus Bulletin Board 3.4 - post3book.asp?review SQL Injection source: https://www.securityfocus.com/bid/29375/info Campus Bulletin Board is prone to multiple input-validation vulnerabilities, including multiple SQL-injection issues and a cross-site scripting issue, because it fails to sufficient...

Campus Bulletin Board 3.4 - post3view.asp?id SQL Injection

Campus Bulletin Board 3.4 - post3view.asp?id SQL Injection source: https://www.securityfocus.com/bid/29375/info Campus Bulletin Board is prone to multiple input-validation vulnerabilities, including multiple SQL-injection issues and a cross-site scripting issue, because it fails to sufficiently...

Campus Bulletin Board 3.4 - post3book.asp?review Cross-Site Scripting

Campus Bulletin Board 3.4 - post3book.asp?review Cross-Site Scripting source: https://www.securityfocus.com/bid/29375/info Campus Bulletin Board is prone to multiple input-validation vulnerabilities, including multiple SQL-injection issues and a cross-site scripting issue, because it fails to...

miniCWB 2.1.1 - 'connector.php' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/29368/info miniCWB is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...

Campus Bulletin Board 3.4 - '/post3/view.asp?id' SQL Injection

source: https://www.securityfocus.com/bid/29375/info Campus Bulletin Board is prone to multiple input-validation vulnerabilities, including multiple SQL-injection issues and a cross-site scripting issue, because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could...

Campus Bulletin Board 3.4 - '/post3/book.asp?review' SQL Injection

source: https://www.securityfocus.com/bid/29375/info Campus Bulletin Board is prone to multiple input-validation vulnerabilities, including multiple SQL-injection issues and a cross-site scripting issue, because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could...

Horde Multiple Product - 'day.php?Timestamp' Cross-Site Scripting

source: https://www.securityfocus.com/bid/29365/info Horde Kronolith is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user i...

PHPFreeForum 1.0 rc2 - error.php?message Cross-Site Scripting

PHPFreeForum 1.0 rc2 - error.php?message Cross-Site Scripting source: https://www.securityfocus.com/bid/29337/info phpFreeForum is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute...

PHPFreeForum 1.0 rc2 - partmenu.php Multiple Cross-Site Scripting Vulnerabilities

PHPFreeForum 1.0 rc2 - partmenu.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/29337/info phpFreeForum is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage thes...