ImageVue 1.7 - upload.php?path Cross-Site Scripting

ImageVue 1.7 - upload.php?path Cross-Site Scripting source: https://www.securityfocus.com/bid/28138/info Imagevue is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute...

Neptune Web Server 3.0 - 404 Error Page Cross-Site Scripting

source: https://www.securityfocus.com/bid/28148/info Neptune Web Server is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...

ImageVue 1.7 - 'upload.php?path' Cross-Site Scripting

source: https://www.securityfocus.com/bid/28138/info Imagevue is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting...

ImageVue 1.7 - 'dir2.php?path' Cross-Site Scripting

source: https://www.securityfocus.com/bid/28138/info Imagevue is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting...

ImageVue 1.7 - 'popup.php?path' Cross-Site Scripting

source: https://www.securityfocus.com/bid/28138/info Imagevue is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting...

Podcast Generator 0.96.2 - 'set_permissions.php' Cross-Site Scripting Vulnerability

Podcast Generator 0.96.2 'setpermissions.php' Cross-Site Scripting Vulnerability. CVE-2008-1212. Webapps exploit for php platform source: http://www.securityfocus.com/bid/28106/info Podcast Generator is prone to a cross-site scripting vulnerability because it fails to adequately sanitize...

MG2 - 'list' Cross-Site Scripting

source: https://www.securityfocus.com/bid/28098/info MG2 is prone to a cross-site scripting vulnerability because it fails to adequately sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the...

Flyspray 0.9.9 - Information DisclosureHTML Injection Cross-Site Scripting

Flyspray 0.9.9 - Information DisclosureHTML Injection Cross-Site Scripting source: https://www.securityfocus.com/bid/28076/info Flyspray is prone to an information-disclosure issue, an HTML-injection issue, and multiple cross-site scripting vulnerabilities because it fails to properly sanitize...

TorrentTrader 1.08 - 'msg' HTML Injection

source: https://www.securityfocus.com/bid/28082/info TorrentTrader is prone to an HTML-injection vulnerability because it fails to adequately sanitize user-supplied input. Attacker-supplied HTML or JavaScript code could run in the context of the affected site, potentially allowing the attacker to...

Flicks Software AuthentiX 6.3b1 - Username Multiple Cross-Site Scripting Vulnerabilities

Flicks Software AuthentiX 6.3b1 - Username Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/28040/info Flicks Software AuthentiX is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker...

Flicks Software AuthentiX 6.3b1 - 'Username' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/28040/info Flicks Software AuthentiX is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an...

Alkacon OpenCMS 7.0.3 - tree_files.jsp Cross-Site Scripting

Alkacon OpenCMS 7.0.3 - treefiles.jsp Cross-Site Scripting source: https://www.securityfocus.com/bid/27986/info Alkacon OpenCms is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute...

Eagle Software Aeries Student Information System 3.7.2.23.8.2.8 - ClassList.asp?Term SQL Injection

Eagle Software Aeries Student Information System 3.7.2.23.8.2.8 - ClassList.asp?Term SQL Injection source: https://www.securityfocus.com/bid/27924/info Aeries Student Information System is prone to multiple input-validation vulnerabilities, including multiple SQL-injection issues and an...

Eagle Software Aeries Student Information System 3.7.2.23.8.2.8 - GradebookStuScores.asp?GrdBk SQL Injection

Eagle Software Aeries Student Information System 3.7.2.23.8.2.8 - GradebookStuScores.asp?GrdBk SQL Injection source: https://www.securityfocus.com/bid/27924/info Aeries Student Information System is prone to multiple input-validation vulnerabilities, including multiple SQL-injection issues and an...

Eagle Software Aeries Student Information System 3.7.2.23.8.2.8 - Labels.asp?Term SQL Injection

Eagle Software Aeries Student Information System 3.7.2.23.8.2.8 - Labels.asp?Term SQL Injection source: https://www.securityfocus.com/bid/27924/info Aeries Student Information System is prone to multiple input-validation vulnerabilities, including multiple SQL-injection issues and an HTML-injecti...

Plume CMS 1.2.2 - '/manager/xmedia.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/27999/info Plume CMS is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...

Eagle Software Aeries Student Information System 3.7.2.2/3.8.2.8 - 'Comments.asp?FC' SQL Injection

source: https://www.securityfocus.com/bid/27924/info Aeries Student Information System is prone to multiple input-validation vulnerabilities, including multiple SQL-injection issues and an HTML-injection issue, because it fails to sufficiently sanitize user-supplied data. Exploiting these issues...

IBM Lotus Quickr QuickPlace Server 8.0 - Calendar 'Count' Cross-Site Scripting

source: https://www.securityfocus.com/bid/27925/info IBM Lotus Quickr is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting use...

Eagle Software Aeries Student Information System 3.7.2.2/3.8.2.8 - 'ClassList.asp?Term' SQL Injection

source: https://www.securityfocus.com/bid/27924/info Aeries Student Information System is prone to multiple input-validation vulnerabilities, including multiple SQL-injection issues and an HTML-injection issue, because it fails to sufficiently sanitize user-supplied data. Exploiting these issues...

Eagle Software Aeries Student Information System 3.7.2.2/3.8.2.8 - 'GradebookStuScores.asp?GrdBk' SQL Injection

source: https://www.securityfocus.com/bid/27924/info Aeries Student Information System is prone to multiple input-validation vulnerabilities, including multiple SQL-injection issues and an HTML-injection issue, because it fails to sufficiently sanitize user-supplied data. Exploiting these issues...