Jinzora 2.7.5 - ajax_request.php Multiple Cross-Site Scripting Vulnerabilities

Jinzora 2.7.5 - ajaxrequest.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/27876/info Jinzora is prone to multiple HTML-injection and cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. An attacker may...

Jinzora 2.7.5 - popup.php Multiple Cross-Site Scripting Vulnerabilities

Jinzora 2.7.5 - popup.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/27876/info Jinzora is prone to multiple HTML-injection and cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. An attacker may leverage...

Jinzora 2.7.5 - 'slim.php' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/27876/info Jinzora is prone to multiple HTML-injection and cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an...

Jinzora 2.7.5 - 'ajax_request.php' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/27876/info Jinzora is prone to multiple HTML-injection and cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an...

ProjectPier 0.8 - Multiple HTML Injection / Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/27857/info ProjectPier is prone to multiple HTML-injection and cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an...

RunCMS 1.6.1 - 'admin.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/27852/info RunCMS is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the conte...

Sophos Email Appliance 2.1 - Web Interface Multiple Cross-Site Scripting Vulnerabilities

Sophos Email Appliance 2.1 - Web Interface Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/27813/info Sophos Email Appliance is prone to multiple cross-site scripting vulnerabilities that affect its web interface because it fails to properly sanitize...

Dokeos 1.8.4 - whoisonline.php?id SQL Injection

Dokeos 1.8.4 - whoisonline.php?id SQL Injection source: https://www.securityfocus.com/bid/27792/info Dokeos is prone to multiple input-validation vulnerabilities including five SQL-injection issues, one HTML-injection issue, three cross-site scripting issues, and one arbitrary-file-upload issue...

Dokeos 1.8.4 - maincalendarmyagenda.php?courseCode Cross-Site Scripting

Dokeos 1.8.4 - maincalendarmyagenda.php?courseCode Cross-Site Scripting source: https://www.securityfocus.com/bid/27792/info Dokeos is prone to multiple input-validation vulnerabilities including five SQL-injection issues, one HTML-injection issue, three cross-site scripting issues, and one...

Dokeos 1.8.4 - 'main/inc/lib/events.lib.inc.php' Referer HTTP Header SQL Injection

source: https://www.securityfocus.com/bid/27792/info Dokeos is prone to multiple input-validation vulnerabilities including five SQL-injection issues, one HTML-injection issue, three cross-site scripting issues, and one arbitrary-file-upload issue. Attackers can exploit these issues to execute...

Dokeos 1.8.4 - 'whoisonline.php?id' SQL Injection

source: https://www.securityfocus.com/bid/27792/info Dokeos is prone to multiple input-validation vulnerabilities including five SQL-injection issues, one HTML-injection issue, three cross-site scripting issues, and one arbitrary-file-upload issue. Attackers can exploit these issues to execute...

Sophos Email Appliance 2.1 - Web Interface Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/27813/info Sophos Email Appliance is prone to multiple cross-site scripting vulnerabilities that affect its web interface because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage...

JSPWiki 2.4.104 / 2.5.139 Multiple Remote Vulnerabilities

Exploit for jsp platform in category web applications ========================================================= JSPWiki 2.4.104 / 2.5.139 Multiple Remote Vulnerabilities ========================================================= JSPWiki Multiple Vulnerabilities Vendor: Janne Jalkanen JSPWiki –...

PK-Designs PKs Movie Database 3.0.3 - '/index.php' SQL Injection / Cross-Site Scripting

source: https://www.securityfocus.com/bid/27713/info PKs Movie Database is prone to a cross-site scripting vulnerability and an SQL-injection vulnerability because the application fails to sufficiently sanitize user-supplied input. Exploiting these issues could allow an attacker to steal...

S9Y Serendipity Freetag-plugin 2.95 - 'style' Cross-Site Scripting

source: https://www.securityfocus.com/bid/27697/info Serendipity Freetag-plugin is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue could allow an attacker to steal cookie-based authentication credentials and to laun...

Calimero.CMS 3.3 - 'id' Cross-Site Scripting

source: https://www.securityfocus.com/bid/27690/info Calimero.CMS is prone to a cross-site scripting vulnerability. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal...

Pagetool 1.07 - search_term Cross-Site Scripting

Pagetool 1.07 - searchterm Cross-Site Scripting source: https://www.securityfocus.com/bid/27653/info Pagetool is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...

MyNews 1.6.x - 'hash' Cross-Site Scripting

source: https://www.securityfocus.com/bid/27652/info MyNews is prone to a cross-site scripting vulnerability. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal...

HispaH YouTube Clone - load_message.php Cross-Site Scripting

HispaH YouTube Clone - loadmessage.php Cross-Site Scripting source: https://www.securityfocus.com/bid/27598/info HispaH Youtube Clone is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to...

AstroSoft HelpDesk - operatorarticlearticle_attachment.asp?Attach_Id Cross-Site Scripting

AstroSoft HelpDesk - operatorarticlearticleattachment.asp?AttachId Cross-Site Scripting source: https://www.securityfocus.com/bid/27610/info AstroSoft HelpDesk is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may...