4774 matches found
CruxCMS 3.0 - search.php Cross-Site Scripting
CruxCMS 3.0 - search.php Cross-Site Scripting source: https://www.securityfocus.com/bid/27588/info CruxCMS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browse...
AstroSoft HelpDesk - operatorarticlearticle_search_results.asp?txtSearch Cross-Site Scripting
AstroSoft HelpDesk - operatorarticlearticlesearchresults.asp?txtSearch Cross-Site Scripting source: https://www.securityfocus.com/bid/27610/info AstroSoft HelpDesk is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may...
AstroSoft HelpDesk - '/operator/article/article_search_results.asp?txtSearch' Cross-Site Scripting
source: https://www.securityfocus.com/bid/27610/info AstroSoft HelpDesk is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting use...
ITechClassifieds - viewcat.php?CatID SQL Injection
ITechClassifieds - viewcat.php?CatID SQL Injection source: https://www.securityfocus.com/bid/27574/info iTechClassifieds is prone to an input-validation vulnerability that may be exploited as a cross-site scripting issue or an SQL-injection issue. This issue occurs because the application fails t...
ITechClassifieds - viewcat.php?CatID Cross-Site Scripting
ITechClassifieds - viewcat.php?CatID Cross-Site Scripting source: https://www.securityfocus.com/bid/27574/info iTechClassifieds is prone to an input-validation vulnerability that may be exploited as a cross-site scripting issue or an SQL-injection issue. This issue occurs because the application...
AmpJuke 0.7 - index.php Cross-Site Scripting
AmpJuke 0.7 - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/27498/info AmpJuke is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code i...
SunGard Banner Student 7.3 - add1 Cross-Site Scripting
SunGard Banner Student 7.3 - add1 Cross-Site Scripting source: https://www.securityfocus.com/bid/27490/info Banner Student is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute arbitrary...
AmpJuke 0.7 - 'index.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/27498/info AmpJuke is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...
F5 BIG-IP Application Security Manager 9.4.3 - 'report_type' Cross-Site Scripting
source: https://www.securityfocus.com/bid/27462/info F5 BIG-IP Application Security Manager is prone to a cross-site scripting vulnerability because the web management interface fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in...
WebCalendar 1.1.6 - pref.php Cross-Site Scripting
WebCalendar 1.1.6 - pref.php Cross-Site Scripting source: https://www.securityfocus.com/bid/27461/info WebCalendar is prone to multiple HTML-injection and cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input before using it in dynamically...
Fonality trixbox 2.4.2 - Cross-Site Scripting (1)
source: https://www.securityfocus.com/bid/27460/info The 'trixbox' product is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an...
WebCalendar 1.1.6 - 'pref.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/27461/info WebCalendar is prone to multiple HTML-injection and cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script...
Novemberborn sIFR 2.0.2/3 - 'txt' Cross-Site Scripting
source: https://www.securityfocus.com/bid/27394/info Novemberborn sIFR is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting us...
DeluxeBB 1.1 - 'attachments_header.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/27401/info DeluxeBB is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...
MegaBBS 1.5.14b - upload.asp Cross-Site Scripting
MegaBBS 1.5.14b - upload.asp Cross-Site Scripting source: https://www.securityfocus.com/bid/27368/info MegaBBS is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script...
MegaBBS 1.5.14b - 'upload.asp' Cross-Site Scripting
source: https://www.securityfocus.com/bid/27368/info MegaBBS is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...
Nucleus CMS 3.22 - 'action.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/27492/info Nucleus CMS is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in...
phpAutoVideo 2.21 - index.php?cat Cross-Site Scripting
phpAutoVideo 2.21 - index.php?cat Cross-Site Scripting source: https://www.securityfocus.com/bid/27346/info phpAutoVideo is prone to a cross-site scripting vulnerability and a remote file-include vulnerability because it fails to properly sanitize user-supplied input. Attackers can exploit these...
phpAutoVideo 2.21 - sidebar.php?loadpage Remote File Inclusion
phpAutoVideo 2.21 - sidebar.php?loadpage Remote File Inclusion source: https://www.securityfocus.com/bid/27346/info phpAutoVideo is prone to a cross-site scripting vulnerability and a remote file-include vulnerability because it fails to properly sanitize user-supplied input. Attackers can exploi...
Clever Copy 3.0 - Multiple SQL Injections Cross-Site Scripting Vulnerabilities
Clever Copy 3.0 - Multiple SQL Injections Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/27335/info Clever Copy is prone to multiple input-validation vulnerabilities, including two SQL-injection issues and a cross-site scripting issue, because it fails to...