Clever Copy 3.0 - Multiple SQL Injections / Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/27335/info Clever Copy is prone to multiple input-validation vulnerabilities, including two SQL-injection issues and a cross-site scripting issue, because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacke...

PHP Running Management 1.0.2 - 'index.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/27268/info PHP Running Management is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in th...

Moodle 1.8.3 - install.php Cross-Site Scripting

Moodle 1.8.3 - install.php Cross-Site Scripting source: https://www.securityfocus.com/bid/27259/info Moodle is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the brows...

simple-xss.txt

HSC Simple Machines Forum Cross-Site Scripting Vulnerabilities Vulnerabilities Simple Machines Forum allows attackers to exploiting this vulnerability by cross-site scripting and they will be able to obtain detailed information. This may help the attacker steal cookie-based authentication...

Joomla! Component SMF Forum 1.1.4 - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/27218/info Joomla-SMF Forum is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user ...

IceWarp Mail Server 9.1.1 - '/admin/index.html' Cross-Site Scripting

source: https://www.securityfocus.com/bid/27189/info IceWarp Mail Server is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...

snitz-multi.txt

HSC Snitz Forums Multiple Vulnerabilities Snitz Forums Default Database installation allows remote users to download the database which contains critical information. As a result, an attacker exploiting this vulnerability will be able to obtain detailed information. An attacker may leverage xss...

Microsoft Expression Media Plaintext Password Storage Weakness

CVE-2007-5470 Microsoft Expression Media is prone to a weakness because passwords are stored in plain-text format. This issue stems from a design error in the catalog password-protection feature. Attackers could use this issue in conjunction with other vulnerabilities in a host to gain access to...

WordPress 2.2.3 - wp-adminpage-new.php?popuptitle Cross-Site Scripting

WordPress 2.2.3 - wp-adminpage-new.php?popuptitle Cross-Site Scripting source: https://www.securityfocus.com/bid/27123/info WordPress is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execu...

Rotabanner Local 2/3 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/27138/info Rotabanner Local is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an...

WordPress Core 2.2.3 - '/wp-admin/post.php?popuptitle' Cross-Site Scripting

source: https://www.securityfocus.com/bid/27123/info WordPress is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...

WordPress Core 2.2.3 - '/wp-admin/edit.php?backup' Cross-Site Scripting

source: https://www.securityfocus.com/bid/27123/info WordPress is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...

ExpressionEngine 1.2.1 - HTTP Response Splitting Cross-Site Scripting

ExpressionEngine 1.2.1 - HTTP Response Splitting Cross-Site Scripting source: https://www.securityfocus.com/bid/27128/info ExpressionEngine is prone to an HTTP-response-splitting vulnerability and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An...

MilliScripts - dir.php Cross-Site Scripting

MilliScripts - dir.php Cross-Site Scripting source: https://www.securityfocus.com/bid/27078/info MilliScripts is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...

LiveCart 1.0.1 - return Cross-Site Scripting (1)

LiveCart 1.0.1 - return Cross-Site Scripting 1 source: https://www.securityfocus.com/bid/27087/info LiveCart is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code ...

LiveCart 1.0.1 - 'return' Cross-Site Scripting (2)

source: https://www.securityfocus.com/bid/27087/info LiveCart is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...

LiveCart 1.0.1 - 'email' Cross-Site Scripting

source: https://www.securityfocus.com/bid/27087/info LiveCart is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...

LiveCart 1.0.1 - 'q' Cross-Site Scripting

source: https://www.securityfocus.com/bid/27087/info LiveCart is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...

LiveCart 1.0.1 - 'return' Cross-Site Scripting (1)

source: https://www.securityfocus.com/bid/27087/info LiveCart is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...

MilliScripts - 'dir.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/27078/info MilliScripts is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context ...