Makale Scripti - Cross-Site Scripting

Makale Scripti - Cross-Site Scripting source: https://www.securityfocus.com/bid/27067/info Makale Scripti is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser...

OpenBiblio 0.x - theme_del_confirm.php?name Cross-Site Scripting

OpenBiblio 0.x - themedelconfirm.php?name Cross-Site Scripting source: https://www.securityfocus.com/bid/27053/info OpenBiblio is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied data. The issues include SQL-injection, cross-site scripting...

NetBizCity FaqMasterFlexPlus - faq.php Cross-Site Scripting

NetBizCity FaqMasterFlexPlus - faq.php Cross-Site Scripting source: https://www.securityfocus.com/bid/27051/info FaqMasterFlexPlus is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary...

Limbo CMS 1.0.4 - com_option Cross-Site Scripting

Limbo CMS 1.0.4 - comoption Cross-Site Scripting source: https://www.securityfocus.com/bid/27027/info Limbo CMS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...

Limbo CMS 1.0.4 - 'com_option' Cross-Site Scripting

source: https://www.securityfocus.com/bid/27027/info Limbo CMS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of...

Logaholic - update.php?page SQL Injection

Logaholic - update.php?page SQL Injection source: https://www.securityfocus.com/bid/27003/info Logaholic is prone to multiple input-validation vulnerabilities, including multiple SQL-injection issues, a cross-site scripting issue, and an HTML-injection issue. The issues occur because the...

Logaholic - index.php?conf Cross-Site Scripting

Logaholic - index.php?conf Cross-Site Scripting source: https://www.securityfocus.com/bid/27003/info Logaholic is prone to multiple input-validation vulnerabilities, including multiple SQL-injection issues, a cross-site scripting issue, and an HTML-injection issue. The issues occur because the...

Logaholic - 'index.php' SQL Injection

source: https://www.securityfocus.com/bid/27003/info Logaholic is prone to multiple input-validation vulnerabilities, including multiple SQL-injection issues, a cross-site scripting issue, and an HTML-injection issue. The issues occur because the application fails to sufficiently sanitize...

Logaholic - 'update.php?page' SQL Injection

source: https://www.securityfocus.com/bid/27003/info Logaholic is prone to multiple input-validation vulnerabilities, including multiple SQL-injection issues, a cross-site scripting issue, and an HTML-injection issue. The issues occur because the application fails to sufficiently sanitize...

Dokeos 1.x - forumviewthread.php?forum Cross-Site Scripting

Dokeos 1.x - forumviewthread.php?forum Cross-Site Scripting source: https://www.securityfocus.com/bid/26992/info Dokeos is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary...

Dokeos 1.x - '/work/work.php?display_upload_form Action origin' Cross-Site Scripting

source: https://www.securityfocus.com/bid/26992/info Dokeos is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...

Mambo 4.6.2 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/26922/info Mambo is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...

MOJO IWms 7 - default.asp Cookie Manipulation

MOJO IWms 7 - default.asp Cookie Manipulation source: https://www.securityfocus.com/bid/41746/info MOJO IWMS is prone to a cookie-manipulation vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this vulnerability could allow an attacker to masquerade as another...

Neuron News 1.0 - Multiple SQL Injections / Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/26896/info Neuron News is prone to multiple input-validation vulnerabilities, including an SQL-injection issue and two cross-site scripting issues, because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attack...

MOJO IWms 7 - 'default.asp' Cookie Manipulation

source: https://www.securityfocus.com/bid/41746/info MOJO IWMS is prone to a cookie-manipulation vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this vulnerability could allow an attacker to masquerade as another user. This may allow the attacker to steal...

SuSE 10 Security Update : Novell GroupWise client (ZYPP Patch Number 4494)

This update fixes a security vulnerability in the GroupWise system that allows a malicious user to intercept authentication credentials through a 'man in the middle' attack. CVE-2007-5195 / CVE-2007-5196 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C...

webSPELL 4.1.2 - calendar.php Multiple Cross-Site Scripting Vulnerabilities

webSPELL 4.1.2 - calendar.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/26787/info webSPELL is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to...

OpenNewsletter 2.5 - Compose.php Cross-Site Scripting

OpenNewsletter 2.5 - Compose.php Cross-Site Scripting source: https://www.securityfocus.com/bid/26745/info OpenNewsletter is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitra...

Absolute News Manager .NET 5.1 - xlaabsolutenm.aspx Multiple SQL Injections

Absolute News Manager .NET 5.1 - xlaabsolutenm.aspx Multiple SQL Injections source: https://www.securityfocus.com/bid/26692/info Absolute News Manager .NET is prone to multiple remote vulnerabilities, including multiple cross-site scripting, SQL-injection, and information-disclosure issues...

Absolute News Manager .NET 5.1 - getpath.aspx Direct Request Error Message Information

Absolute News Manager .NET 5.1 - getpath.aspx Direct Request Error Message Information source: https://www.securityfocus.com/bid/26692/info Absolute News Manager .NET is prone to multiple remote vulnerabilities, including multiple cross-site scripting, SQL-injection, and information-disclosure...