Absolute News Manager .NET 5.1 - pagesdefault.aspx?template Remote File Access

Absolute News Manager .NET 5.1 - pagesdefault.aspx?template Remote File Access source: https://www.securityfocus.com/bid/26692/info Absolute News Manager .NET is prone to multiple remote vulnerabilities, including multiple cross-site scripting, SQL-injection, and information-disclosure issues...

Absolute News Manager .NET 5.1 - '/pages/default.aspx?template' Cross-Site Scripting

source: https://www.securityfocus.com/bid/26692/info Absolute News Manager .NET is prone to multiple remote vulnerabilities, including multiple cross-site scripting, SQL-injection, and information-disclosure issues. Attackers can exploit these issues to steal cookie-based authentication...

Absolute News Manager .NET 5.1 - 'getpath.aspx' Direct Request Error Message Information

source: https://www.securityfocus.com/bid/26692/info Absolute News Manager .NET is prone to multiple remote vulnerabilities, including multiple cross-site scripting, SQL-injection, and information-disclosure issues. Attackers can exploit these issues to steal cookie-based authentication...

phpMyChat 0.14.5 - 'chat/deluser.php3?LIMIT' Cross-Site Scripting

source: https://www.securityfocus.com/bid/26698/info phpMyChat is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...

bcoos 1.0.10 - ratephoto.php SQL Injection

bcoos 1.0.10 - ratephoto.php SQL Injection source: https://www.securityfocus.com/bid/26629/info The 'bcoos' program is prone to multiple input-validation vulnerabilities, including SQL-injection issues and cross-site scripting issues, because it fails to sufficiently sanitize user-supplied data...

bcoos 1.0.10 - 'ratephoto.php' SQL Injection

source: https://www.securityfocus.com/bid/26629/info The 'bcoos' program is prone to multiple input-validation vulnerabilities, including SQL-injection issues and cross-site scripting issues, because it fails to sufficiently sanitize user-supplied data. These issues affect the application's arcad...

ht://Dig 3.2 - Htsearch Cross-Site Scripting

source: https://www.securityfocus.com/bid/26610/info ht://Dig is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue allows an attacker to execute arbitrary HTML or script code in a user's browser session in the context...

PHPSlideShow 0.9.9 - Directory Cross-Site Scripting

PHPSlideShow 0.9.9 - Directory Cross-Site Scripting source: https://www.securityfocus.com/bid/26575/info PHPSlideShow is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue allows attackers to execute arbitrary HTML or...

FMDeluxe 2.1 - index.php Cross-Site Scripting

FMDeluxe 2.1 - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/26587/info FMDeluxe is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue allows an attacker to execute arbitrary HTML or script...

GWExtranet 3.0 - Scp.dll Multiple HTML Injection Vulnerabilities

GWExtranet 3.0 - Scp.dll Multiple HTML Injection Vulnerabilities source: https://www.securityfocus.com/bid/26582/info GWExtranet is prone to multiple HTML-injection vulnerabilities because the application fails to sufficiently sanitize user-supplied input data before using it in dynamically...

Tilde 4.0 - 'Aarstal' Cross-Site Scripting

source: https://www.securityfocus.com/bid/26592/info Tilde is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...

FMDeluxe 2.1 - 'index.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/26587/info FMDeluxe is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue allows an attacker to execute arbitrary HTML or script code in a user's browser session in the context...

VBTube 1.1 - Search Cross-Site Scripting

source: https://www.securityfocus.com/bid/26566/info VBTube is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue allows attackers to execute arbitrary HTML or script code in a user's browser session in the context of ...

MySpace Scripts Poll Creator - index.php HTML Injection

MySpace Scripts Poll Creator - index.php HTML Injection source: https://www.securityfocus.com/bid/26544/info MySpace Scripts Poll Creator is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated...

E-vanced Solutions E-vents 5.0 - Multiple Input Validation Vulnerabilities

source: https://www.securityfocus.com/bid/26526/info E-vanced Solutions E-vents is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials,...

Aruba MC-800 Mobility Controller - Screens Directory HTML Injection

Aruba MC-800 Mobility Controller - Screens Directory HTML Injection source: https://www.securityfocus.com/bid/26465/info Aruba MC-800 Mobility Controller is prone to an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied input data. Exploiting this issue may allow...

WordPress Plugin WP-SlimStat 0.9.2 - Cross-Site Scripting

WordPress Plugin WP-SlimStat 0.9.2 - Cross-Site Scripting source: https://www.securityfocus.com/bid/26432/info WP-SlimStat Plugin for WordPress is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this...

VTLS Web Gateway 48.1 - Searchtype Cross-Site Scripting

VTLS Web Gateway 48.1 - Searchtype Cross-Site Scripting source: https://www.securityfocus.com/bid/26419/info Web Gateway is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code...

WordPress Plugin WP-SlimStat 0.9.2 - Cross-Site Scripting

source: https://www.securityfocus.com/bid/26432/info WP-SlimStat Plugin for WordPress is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

VTLS Web Gateway 48.1 - 'Searchtype' Cross-Site Scripting

source: https://www.securityfocus.com/bid/26419/info Web Gateway is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context o...